PHP - Session Isn't Passing To New Page?
I'm building a login page that then redirects to a new page. But it seems the session isn't working. But I don't know much about sessions, so I'm not sure what I might be doing wrong.
The login page sets the session with this code: Code: [Select] // Fetch the result - This will tell us whether this user exists $userExists = mysql_fetch_assoc($doQuery); // If user exists log them in if($userExists){ mysql_free_result($doQuery); mysql_close(); // Set the SESSION variables $_SESSION['first_name'] = $userExists['first_name']; $_SESSION['id'] = $userExists['id']; The page that it redirects to is this: Code: [Select] <?php session_start(); if(isset($_SESSION['id'])) { echo "<html><body><p> You are now logged in,{$_SESSION['ID']}.</p>"; } else { echo 'something went wrong'; exit(); } ob_end_flush(); ?> Similar TutorialsHi, I have a user/password protected page that displays a list of clients. When clicking on them you're redirected to the client record update page. This is how I am linking to taht page now: Code: [Select] <a href="DIST_clientes_update.php?id_cliente=<?php echo $row_clients_RS['id_cliente']; ?>The problem with this is that the client id is appended to the url and so if the user chnges it will be able to access records from a different user...and I dont want that. So I have created a session: Code: [Select] $_SESSION["idCliente"] = $row_clients_RS['id_cliente'];but how do I pass it to the update page without showing in the url? Thanks I have my php pages set up like this: 1. log in with login.php 2. that sends you to main.php 3. in main.php, there are links to page-a.php, page-b.php, page-c.php, etc. when you type in a password at login.php, it passes your input to main.php. the correct password is hardcoded in main.php. if it matches, a session variable is set, which should be able to be used on page-a.php, page-b.php, page-c.php, etc. to verify that whoever accesses those pages has gone through the login process. if the session variable doesn't match (or null) the user is redirected to the login page. also the session variable is checked (recursively) when accessing main.php, just like the other pages. the problem is, it's as if each page starts over. the session variable does not make it beyond the page that sets it. it should be passed on to the next page but it's not. I used an echo statement in page-a.php to verify and rem'd out the rest of the code. no echo because session value is null, page goes on to load the html. without the code rem'd out it redirects the user to login.php. code: LOGIN.PHP <? session_start(); if(isset($_SESSION['aaa'])) unset($_SESSION['aaa']); ?> <html> <head> <title>title</title> </head> <body> <table width="400" align="center" border="0" bordercolor="#000099" bordercolordark="#000066" bordercolorlight="#6666FF"> <tr bgcolor="#B0C4DE"> <td> <form action="main.php" method="POST"> <p align="center"><strong><font size="2" face="Verdana, Arial, Helvetica, sans-serif" color="#FFFFFF"><br> Password</font></strong> <input name="pwfield" type="password" value size="20" maxlength=20> <input type="submit" value="Login"></p> </form> </td></tr></table> </body></html> MAIN.PHP <? if ($_SESSION['aaa']!="abcdef") { $password="twinkies"; if ($_POST["pwfield"]==$password) $_SESSION['aaa']="abcdef"; // successful login else {header("Location: login.php"); exit();} } ?> <html> <head> <title>title</title> </head> <body> <a href="page-a.php">Page A</a> <a href="page-b.php">Page B</a> <a href="page-c.php">Page C</a> </body></html> PAGE-A.PHP <? echo $_SESSION['aaa']; //if ($_SESSION['aaa']!="abcdef") //header("Location: login.php"); //exit(); ?> <html> <head> <title>title</title> </head> <body> ... Having some problems with PHP session i currently use cookies to log users in, but i have decided to use php session instead but i can get it to work, it simply dose not pass the variables unless include session id in every single link on my website, can anyone tell me where i am going wrong these are the session setting from php.in session.use_cookies = 1 session.use_only_cookies = 0 session.name = usersesid session.auto_start = 1 session.cookie_lifetime = 0 session.referer_check = 1 session.cache_expire = 180 session.use_trans_sid = 1 Hello, we got a site running in to different servers, the other one is a sub domain that will be use as internal pages and the other one is external. As of that I need to pass session to see if a user details.
Is there a another secure way to pass session data to other server without storing on the database?
I have a script that was written and tested on another server, but now when I transferred it to the live server, session values are not being passed. I made a couple test pages to check and confirmed that the only issue is the session variables. Here is the test I performed. Please tell me what I'm missing: page1.php <? session_start(); $_SESSION['var1'] = 'testing'; print_r($_SESSION); ?> Returns: Array ( [var1] => testing ) page2.php <? session_start(); print_r($_SESSION); ?> Returns: Array () Alright, So i want to pass a session from www.mysite.com to mobile.mysite.com And i'm doing so by calling this on the top of every page on each site: <?php session_set_cookie_params(360000, "/",".mysite.com"); session_start(); print_r($_SESSION); ?> yet, the session data that is set on one subdomain is NOT printed on the other subdomain. I've even tried destroying the sessions several times to start over. But it won't work. What could be up? Thanks Hi All, I am using the uploadify script available at http://uploadify.com/ Now I can get the file uploads working fine with the script below: Code: [Select] <?php session_start(); ?> <link href="/uploadify/uploadify.css" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="/uploadify/jquery-1.3.2.min.js"></script> <script type="text/javascript" src="/uploadify/swfobject.js"></script> <script type="text/javascript" src="/uploadify/jquery.uploadify.v2.1.0.min.js"></script> <input id="fileInput" name="fileInput" type="file" /> <script type="text/javascript">// <![CDATA[ $(document).ready(function() { $('#fileInput').uploadify({ 'uploader' : '/uploadify/uploadify.swf', 'script' : '/uploadify/uploadify.php', 'cancelImg' : '/uploadify/cancel.png', 'auto' : true, 'folder' : '<?php echo $_SESSION['filepath']."/downloads/"; ?>', 'multi' : true }); }); // ]]></script> The problem that I am having is that I also store the mysql connection details in session vars (they change depending on who logs in). I have tried a number of ways of "passing" these session vars to the uploadify.php file which does the grunt work of the uploading, but I can never seem to access them. I obviously dont want to pass them to the uploadify.php script through the js because that will show my credentials in the source code. So, the question is, how can I access these session vars in the called file. I assume its a combination of session_write_end() and session_start() but I havent got the right combination yet. Hola, I'm trying to create a web form to insert info into my database using session variables. I'm at my wits end at this point. The reset button does its job but when you click submit it doesn't do anything. I'm using the template from the lynda.com essential php web form tutorials. Any help would be appreciated Here is the client-side header code I'm working with, <?php header("Expires: Thu, 17 May 2001 10:17:17 GMT"); // Date in the past header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // always modified header ("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header ("Pragma: no-cache"); // HTTP/1.0 session_start(); if (!isset($_SESSION['SESSION'])) require ( "include/session_init.php"); $arVal = array(); require_once("include/session_funcs1.php"); // make sure the seesion vars are initialized... reset ($arVal); while (list ($key, $val) = each ($arVal)) { if (!isset($_SESSION[$key])) $_SESSION[$key] = ""; } if ($_SESSION["eventgenre_sel"] == "") $_SESSION["eventgenre_sel"] = 0; // if the bFlg is true then some validation problems in the data. // namely a blank field or a submission without the feedback page. // just present a general error... $flg = ""; $error = ""; if (isset($HTTP_GET_VARS["flg"])) $flg = $HTTP_GET_VARS["flg"]; switch ($flg) { case "red": $error = "<br><font class=\"txt12_red\">Please fill out all the required fields.<br>Please Try Again.<BR></font>"; break; case "blue": $error = "<br><font class=\"txt12_red\">Your Session has Expired.<br>Please Try Again.</font><BR>"; break; case "pink": $error = "<br><font class=\"txt12_red\"><BR>The Special Code you entered is not valid.<br>Please Try Again or Leave that field blank.</font><BR>"; break; case "white": $error = "<br><font class=\"txt12_red\"><BR>The fields are too long for our Database.<br>Please correct your data via this form.</font><BR>"; break; default: $error = ""; } ?> <?php echo $_SERVER['SCRIPT_NAME']."<BR>"; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link rel="stylesheet" type="text/css" href="detect800.css"/> <link rel="stylesheet" type="text/css" href="detect1024.css"/> <script type="text/javascript" src="jquery.js"></script> <script type="text/javascript" src="detect.js"></script> <link href="http://ajax.googleapis.com/ajax/libs/jqueryui/1.7.2/themes/base/ui.all.css" rel="stylesheet" type="text/css" /> <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script> <script src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.0/jquery-ui.min.js" type="text/javascript"></script> <script src="jquery.ui.datetimepicker.js" type="text/javascript"></script> <script type="text/javascript"> $(function() { $('#eventdate').datetimepicker(); }); </script> <script src="imageflow.js" type="text/javascript"></script> <script src="highslide-full.js" type="text/javascript"></script> <script src="autosuggest.js" type="text/javascript"></script> <script type="text/javascript"> hs.graphicsDir = 'graphics/'; </script> <script language="javascript"> function SubmitForm() { var form = document.forms[0]; var bRequired = true; if((form.eventname.value.length < 1) || (form.eventvenue.value.length < 1) || (form.eventdate.value.length < 1) || (form.eventgenre.value.length < 1) || (form.eventprice.value.length < 1) || (form.eventpromoter.value.length < 1) || (form.eventflyer.value.length < 1)) { alert("Please fill out all the required fields."); bRequired = false; } if (!bRequired) return false; form.eventgenre_sel.value = form.state.selectedIndex; form.submit(); } function ResetForm() { var form = document.forms[0]; form.eventname.value = ""; form.eventvenue.value = ""; form.eventdate.value = ""; form.eventgenre.value = ""; form.eventprice.value = ""; form.eventpromoter.value = ""; form.eventflyer.value = ""; form.eventgenre_sel.value = ""; } </script> </head> This is the client side form code <form action="scripts/register.php" method="post" name="userevent" id="userevent"> <input name="eventgenre_sel" type="hidden" id="eventgenre_sel" value="<?php echo $_SESSION['eventgenre_sel'] ?>" /> <?php echo $error; ?> <fieldset> <label for="eventname" accesskey="n" ><span>Event Name</span> <input type="text" name="eventname" id="eventname" value="<?php echo $_SESSION['eventname_sel'] ?>" size="32" maxlength="30" /></label> <div id="autosuggest"><ul><li></li></ul></div> <label for="eventvenue" accesskey="v" ><span>Event Venue</span> <input type="text" name="eventvenue" id="eventvenue" size="32" value="<?php echo $_SESSION['eventvenue'] ?>" maxlength="30" /></label> <script type="text/javascript"> var venues = new Array("Republik", "HiFi Club", "Bamboo Tiki Room", "Tantra", "Jubilee Auditorium", "Ironwood Stage & Grill", "Broken City", "Soda", "Amsterdam Rhino", "Olympic Plaza", "Stampede Casino", "Habitat Living Sound", "Cantos Music Foundation", "Flames Central", "Prince's Island Park", "Beat Niq Jazz & Social Club", "Giuseppe's Italian Market", "BLVD", "Fourth on 4th", "Opus on 8th", "Local 510", "Local 522", "Raw Bar", "Jupiter Restaurant & Bar", "Vern's", "Lord Nelson's", "Kings Head Pub", "Blind Beggar Pub", "Viscous Circle", "Milk Tiger Lounge", "Pengrowth Saddledome", "Tubby Dog", "Marquee Room", "Distillery Public House", "Cafe Koi", "Mikey's Juke Joint & Eatery", "Palomino", "Atlantic Trap & Gill", "Drake Inn", "Radiopark Music Room", "Rusty Cage South", "Big Al's Good Times Bar", "Rose & Crown", "Tudor Rose Pub", "Elbow River Casino & Lounge", "Rusty Cage Central", "Rusty Cage South", "Rusty Cage North", "Olive Grove", "Shamrock Hotel", "Woody's Taphouse Southland", "Woody's Taphouse Country Hills", "Murrieta's West Coast Bar & Grill", "Stageline Saloon", "Pig & Pint", "Ranchman's", "Red Pepper Pub", "Stavro's Steak House & Lounge Ranchlands", "Stageline Saloon", "Whiskey"); new AutoSuggest(document.getElementById("eventvenue"),venues); </script> <label for="eventdate" accesskey="d" ><span>Event Date</span> <input type="text" name="eventdate" id="eventdate" value="<?php echo $_SESSION['eventdate'] ?>" size="32" maxlength="30" /></label> <label for="eventgenre" accesskey="g" ><span>Event Genre</span> <select name="eventgenre" id="eventgenre"> <option value="none">--select one--</option> <option value="HipHop">Hip-Hop</option> <option value="Funk">Funk</option> <option value="Soul">Soul</option> <option value="Metal">Metal</option> <option value="Punk">Punk</option> <option value="Blues">Blues</option> <option value="Jazz">Jazz</option> <option value="Trance">Trance</option> <option value="Breaks">Breaks</option> <option value="Electro">Electro</option> <option value="House">House</option> <option value="DNB">Drum'N'Bass</option> <option value="Dubstep">Dubstep</option> <option value="Lounge">Lounge</option> <option value="Top40">Top 40</option> </select> </label> <label for="eventprice" accesskey="p" ><span id="eventprice">Event Price</span> <input type="text" name="eventprice" id="eventprice" value="<?php echo $_SESSION['eventprice'] ?>" size="6" maxlength="4"/></label> <label for="eventpromoter" accesskey="c" ><span id="eventpromoter">Event Promoter</span> <input type="text" name="eventpromoter" id="eventpromoter" value="<?php echo $_SESSION['eventpromoter'] ?>" size="25" maxlength="23"/></label> <label for="eventflyer" accesskey="f" ><span id="eventflyer">Event Flyer (jpg or png MAX 300kb)</span> <input type="file" name="eventflyer" id="eventflyer" value="<?php echo $_SESSION['eventflyer'] ?>" size="25" maxlength="23"/></label> <input type="button" name="Reset" value="Reset" onclick="ResetForm();"> <input type="button" name="Submit" value="Submit" onsubmit="return validateForm(this);" onclick="SubmitForm(); return false; " > </fieldset> </form> <script language="javascript"> // set the selection box values... var form = document.forms[0]; form.eventgenre.selectedIndex = parseInt("<?php echo $_SESSION['eventgenre_sel'] ?>"); </script> And this is the server-side code. <?php $debug = FALSE; /************************************************************ Adjust the headers... ************************************************************/ header("Expires: Thu, 17 May 2001 10:17:17 GMT"); // Date in the past header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // always modified header ("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header ("Pragma: no-cache"); // HTTP/1.0 /***************************************************************************** Check the session details. we will store all the post variables in session variables this will make it easier to work with the verification routines *****************************************************************************/ session_start(); if (!isset($_SESSION['SESSION'])) require_once( "include/session_init.php" ); $arVal = array(); require_once("include/session_funcs1.php"); reset ($_POST); while (list ($key, $val) = each ($_POST)) { if ($val == "") $val = "NULL"; $arVals[$key] = (get_magic_quotes_gpc()) ? $val : addslashes($val); if ($val == "NULL") $_SESSION[$key] = NULL; else $_SESSION[$key] = $val; if ($debug) echo $key . " : " . $arVals[$key] . "<br>"; } /********************************************************************************************** Make sure session variables have been set and then check for required fields otherwise return to the registration form to fix the errors. **********************************************************************************************/ // check to see if these variables have been set... if ((!isset($_SESSION["eventname"])) || (!isset($_SESSION["eventvenue"])) || (!isset($_SESSION["eventdate"])) || (!isset($_SESSION["eventgenre"])) || (!isset($_SESSION["eventprice"])) || (!isset($_SESSION["eventpromoter"])) || (!isset($_SESSION["eventflyer"]))) { resendToForm("?flg=red"); } // form variables must have something in them... if ($_SESSION['eventname'] == "" || $_SESSION['eventvenue'] == "" || $_SESSION['eventdate'] == "" || $_SESSION['eventgenre'] == "" || $_SESSION['eventprice'] == "" || $_SESSION['eventpromoter'] == "" || $_SESSION['eventflyer'] == "") { resendToForm("?flg=red"); } // make sure fields are within the proper range... if (strlen($_SESSION['eventname']) > 35 || strlen($_SESSION['eventvenue']) > 35 || strlen($_SESSION['eventdate']) > 35 || strlen($_SESSION['eventgenre']) > 35 || strlen($_SESSION['eventprice']) > 35 || strlen($_SESSION['eventpromoter']) > 35 || strlen($_SESSION['eventflyer']) > 35 ) { resendToForm("?flg=white"); } /********************************************************************************************** Insert into the database... **********************************************************************************************/ $query = "INSERT INTO td_events (seventname, seventvenue, seventdate, seventgenre, seventprice, seventpromoter, seventflyer) " ."VALUES (".$arVals['eventname'].", ".$arVals['eventvenue'].", ".$arVals['eventdate'].", ".$arVals['eventgenre'] .", ".$arVals['eventprice'].", ".$arVals['eventpromoter'].", ".$arVals['eventflyer'].")"; //echo $query; $result = mysql_query($query) or die("Invalid query: " . mysql_error() . "<br><br>". $query); $insertid = mysql_insert_id(); /*** This following function will update session variables and resend to the form so the user can fix errors ***/ function resendToForm($flags) { reset ($_POST); // store variables in session... while (list ($key, $val) = each ($_POST)) { $_SESSION[$key] = $val; } // go back to the form... //echo $flags; header("Location: ./user_registration.php".$flags); exit; } ?> <p>SUCCESS!<br> The event was entered in the database!<br> You probably want to redirect to a thank you page or send an email to the user for confirmation.<br> <br> <br> Here are the variables...<br> <?php reset ($arVals); while (list ($key, $val) = each ($arVals)) { echo $key . " : " . $arVals[$key] . "<br>"; } echo "<br><br>The SQL Statment was:<br>"; echo $query."<br><br><br><br>"; ?> </p> <p> </p> <p> </p> <p> </p> <p> </p> <p> </p> <p> </p> <p> </p> <?php /********************************************************************************************** CREATES THUMBNAIL **********************************************************************************************/ //define a maxim size for the uploaded images define ("MAX_SIZE","1024"); // define the width and height for the thumbnail // note that theese dimmensions are considered the maximum dimmension and are not fixed, // because we have to keep the image ratio intact or it will be deformed define ("WIDTH","500"); define ("HEIGHT","650"); // this is the function that will create the thumbnail image from the uploaded image // the resize will be done considering the width and height defined, but without deforming the image function make_thumb($img_name,$filename,$new_w,$new_h) { //get image extension. $ext=getExtension($img_name); //creates the new image using the appropriate function from gd library if(!strcmp("jpg",$ext) || !strcmp("jpeg",$ext) || !strcmp("JPG",$ext)) $src_img=imagecreatefromjpeg($img_name); if(!strcmp("png",$ext) || !strcmp("PNG",$ext)) $src_img=imagecreatefrompng($img_name); //gets the dimmensions of the image $old_x=imageSX($src_img); $old_y=imageSY($src_img); // next we will calculate the new dimmensions for the thumbnail image // the next steps will be taken: // 1. calculate the ratio by dividing the old dimmensions with the new ones // 2. if the ratio for the width is higher, the width will remain the one define in WIDTH variable // and the height will be calculated so the image ratio will not change // 3. otherwise we will use the height ratio for the image // as a result, only one of the dimmensions will be from the fixed ones $ratio1=$old_x/$new_w; $ratio2=$old_y/$new_h; if($ratio1>$ratio2) { $thumb_w=$new_w; $thumb_h=$old_y/$ratio1; } else { $thumb_h=$new_h; $thumb_w=$old_x/$ratio2; } // we create a new image with the new dimmensions $dst_img=ImageCreateTrueColor($thumb_w,$thumb_h); // resize the big image to the new created one imagecopyresampled($dst_img,$src_img,0,0,0,0,$thumb_w,$thumb_h,$old_x,$old_y); // output the created image to the file. Now we will have the thumbnail into the file named by $filename if(!strcmp("png",$ext)) imagepng($dst_img,$filename); else imagejpeg($dst_img,$filename); //destroys source and destination images. imagedestroy($dst_img); imagedestroy($src_img); } // This function reads the extension of the file. // It is used to determine if the file is an image by checking the extension. function getExtension($str) { $i = strrpos($str,"."); if (!$i) { return ""; } $l = strlen($str) - $i; $ext = substr($str,$i+1,$l); return $ext; } // This variable is used as a flag. The value is initialized with 0 (meaning no error found) // and it will be changed to 1 if an error occurs. If the error occurs the file will not be uploaded. $errors=0; // checks if the form has been submitted if(isset($_POST['Submit'])) { //reads the name of the file the user submitted for uploading $image=$_FILES['eventflyer']['name']; // if it is not empty if ($image) { // get the original name of the file from the clients machine $filename = stripslashes($_FILES['eventflyer']['name']); // get the extension of the file in a lower case format $extension = getExtension($filename); $extension = strtolower($extension); // if it is not a known extension, we will suppose it is an error, print an error message // and will not upload the file, otherwise we continue if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "JPG") && ($extension != "PNG") && ($extension != "png")) { echo '<h1>Unknown extension!</h1>'; $errors=1; } else { // get the size of the image in bytes // $_FILES[\'image\'][\'tmp_name\'] is the temporary filename of the file in which // the uploaded file was stored on the server $size=getimagesize($_FILES['eventflyer']['tmp_name']); $sizekb=filesize($_FILES['eventflyer']['tmp_name']); //compare the size with the maxim size we defined and print error if bigger if ($sizekb > MAX_SIZE*500) { echo '<h1>You have exceeded the size limit!</h1>'; $errors=1; } //we will give an unique name, for example the time in unix time format $image_name=$filename; //the new name will be containing the full path where will be stored (images folder) $newname="flyers/".$image_name; $copied = copy($_FILES['eventflyer']['tmp_name'], $newname); //we verify if the image has been uploaded, and print error instead if (!$copied) { echo '<h1>Copy unsuccessfull!</h1>'; $errors=1; } else { // the new thumbnail image will be placed in images/thumbs/ folder $thumb_name='flyers/thumb_'.$image_name; // call the function that will create the thumbnail. The function will get as parameters // the image name, the thumbnail name and the width and height desired for the thumbnail $thumb=make_thumb($newname,$thumb_name,WIDTH,HEIGHT); }} }} //If no errors registred, print the success message and show the thumbnail image created if(isset($_POST['Submit']) && !$errors) { echo "<h1>Thumbnail created Successfully!</h1>"; echo '<img src="'.$thumb_name.'">'; } ?> Some code from my pages ,
Page1 ( Redirecting page )
<html> <title>login_redirect.</title> body> <form name="redirect" action="http://mysite/page2.php" method="post"> <input type="hidden" name="mac" value="$(mac)"> </form> <script language="JavaScript"> <!-- document.redirect.submit(); //--> </script> </body> </html>Page 2 ( select product ) <?php session_start(); ini_set('display_errors',1); error_reporting(E_ALL); include '../lib/config.php'; include '../lib/opendb.php'; // get user mac adres from redirect post page1 $_SESSION['macid'] = $_POST['mac']; // set $macid for other use ( maybe not needed, am learning ) $macid = $_SESSION['macid']; // echo $macid does show mac adress, so variable is not empty here if (!empty($_POST["submit"])) { $product_choice = $_POST['accounttype']; $query= "SELECT AccountIndex, AccountCost, AccountName FROM AccountTypes WHERE AccountIndex='$product_choice'"; $result = mysql_query($query) or die('Query failed. ' . mysql_error()); while($row = mysql_fetch_array($result)) { $_SESSION['AccountIndex'] = $row['AccountIndex']; $_SESSION['AccountCost'] = $row['AccountCost']; $_SESSION['AccountName'] = $row['AccountName']; } header('Location: page3.php'); } // did leave out the other/html/form stuff herePage 3 ( show Session variables ) <?php ini_set('display_errors',1); error_reporting(E_ALL); session_start(); print_r($_SESSION); ?>Now, on page 3 i do see the right session varables, only the "macid" is empty. why ? ONE of my SESSION values isn't remaining after login while others do. This works fine on my localhost, it's on the live site that there is a problem and it just started yesterday. Before that it worked great. Out of the four SESSIONs made I can only echo three values on other pages, member id the most important doesn't transfered to other pages Notes: all these files are in the same folder, there is a SESSION started for the member id on the login page, you can see that it is used in the redirect below and the redirect works fine with the redirect going to the correct page " $home/member/index.php?user=$id_mem " Here is the login page // Here's the basic login page info <?php # login.php session_start(); ob_start() ...connect to db & header called... ...Form validation..... if ($e && $p) { // If everything's OK. // Query the database: $q = "SELECT id_mem, display_name, mem_group FROM sn_members WHERE (email='$e' AND password=SHA1('$p')) AND active IS NULL"; $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc)); // or die("Error: ".mysqli_error($dbc)); if (@mysqli_num_rows($r) == 1) { // If a match was made. // Register the values & redirect: // Give SELECTED elements a session $_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC); $_SESSION['agent'] = md5($_SERVER['HTTP_USER_AGENT']); mysqli_free_result($r); // Update db for last login $id_mem = $_SESSION['id_mem']; // <<< SESSION member id has a value here because it's used in the redirect below $ip = $_SERVER['REMOTE_ADDR']; // Get ip address of person logging in $q = "UPDATE sn_members SET last_login = Now(), ip = '$ip' WHERE id_mem = '$id_mem' LIMIT 1"; $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc)); header("Location: $home/member/index.php?user=$id_mem"); exit(); // Quit the script. } ?> Here is the main page that a user would be redirect to above <?php // /member/ all member info is through this folder session_start(); ob_start(); if (isset($_GET['user']) && is_numeric($_GET['user'])) { $user = $_GET['user']; $user = $user; if ($user < 0) { header("Location: $home/index.php"); exit(); } } if ((!isset($_SESSION['id_mem'])) && (!isset($_SESSION['agent']) OR ($_SESSION['agent'] != md5($_SERVER['HTTP_USER_AGENT'])))){ // If not a logged in member redirect header("Location: $home/index.php"); exit(); // Quit the script. } ?> Thanks in advance for the help SJ I cannot figure this out and I know I'm just looking past the obvious... I am creating a simple "you are now leaving this website" page, Everything is setup, and all urls pointing to http://mysite.com?exit=http://externalsite.com, It should redirect to my exit.php which will redirect to the external site after 5 seconds. The problem is, the "http://" of the external site is causing a 403 forbidden, and even without it, anything with multiple &s isn't passing through. I cannot figure out how to get it to pass the full url to the exit.php... Hi, I am trying to display a variable that is supposedly created in a different page. Here is the code. But it is not displaying in the next page: ADMIN_login.PHP - Page URL <form name="form2" action="admin_login_success.php" method="post"> <?php $host="localhost"; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name="test"; // Database name $tbl_name="masterschoolinfo"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $myusername=$_POST['adminusername']; $mypassword=$_POST['adminpassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE school_username='$myusername' and school_password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:Admin_login_success.php"); } else { header( 'Location: Adminportal.PHP' ) ; } ?> </form> admin_login_success.php - Next page where the variable is to be displayed based on the username provided in the above page: <html><body> <?php include 'mysql-connect.php'; $schoolID=mysql_query("select SCHOOLID from masterschoolinfo WHERE school_username='$myusername' and school_password='$mypassword'") or die(mysql_error()); while($row = mysql_fetch_array( $schoolID )) { // Print out the contents of each row into a table echo "<tr><td>"; echo $row['SCHOOLID']; echo "</td></tr>"; } ?> </body></html> CAN SOMEONE HELP ME?? i have this code in a form, i need to pass a variable $time to next page, how can i do that ? if( $sErr ) print "<script language='javascript' type='text/javascript'>location.href='#error';</script>";;; else: print "<script language='javascript' type='text/javascript'>location.href='paypal.php';</script>";;; I have a php script which is viewed with ajax. The script does some important things and I want to make sure that it's viewed by only the ajax and now the user so I was thinking I'd need to pass a code from the main page using a GET in either php or more likely javascript, as I don't want the user to be able to see the code and then be able to just copy it and view the script with it. I've tried to sort this by saving Math.random() to the database by using ajax using a separate file, then underneath it use it to access the file like this: Code: [Select] function saveCode() { var xmlHttp = connect(); if(xmlHttp != false) {var code = Math.random(); xmlHttp.open('GET', '/inc/battle/saveCode.php?i='+code, true); xmlHttp.onreadystatechange = function() { if(xmlHttp.readyState == 4) { battleLog = xmlHttp.responseText; battleList = battleLog.split('\n'); battleCount = battleList.length; addLine(); } } xmlHttp.send('null'); } This would save the code to the database, then with a separate function, namely endBattle() the variable code would be used to access a file called endBattle.php?i= where this script would compare the code from the GET variable to the code in the database. However, I realised before finishing this that the user could manually set the code to whatever they want through the saveCode.php page, then view the endBattle.php Does anyone have any ideas how else I could validate my endBattle.php page so that users couldn't view it in their browser to run it? Forgive me if this is in the completely wrong forum, I just thought I'd see whether there were any php methods of doing this. Thanks! Hello, I'm trying to build a small project; and as part of it - I want users to search and when presented with relevant enteries in the SQL database - they should be able to click and retrieve a page dedicated to that entity. The problem I am having is in passing the 'id' of the search result onto the next (description) page. Code: [Select] $SQL = "SELECT * FROM loads"; $result = mysql_query($SQL); while ($db_field = mysql_fetch_assoc($result)) { $clickid = $_GET['id']; print $db_field['id'] ."<a href=\"load_info.php?id=$id" . $id . "\" target=\"_self\" title=\"\">More Info</a>;"; print $db_field['depart:'] . "<BR>"; print $db_field['dest'] . "<BR>"; } I thought it was easy enough to pass the variable like above ("load_info.php?id=$id) and then grab it on the next page like so: $val = $_GET['clickid']; Unfortunately, it doesn't retrieve the info from the page before. If I insert a number in there, it does work correctly, but I really need the ID of the database entry to pass on so as to provide the user with further information. If anyone could help it would be appreciated. L. I'm using PHP and MySQL to display images on the first page.
When the image is clicked on I'm passing an ID to a new page.
I want that ID to display the ID data that's associated with that ID.
For example:
ID 1 should display - Title - title1, Details - details1, image - image1
and ID 2
ID 1 should dislay - Title - title2, Details - details2, image - image2
But only displaying ID 1 data not matter if the URL is - website.com/thedetials.php?id=1 or website.com/thedetials.php?id=2
In other words, it displays the same data even though the id in the URL is different.
Page 1
$sql="SELECT * FROM thetable"; $result = mysqli_query($con,$sql); echo " <ul>"; while($row = mysqli_fetch_array($result) { echo "<li'>"; echo "<a href='page2.php?id=$row[id]'><img src=$row[image]></a>"; echo "</li>"; } echo "</ul>"; ?> <?php // End while loop. mysqli_close($con); ?>Page 2 $id = $_GET['id']; $sql="SELECT id, title, details, image, FROM thetable"; $result = mysqli_query($con,$sql); $row = mysqli_fetch_array($result); ?> <?php echo $row['title'] ?> <?php echo $row['details'] ?> <img class='projectItem-pic' src="<?php echo $row['image']?>">If I use below - No data displays, not sure why. $sql="SELECT * FROM thetable WHERE id = $id";Can someone tell me what I'm doing wrong? Edited by patmon, 08 June 2014 - 09:22 PM. Hey people, I know this is going back to basics but i'm just learning and want to make sure I do it all correctly. I want to pass variable's from one page to another. Now currently say I wanted to hold the users age and email address from his record in the database from page A and pass it to page B for it to be displayed back to him I would store each in their own session variable (so for the purpose of the explanation session_user_email=me@email.com and session_user_age=18. On page B I would then call the session and store it in a variable then destroy the session. Just out of curiosity is the the best way to pass the data? or should i use another method? i've read about session hijacking and i'm now worried about holding personal data within a session so i'm wondering what other people do?? Cheers Hi all, I've been trying to create a page whereby a user enters a few details which is then emailed, but I'm seriously stuck on one issue. First page - console type Second page - serial number Only two steps at the moment as I need to figure it out. I'm passing everything into a variable from a post(ed) form. It appears on the next page fine, as I've been testing, but the details entered on the first page don't show on the third, however, the details from the second page do! Here is the code I have: Code: [Select] <?php switch ($step) { case "1": ?> <table width="75%" align="center"> <tr> <td colspan="2" valign="top"> <form action="?step=2" method="post" id="consoletype">Please select your console type<br /></td></tr> <tr><td align="center" valign="top" width="50%"> <label>Xbox 360 Original (Beige or Black)<br /><img src="images/xbox360orig.gif" width="250" height="250"><br /><input class="button" type="radio" name="console" value="xboxorig" /></label></td> <td align="center" valign="top" width="50%"><label>Xbox 360 Slim<br /><img src="images/xbox360slim.gif" width="250" height="250"><br /><input type="radio" name="console" value="xboxslim" /></label></td> </tr> <tr> <td colspan="2"> <input type="submit" value="Next"> </form> </td> </tr> </table> <?php echo $code; include("footer.php"); echo $code2; include("compat.php"); echo $code3; case "2": $console = $_POST['console']; echo $console; ?> Please enter your Xbox 360 Serial Number:<br /> <form action="?step=3" method="post"> <input name="serialno" type="text" size="20" maxlength="20"> <input type="submit" value="Next"> </form> <?php echo $code; include("footer.php"); echo $code2; include("compat.php"); echo $code3; case "3": echo "<br />"; $serialno = $_POST['serialno']; echo $serialno; echo $console; echo $code; include("footer.php"); echo $code2; include("compat.php"); echo $code3; } ?> I do understand it's messy at the moment but I don't see much point beautifying everything until I can solve this problem! Cheers! ok ive searched everywhere online for a webform that is in 2 or more parts... so the first page passes variables to the second page then saves info for next page to submit all info from both pages of application to a server etc. ideally my page would look like this... page 1: small form with 3 fields: 1. type of loan: [dropdown menu] a. Cashout refinance b. Purchase 2. Property type: [dropdown menu] a. single family b. multi-unit, etc. 3. Property State: [dropdown menu] a. states....... [Next Page] <---Button page 2: a few more fields: (for example:) 1. Approximate credit score [dropdown menu] a. 650-700 etc.... 2. Phone number [textbox] 3. email address [textbox] [submit button] I know its possible, i just need to be put on the path... any help is much appreciated! |