Learn VBA & Macros in 1 Week!

PHP - Unexpected Session Variable Update

Full Excel VBA Course - Beginner to Expert

Unexpected Session Variable Update	View Content

im trying to make a breadcrumbs feature on my site. this feature is driven using the session variables. My problem here is that.. i just wondering what make the session variables display its own value (not expected value).. this variable name got no similar across the whole site.

i just wanna hear what are the possible causes why this happen...

thanks

Full Excel VBA Course - Beginner to Expert

Second Unexpected Session Being Created

Similar Tutorials

View Content

Hi,

I'm a newbie learning web development in my spare time. I've built a LAMP server from scratch on an old PC as a learning exercise and I think the basic install and setup of that is fine as I installed PHPBB previously and that runs and is working. I've backed the server up at that point and restored so everything up to there is pretty much out of the box. I'm now coding my own web pages, so I've setup virtual hosting so I can hit them and start learning PHP, MySQL etc using quite an old book (PHP4 days) so yes things have changed. I've got an issue right at the start with sessions. It's a basic user authorisation exercise setting a session value authorising the user, and then when you click on a link, the authorised user session variable is tested to determine whether the user is allowed to view the page. This is not working and I've worked out what is happening.

The main page is starting a new session – session_start();
The session value is set.

When I click on the link, the next page is calling session_start();
... but it's starting a second session, and the authorised user value is not found. I've confirmed this watching sessions in the folder ... /var/lib/php/sessions

I can see the first being created containing the authorised user variable, and then a second empty session being created with just the session id. The session folder group is www-data with rwx permissions. The session file owner and group is www-data with rw permissions ...

-rw------- 1 www-data www-data 13 Nov 29 21:29 sess_bgih8hu82plbrvo0f9naledmdd
-rw------- 1 www-data www-data 0 Nov 29 21:29 sess_vhq4kfcm3sm0avrmif8e2fli9v

I don't think permissions is the issue as I can read and display the $_SESSIONID in each page – which also confirms different sessions are being used. I'm also seeing the following error in the apache error log when the second page is requested ...

[Fri Nov 29 20:58:27.829382 2019] [php7:notice] [pid 1065] [client x.x.x.x:x] PHP Notice: Undefined index: authuser in /var/www/licks/moviesite.php on line 22, referer: http://licksdev.com/moviemain.php

There's hardly any code, it's a very basic exercise, but here you go, this is the main page ...

<?php
session_start();
$_SESSION['authuser']=1;
?>
<HTML>
<HEAD>
<TITLE>Find my favourite movie</TITLE>
</HEAD>
<BODY>
<?php
echo "<a href='http://www.licksdev.com/moviesite.php'>Click ...</a>";
?>
</BODY>
</HTML>

Here is the second page. when I hit this page I get the not authorised error message:

<?php
session_start();
if ($_SESSION['authuser']!=1){
echo "Sorry but you don't have permission to view this page.";
exit();
}
?>
<HTML>
<HEAD>
<TITLE>Movie Details</TITLE>
</HEAD>
<BODY>
<?php
echo "User is authorised";
echo "<br>";
echo $_SESSION['authuser'];
?>
</BODY>
</HTML>

Versions ...

Ubuntu 18.04.
PHP 7.2.24
Apache/2.4.29

I'm guessing this is some basic configuration issue I should know about but I've spent a few days trying to find a solution - thought the session was not persisting at first, then the permissions, played around with session.use_only cookies but it's not that. Can't seem to frame the right question to find anyone talking about a similar issue.

Thanks for any help you can give.

Cannot Call Session Variable To Regular Variable For Sql Lookup

Similar Tutorials

View Content

My login script stores the user's login name as $_SESSION[ 'name'] on login. For some unapparent reason, i'm getting errors stating that $user and $priv are undefined variables, though I've attempted to define $user as being equal to $_SESSION['name'], using $user to look up the the user's privilege level (stored as the su column ) in the SQL table, and then where the result of the sql query is $priv which is then evaluated in an if statement. I can't seem to figure out why this might not be working.

The code I'm using:

<?php
session_start();
function verify() {
	//verify that the user is logged in via the login page. Session_start has already been called. 
	if (!isset($_SESSION['loggedin'])) {
	header('Location: /index.html'); 
	exit;
	}
	//if user is logged in, we then lookup necessary privleges. $_SESSION['name'] was written with the login name upon login. Privleges   // are written in db as a single-digit integer of of 0 for users, 1 for administrators, and 2 for special users. 
        $user === $_SESSION['name'];
    //Connect to Databse
	$link = mysqli_connect("127.0.0.1", "database user", "password", "database");
	if (!$link) {
  	  echo "Error: Unable to connect to MySQL." . PHP_EOL;
    	echo "Debugging errno: " . mysqli_connect_errno() . PHP_EOL;
    	echo "Debugging error: " . mysqli_connect_error() . PHP_EOL;
    	exit;
        }
        //SQL Statement to lookup privlege information. 
       if ($result = mysqli_query($link, "SELECT su FROM accounts WHERE username = $user", MYSQLI_STORE_RESULT)) {
         //LOOP TO CYCLE THROUGH SQL RESULTS AND STORE Privlege information as vairable $priv.
            while ($row = $result->fetch_assoc()) {
           $priv === $row["su"];
            }
        }
        // close SQL connection.
        mysqli_close($link);

 // Verify privleges and take action. Only a privlege of "1" is allowed to view this page. A privlege of "2" indicates special 
//accounts used in other scripts that have certain indermediate additional functions, but are not trusted administrators. 

        if ($priv !== 1) {
        echo $_SESSION['name'];
        echo "you have privlege level of $priv";
        echo "<br>";
        echo 'Your account does not have the privleges necessary to view this page';
        exit;
        }
        
}
verify();
?>

Variable Variables Not Working For Session Variable

Similar Tutorials

View Content

Hello everyone,

I can get Test 2 to successfully operate the if statement using a variable variable.

But when I try the same method using a session variable (Test 1) the if statement is not executed. Please could you tell me why the if statement in Test 1 is not being executed?

Code: [Select]

<?php
# TEST 1
$_SESSION[test_variable] = "abcd";
$session_variable_name = "_SESSION[test_variable]";
if ($$session_variable_name == "abcd")
{
echo "<br>line 373, abcd<br>";
}

# TEST 2
$test_variable = "efgh";
$test_variable_name = "test_variable";
if ($$test_variable_name == "efgh")
{
echo "<br>line 379, efgh<br>";
}

?>
Many thanks,

Stu

Update Items In Session

Similar Tutorials

View Content

Hi,

i have had some help from these forums building a shopping cart system and i can add items to cart, empty cart but i need some help on how to update quantities.

Here is the code i use to add items

Code: [Select]
$pid = $_POST['prodid'];
$q = $_POST['qty'];

if(array_key_exists($pid, $_SESSION['cart']))
{
$_SESSION['cart'][$pid]=$_SESSION['cart'][$pid]+$q;
}
ELSE
{
$_SESSION['cart'][$pid]=$q;
}
Im displaying my items in a table with a text field for quantities which can be changed then click update. i see there is 2 things i need to do, first is to somehow create a loop for all the items in my table, i have no clue where to start on that, and then in that loop i have my update command.

im assuming the code to update would be something like

Code: [Select]
$_SESSION['cart'][$pid]=$_SESSION['cart'][$pid][$qty]
where $qty is the value of the text box in my table.

Any help would be appreciated.

Unexpected T-variable Error In Line 49 ?

Similar Tutorials

View Content

I'm new to PHP and I'm just trying to make a form send. here's my code. I don't know what's wrong please help !

Code: [Select]
<?php

/*Subject and Email Variables*/

$emailSubject = 'Inquiry';
    $emailAddress = 'inquiry@topazbranch.com';

/*Gathering Data Variables*/

$firstname = $_POST['firstname'];
    $lastname = $_POST['lastname'];
    $contact = $_POST['contact'];
    $email = $_POST['email'];
    $newsletter = $_POST['newsletter'];
    $projects = $_POST['projects_'];
    $trippingSchedule = $_POST['tripping schedule'];
    $source = $_POST['source'];
    $agent = $_POST['agent'];
    $comments = $_POST['comments'];

    $body = <<<EOD
<br/><hr/><br/>
Firstname : $firstname<br/>
Lastname : $lastname<br/>
Contact: $contact<br/>
Email : $email<br/>
Newsletter : $newsletter<br/>
Projects : $projects<br/>
Tripping Schedule : $tripping schedule<br/>
Source : $source<br/>
Agent name : $agent<br/>
Additional Comments : $comments<br/>
EOD;

$headers = "From: $email\r\n";
    $headers .= "content-type: text/html\r\n\";
    $sucess = mail($emailAddress, $emailSubject, $body, $headers);

/* Results render as HTML*/

$theResults = <<<EOD
<html>
<body>
<h1>thank you</h1>
</body>
</html>
EOD;

echo "$theResults";

?>

Using Session Id And Username To Update Database?

Similar Tutorials

View Content

I'm helping out a friend who owns a boarding kennel. She would like an online site where she or a client can register, add their dogs to their profile and other info.

I know CSS and HTML but have very, very little experience in PHP, I figured it would be fun to give this a try and learn something new.

So far I've managed to create a register and log in area, and now I'm trying to make it possible for someone to add a dog breed from a drop down list to their "page" after they've logged in.

I cannot get the data to insert into that specific user's table.

I'm trying to use the session id and session username as the variable, and this is where the problem comes in. If I type the userid and the username out then the data will update fine...but that's not practical. I need it to know which user is logged in and update them accordingly.

Anyway, what I'm typing here makes sense in my head but I've been staring at this computer all day and it's possible I'm way out in left field, so here's the code to see for yourself. (chances are it's something totally obvious....or I have stuff in there that doesn't belong, I haven't a clue.)

Thank you in advance to anyone willing to help me out!

The form
<?php session_start();
$_SESSION['userid']=$userid;?>

<html><body>
<h4></h4>
<form action="process.php" method="post">
<select name="breed" id="breed">
<option value="collie">Collie</option>
<option value="aussie">Aussie</option>
</select>
<select name="sex">
<option>Dog</option>
<option>Bitch</option>
</select>
<input type="submit" />
</form>
</body></html>

The php for that form
<?php session_start();
$_SESSION['userid']=$userid;
$_SESSION['Username']=$username;?>

<html><body>
<?php

$host="localhost"; // Host name
$username="silver_phptest"; // Mysql username
$password="bowser"; // Mysql password
$db_name="silver_phptestingbase"; // Database name
$tbl_name="users"; // Table name

// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// Get values from form
$breed=$_POST['breed'];

// Insert data into mysql

mysql_query("UPDATE users SET dogs = '$breed'
WHERE userID = '$userid'");

// close connection
mysql_close();
?>
</body></html>

Session Variable

Similar Tutorials

View Content

Need help declaring some session variable guys.

I have a login form where the member enters his
1. Pilot Callsign
2. Password

I want to declare that Pilot Callsign as the session variable on authentication.

Using that Pilot Callsign session variable, I will fetch data from the database relevant to his profile.

I already have the whole login page coded along with the restricted access pages (not coded by me).

Check this out

1. Page is coded like this and working PERFECTLY
---

Code: [Select]
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['pilot_callsign'])) {
  $loginUsername=$_POST['pilot_callsign'];
  $password=$_POST['password'];

  mysql_select_db($database_brn_system, $brn_system);

  $LoginRS__query=sprintf("SELECT pilot_callsign, password, staff_level, firstname FROM pilots WHERE activated = 1 AND pilot_callsign=%s AND password=%s",
  GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));

  $LoginRS = mysql_query($LoginRS__query, $brn_system) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {

    $loginStrGroup  = mysql_result($LoginRS,0,'staff_level');

if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;
?>
---

2. As you can see, there already is a session variable declared for Pilot Callsign
But on the next page "Restricted Access Page", when I try to call this same Session Variable, it doesn't work.

I tried doing this
<?php echo $_SESSION['MM_Username'] ?>

Moreover, I even tried to fetch data from the table like this -

SELECT * FROM pilots WHERE pilot_callsign=$_SESSION['MM_Username']

Doesn't work

Getting Another Session Variable

Similar Tutorials

View Content

hi all , i am working on a script which is oop driven and i m not much familiar with it, i appericiate if someone can help me to solve this problem , so basicaly current script is only setting one session variable to true if user login $_SESSION['is_successful_login'] , here is my code
<?php
include('files/db.php');
class ajaxLoginModule  {
  private $timeout         = null;
  private $target_element  = null;
  private $wait_text       = null;
  private $form_element    = null;
  private $wait_element    = null;
  private $notify_element  = null;

  function __construct() {
     include ('config.php');
$msql  = new Db;
$msql->connect();
$this->is_login();
  }
  function get_config() {
$this->set_ajax_config();
  }
  function set_ajax_config() {
     $this->timeout         = AJAX_TIMEOUT;
     $this->target_element  = AJAX_TARGET_ELEMENT;
     $this->wait_text       = AJAX_WAIT_TEXT;
$this->wait_element    = AJAX_WAIT_ELEMENT;
     $this->notify_element  = AJAX_NOTIFY_ELEMENT;
     $this->form_element    = AJAX_FORM_ELEMENT;
  }
  function initLogin($arg = array()) {
$this->get_config();
$this->login_script();
  }
  function initJquery() {
return "<script type='text/javascript' src='files/jquery-1.3.2.min.js'></script>";
  }
  function login_script() {
include ('files/login_script.php');
  }
  function is_login() {
      if(isset($_POST['username']))  {
     $username   = $_POST['username'];
$password   = $_POST['password'];
$strSQL = "SELECT * FROM ".USERS_TABLE_NAME."
    WHERE username ='$username' AND password = '$password'
   ";
        $result  = mysql_query ($strSQL);
$row     = mysql_fetch_row($result);
   /*
//THIS IS WHAT I NEED
$_SESSION['user'] = $row['username'];
$_SESSION['id'] = $row['id'];
*/
$exist   = count($row);
if($exist >=2) { $this->jscript_location();  }
else { $this->notify_show();}
exit;
  }
  }
  function notify_show() {
    echo "<script>$('.".AJAX_NOTIFY_ELEMENT."').fadeIn();</script>";
  }
  function jscript_location() {
    $this->set_session();
    echo "<script> $('#container').fadeOut();window.location.href='".SUCCESS_LOGIN_GOTO."'</script>";
  }
  function set_session() {
      session_start();
  $_SESSION['is_successful_login'] = true;

  }

}
?>

i comment that line what i need is username and id to store in those session variables

$_SESSION['user'] = $row['username'];
$_SESSION['id'] = $row['id']

i tried to add code in function set_session but did not helped, appreciate for any help.

Thanks

Help With Session Variable

Similar Tutorials

View Content

Hi

I am using very simple code. Here it is

Code: [Select]
<?php
session_start();
$user = "guest";
$uid = "1";
echo $_SESSION['user']."<br />";
echo $_SESSION['uid'];
?>
it displays this error
Code: [Select]
Notice: Undefined index: user in C:\wamp\www\DealDash\index.php on line 5
Notice: Undefined index: uid in C:\wamp\www\DealDash\index.php on line 6
how can I solve this problem? Help please

Session Variable

Similar Tutorials

View Content

I wonder whether someone can help me please.

I'm using the script below to create a page whereby users are presented with a list of image folders they have created. Clicking on any of the folders allows the user to drill down and view the individual images.

Code: [Select]
<?php session_start();

$_SESSION['username']=$_POST['username'];
$_SESSION['locationid']=$_POST['locationid'];

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<?php
  //This variable specifies relative path to the folder, where the gallery with uploaded files is located.
  $galleryPath = 'UploadedFiles/' . $_SESSION['username'] . '/' . $_SESSION['locationid'] . '/';

  $absGalleryPath = realpath($galleryPath) . DIRECTORY_SEPARATOR;

  $descriptions = new DOMDocument('1.0');
  $descriptions->load($absGalleryPath . 'files.xml');

  $items = array();

  for ($i = 0; $i < $descriptions->documentElement->childNodes->length; $i++) {
    $xmlFile = $descriptions->documentElement->childNodes->item($i);
    $path = $xmlFile->getAttribute('name');
    $path = explode('/', $path);

    $t = &$items;
    for ($j = 0; $j < count($path); $j++) {
      if (empty($t[$path[$j]])) {
        $t[$path[$j]] = array();
      }
      $t = &$t[$path[$j]];
    }
    $t['/src/'] = $xmlFile->getAttribute('source');
    $t['description'] = $xmlFile->getAttribute('description');
    $t['size'] = $xmlFile->getAttribute('size');
  }

  $basePath = empty($_GET['path']) ? '' : $_GET['path'];
  if ($basePath) {
    $basePath = explode('/', $basePath);
    for ($j = 0; $j < count($basePath); $j++) {
      $items = &$items[$basePath[$j]];
    }
  }

  $files = array();
  $dirs = array();

  function urlpartencode(&$item, $index) {
    $item = rawurlencode($item);
  }

  foreach ($items as $key => $value) {
    if (isset($value['/src/'])) {
      $value['/src/'] = explode('/', $value['/src/']);
      array_walk($value['/src/'], 'urlpartencode');
      $value['/src/'] = implode('/', $value['/src/']);
      $files[] = array(
        'name' => $key,
        'src' => $value['/src/'],
        'description' => htmlentities($value['description'], ENT_COMPAT, 'UTF-8'),
        'size' => htmlentities($value['size'], ENT_COMPAT, 'UTF-8')
      );
    } else {
      $dirs[] = $key;
    }
  }

  $basePath = empty($_GET['path']) ? '' : $_GET['path'];
  $up = dirname($basePath);
  if ($up == '.') {
    $up = '';
  }

  sort($files);
  sort($dirs);
?>
<head>
<title>View Image Folders</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link href="Styles/style.css" rel="stylesheet" type="text/css" />
<script src="Libraries/jquery/jquery-1.4.3.min.js" type="text/javascript"></script>
<style type="text/css">

</style>
<body style="font-family: Calibri; color: #505050; margin-right: 160px; margin-left: -180px;">
<div align="right" class="style1"> <a href = "index.php" /> Add Images <a/> → <a href = "javascript:document.imagefolders.submit()"> View All Images </a> </div>
<form id="imagefolders" name="imagefolders" class="page" action="gallery.php" method="post" enctype="application/x-www-form-urlencoded">
<div id="container">
</div>
<div id="center">
<div class="aB">
<div class="aB-B">
<?php if ('Uploaded files' != $current['title']) :?>
<?php endif;?>
<div class="demo">
<input name="username" type="hidden" id="username" value="IRHM73" />
<input name="locationid" type="hidden" id="locationid" value="1" />
<div class="inner">
<div class="container">
<div class="gallery">
<table class="gallery-link-table" cellpadding="0" cellspacing="0">
<thead>
<tr class="head">
<th class="col-name">
Name
</th>
<th class="col-size">
Size
</th>
<th class="col-description">
Description
</th>
</tr>
</thead>

<tbody>
<tr class="directory odd">
<td class="col-name">
<a href="?path=<?php echo rawurlencode($up); ?>">..</a>
</td>
<td class="col-size">
</td>
<td class="col-description">
</td>
</tr>
<?php $i = 1; ?>
<?php foreach ($dirs as $dir) : ?>
<tr class="directory <?php $i++; echo ($i % 2 == 0 ? 'even' : 'odd'); ?>">
<td><a href="?path=<?php echo rawurlencode(($basePath ? $basePath . '/' : '') . $dir); ?>"><?php echo htmlentities($dir, ENT_COMPAT, 'UTF-8'); ?></a></td>
<td>Folder</td>
<td></td>
</tr>
<?php endforeach; ?>
<?php foreach ($files as $file) : ?>
<tr class="<?php $i++; echo ($i % 2 == 0 ? 'even' : 'odd'); ?>">
<td><a target="_blank" href="<?php echo $galleryPath . $file['src']; ?>"><?php echo htmlentities($file['name'], ENT_COMPAT, 'UTF-8'); ?></a></td>
<td><?php echo htmlentities($file['size'], ENT_COMPAT, 'UTF-8'); ?></td>
<td><?php echo htmlentities($file['description'], ENT_COMPAT, 'UTF-8'); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</form>
</body>
</html>
I can create the list of folders, but when I click on any of these, instead of being able to view the images, I receive the following error:
Quote

Warning: DOMDocument::load() [domdocument.load]: I/O warning : failed to load external entity "/homepages/2/d333603417/htdocs/development/UploadedFiles/files.xml" in /homepages/2/d333603417/htdocs/development/imagefolders.php on line 16

Warning: Invalid argument supplied for foreach() in /homepages/2/d333603417/htdocs/development/imagefolders.php on line 52

Line 16 is this line Code: [Select]
$descriptions->load($absGalleryPath . 'files.xml'); and line 52 is this Code: [Select]
foreach ($items as $key => $value){
However, if I change this line Code: [Select]
$galleryPath = 'UploadedFiles/' . $_SESSION['username'] . '/' . $_SESSION['locationid'] . '/'; to
Code: [Select]
$galleryPath = 'UploadedFiles/' . 'IRHM73' . '/' . '1' . '/'; i.e. replacing the 'Session Variables' with the actual values, the page works.

I've been working on this for days now, and I just can't find the solution. I just wondered whether someoen could perhaps have a look at this and let me know where I'm going wrong.

Many thanks and regards

Need To Use One Variable To Update Another

Similar Tutorials

View Content

Hi, I have been on and off this forum loads of time and it has helped me out so much over the past few months with different projects. But today there is one thing i simply cant figure out or find any kind of answer anywhere and would be really grateful if someone could give me a pointer.

I have a form which which i use to input data into a mysql database. One of the variables Code: [Select]
$budget=$_POST['budget']; which I use to add data to the 'budget' field in my database.

In the form, budget is a dropdown with a few options:
Code: [Select]
<select name="budget" id="budget">
<option selected="selected">Please Choose One</option>
<option>up to 500 Euros</option>
<option>500 to 1000 Euros</option>
<option>1000 to 1500 Euros</option>
<option>1500 to 3000 Euros</option>
<option>3000 to 5000 Euros</option>
<option>Over 5000</option>
<option>No Budget Set Yet</option>
</select>

I have another field in my database called 'price'. What I would like to do is, if someone chooses a budget of 3000 to 5000 I would like this to enter 5.00 in the price field in the database.

I have tried a number of things, but nothing is working for me. This is where I am at now, which doesn't work either but thought it might give a better explanation of what I am trying to achieve.

Code: [Select]
$budget=$_POST['budget'];
$price=$budget['up to 500 Euros']='3.50';
$price=$budget['500 to 1000 Euros']='5.00';
$price=$budget['1000 to 1500 Euros']='4.50';
$price=$budget['1500 to 3000 Euros']='5.00';
$price=$budget['3000 to 5000 Euros']='5.50';
$price=$budget['Over 5000']='6.00';
$price=$budget['No Budget Set Yet']='4.00';

Also keep in mind that there is no 'price' field in the form. So no price is being posted to the processing page. I need to price to be worked out by what is posted from the budget field.

This is the only thing I am stuck with without having to ask for any help, and these forums have been a saviour to me and an excellent place for learning. But sometimes I think you have to give in and just ask for help! lol

Many thanks,

DB

Need Help With Session Variable Problem

Similar Tutorials

View Content

Hi Guys, Here is the code, once logged in using known credentials it should display the content "welcome..." but it doesn't, instead it is showing "you are not authorized..." as if the session['username']); isn't being taken?

<?php 	
ini_set('display_errors',1); 
 error_reporting(E_ALL);
		

		

include_once 'includes/db_connect.php';
include_once 'includes/functions.php';
 
sec_session_start();
?>
<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8">
        <title>Secure Login: Protected Page</title>
        <link rel="stylesheet" href="styles/main.css" />
    </head>
    <body>
        <?php if (login_check($mysqli) == true) : ?>
            <p>Welcome <?php echo htmlentities($_SESSION['username']); ?>!</p>
            <p>
                This is an example protected page.  To access this page, users
                must be logged in.  At some stage, we'll also check the role of
                the user, so pages will be able to determine the type of user
                authorised to access the page.
            </p>
            <p>Return to <a href="index.php">login page</a></p>
        <?php else : ?>
            <p>
                <span class="error">You are not authorized to access this page.</span> Please <a href="index.php">login or register</a>.
            </p>
        <?php endif; ?>
        
    </body>
</html>

I am using WAMP and have made sure the username and password is in the database correctly, how do i debug this? the error reporting has been switched on but it doesn't help me is the problem with:

 <?php if (login_check($mysqli) == true) : ?>

I am trying to follow this guide: http://www.wikihow.c...n-PHP-and-MySQL Please could i get some help on how to make the login "detect" the username from my MySQL database and display the username Thanks Attached Files login_success.php.jpg 14.31KB 0 downloads

Help With Defining The Session Variable

Similar Tutorials

View Content

I am trying to define a session variable where I can save it and use it as the user surfs the site.

I need the variable saved as $amano so I can use it in my select from/where statement and to echo within a table.

This is a test trying to capture and define the variable and works, but I can't get the variable $amano into the session. If I am then I don't know how to display it.

<?php>
session_start();
$id = $_POST['amano'];
$_SESSION['amano'] = '$amano';

echo "Pageviews = ". $_SESSION['amano'];  // My effort to see what is happening.
echo "<br />";
echo "AMA # = ". $_POST['amano']; // I have it just like I want it here.
echo "<br />";
echo "Sessions AMA # = ".$_SESSION['amano'];
?>

Oop Object In Session Variable

Similar Tutorials

View Content

Is it good practice to put an oop object in session variable

Session Variable Problem

Similar Tutorials

View Content

I'm using Session variables for the first time on a site I'm developing. I had it working fine while I was doing some admin and testing in subfolders. But the problem is I'm losing the session variables when I load the page from www.example.com, but it works from www.example.com/index.php. I would be happy to post some code if needed.

Session Variable Not Carrying.

Similar Tutorials

View Content

Hey guys, please tell me why the session var $_SESSION['return_url'] is not carrying from test.php to login.php

The two echos in this file work perfectly, so i know the session var is registered...
test.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

    <title>SWG:ANH • Bringing PreCU back to life...</title>

    <link rel="shortcut icon" href="favicon.ico" />
    <link rel="stylesheet" type="text/css" media="screen" href="theme/main.css" />

<?php

session_start();
// This section will generate a var containing the current page URL. This will be used to allow the language script to redirect users back to the page they
// were on, in the language they selected. It is registered as a session variuable that will change every time the page changes.
function curPageURL() {
$pageURL = 'http';
if ($_SERVER["HTTPS"] == "on") {$pageURL .= "s";}
$pageURL .= "://";
if ($_SERVER["SERVER_PORT"] != "80") {
  $pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
} else {
  $pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
}
return $pageURL;
}
// Here we register the URL we grabbed earlier in the session var.
$return_url = curPageURL();
$_SESSION['return_url'] = $return_url;

echo $_SESSION['return_url'];
echo $return_url;
include 'lang/enus.php';
include 'menu.php';
?>

login.php
<?php
session_start();
echo $_SESSION['return_url'] ;
include 'dbconnect.php';
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$return_url = $_SESSION['return_url'];
echo $return_url;
$result = mysql_query("SELECT COUNT(*) FROM account WHERE Username='$username' and Pass='$password'") or die(mysql_error());
$result = mysql_fetch_row($result);
$result = $result[0];

if($result == 1){
$_SESSION['username'] = $username;

header("Location:".$return_url);
}
else {
echo "Wrong Username or Password. Use the back button. If you think this message is incorrect, contact the webmaster.";
}
?>

I know its not carrying because the echo in login.php is not returning anything and the script cant execute the header function because it has nowhere to go! Ive narrowed it down to the session var not carrying.

How To Set Session Variable In .htaccess.

Similar Tutorials

View Content

Hello

i have problem in set session variables in .htaccess file.

i have tried some codes which are belows but i did not effect in php info file.

<IfModule mod_php5.c>
php_value session.gc_maxlifetime 86400
php_value session.cache_expire 86400
</IfModule>

please let me know if any one have solutions fot this

How Much To Store In Session Variable?

Similar Tutorials

View Content

Currently I am adding the concept of "entitlements" to my website.

In the past, my "article.php" script would simply look to the URL for which article was being requested and then load it. However now that I am also adding the concept of "premium content" for "paid members", I need a way to control who sees what.

What I am wondering is - from a security standpoint - how much information I should load into the $_SESSION variable.

For instance, right now when a user logs in, I think I just store the "memberID" and "FirstName" and possibly "Username".

It would be more efficient when a Member logs in to also retrieve their "Membership Plan" and store that in the $_SESSION variable, so that as they browse my website, each page can simply grab $_SESSION['MembershipPlan'] and run that through a function that I need to build and then determine if the user gets to access said page.

However, maybe it would be more secure to have it so when a user lands on page XYZ, I would look at their "memberID" and query the database to get their "MembershipPlan"?

Any thoughts on each approach?

Again, my main concern is *security*, but I also suppose this plays into "performance".

Missing Session Variable.

Similar Tutorials

View Content

Hey guys, been awhile since I have been here, but I hit a little issue in reading session data reliably every time.

What I am doing is reading the variables and values from a rarurlencoded string.
Then putting that into a session array to populate parts of a form and fill in some hidden fields.
After the form posts every now and then, about 1 in 50 or so attempts, I have one (always the same one) that just vanishes.

Anyone ever experience anything like this?

Session Variable Gets Reset

Similar Tutorials

View Content

I have a session variable called $_SESSION['patchurl'] in a php file , if i get in to an else statement this session variable gets set and i go to http://yyy page.

below is the snippet of the code

<?php
session_start();
?>
<?php
echo '<script type="text/javascript">' . "\n";
if(isset($_SESSION["Email"])){
echo 'window.location="http://www.xxx";';
}
else{
$_SESSION['patchurl'] = "true";
echo 'window.location="http://yyy";';
}
echo '</script>';?>

once the patchurl session variable is set i call a php file which sets an other session variable called $_SESSION["Email"]. now what happens is the $_SESSION['patchurl'] is gone and ONLY the $_SESSION["Email"] is accessible ...can i not set two session variables? why does creating a new session varible overwrites an other one even though they are called different ? am i doing something wrong ?
Edited by Ch0cu3r, 08 September 2014 - 01:05 PM.