PHP - Create Session And Pass Session To Iframe
hi everyone.
i'm wondering what the best way is to create a session variable and pass it to an iframe. i need to do something along these lines, but it doesn't seem to pass the ID. Any hints on how i should accomplish this? Code: [Select] session_start(); $_SESSION['ID']=$_GET['ID']; // id from previous page $ID=session_id(); <iframe src="iframepage.php?ID=<?php echo $ID; ?>" style="width:680px; height:200px;" noresize="noresize" frameborder="0" border="0" scrolling="Yes" allowtransparency="true" /> </iframe> Similar TutorialsHello. Basically I've created a login script. Works great. It sends users to different locations depending on what type of user they are. Now I have also created a Members account. Upon logging in this user should go to the members area. That all works fine! In the login script i stored a few session variable like username, access_level and so on. Now in the members area I am trying to make the page echo the name of the current user. I have been stairing at my code too long and can no longer see why nothing is echo'ing. Any ideas. I thought that the session_start() would continue the session in the next page and throughout the site until the person logs off and runs the session_destroy()! Is this not correct. First ill post the login script <?php include('database.php'); session_start(); if(isset($_POST['submit3'])) { $email = stripslashes($_POST['email3']); $password = stripslashes($_POST['password3']); $email = mysql_real_escape_string($_POST['email3']); $password = md5($password); $CheckUser = "SELECT * FROM Members WHERE email='".$email."' AND password='".$password."'"; $userDetails2 = mysql_query($CheckUser); $userInfo = mysql_fetch_array($userDetails2); $count = mysql_num_rows($userDetails2); if($count != 0) { $_SESSION['username'] = $userInfo['username']; $_SESSION['usertype'] = $userInfo['usertype']; $_SESSION['access_level']= $userInfo['access_level']; if($userInfo['usertype']== 'Member') { header('Location: members/index.php'); } else if($userInfo['usertype'] == 'Owner') { header('Location: owner/index.php'); } else if($userInfo['usertype'] == 'Corporation') { header('Location: corporation/index.php'); } else if($userInfo['usertype'] == 'Administrator') { header('Location: owner/admin/index.php'); } else if($userInfo['usertype'] == 'Staff') { header('Location: owner/staff/index.php'); } } else { $message = "incorrect login details"; } } ?> now ill post the members page <?php include('../database.php'); session_start(); ?> <head> <link href="stylz.css" rel="stylesheet" type="text/css" /> <link href="reset.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="wrapper"> WELCOME TO THE MEMBERS AREA <?php $_SESSION['username']; ?> <?php include('../title.php');?> <?php include('../nav.php');?> <div id="test"></div> <?php include('../footer.php');?> </div> </body> </html> I am under developing PHP add to cart without DB, so that i am using SESSION, actually get data from fetch_data.php data to my_cart.php using the POST method, successfully retun the values, After receiving the post data how can i convert to display like a table. workout: fetch_data.php return values. https://snag.gy/IASCMZ.jpg & values received https://snag.gy/ojWxHe.jpg Here is my my_cart.php : // FYI -> Here i am using only two fields : voice_sku & voice_name <table width="100%" cellpadding="6" cellspacing="0"> <thead> <tr> <th>Voice Sku</th> <th>Voice Name</th> <th>Remove</th> </tr> </thead> <tbody> <?php session_start(); $voice_sku = ''; $voice_name = ''; if(isset($_POST['voice_sku'])&& isset($_POST['voice_name'])) { // print_r($_POST); // die(); $voice_sku = $_POST['voice_sku']; $voice_name = $_POST['voice_name']; $_SESSION['voice_sku'] = $voice_sku; $_SESSION['voice_name'] = $voice_name; } var_dump($_SESSION); ?> <tr> <td colspan="5"> <span style="float:right;text-align: right;"> <!-- --> </span> </td> </tr> <tr> <td colspan="5"> <a href="index.php" class="button">Add More Items</a> <button type="submit">Update</button> </td> </tr> </tbody> </table>
Hello. I am just beginning to teach myself the basics of php. I am learning from books and video tutorials etc. I have come across a problem that I just can't work out, I'm sure it is very simple. Two files, movie1.php and moviesite.php, movie1.php looks like this: Code: [Select] <?php session_start(); $_SESSION['username'] = "Joe12345"; $_SESSION['authuser'] = 1; ?> <html> <head> <title>Find My Movie!</title> </head> <body> <?php $myfavmovie = urlencode("The Life of Brian"); echo "<a href='moviesite.php?favmovie=$myfavmovie'>"; echo "click here to see information about my favourite movie!"; echo "</a>" ?> </body> </html> OK? You see the '$_SESSION['username'] = "Joe12345";', this is my specific problem. This should be echoed into the next page, moviesite.php which you can see below: Code: [Select] <?php session_start(); //check to see if the user has logged in with a valid password if ($_SESSION['authuser'] != 0) { echo "sorry, but you don't have permission to view this page"; exit(); } ?> <html> <head> <title>My Movie Site - <?php echo $_REQUEST['favmovie']; ?></title> </head> <body> <?php echo "Welcome to our site, "; echo $_SESSION['username']; echo "! <br>"; echo "My favourite movie is "; echo $_REQUEST['favmovie']; echo "<br>"; $movierate = 5; echo "My movie rating for this movie is "; echo $movierate; ?> </body> </html> OK? 'echo $_SESSION['username'];' does not echo the username. Everything else seems to be ok. This is an example I have been working on from the book 'Beginning PHP, MySQL and Apache Web Development'. I hope someone can help. The username 'Joe12345' is not carried to the next page. It is just blank. Many Thanks for all and any assistance people can give me. I tried many ways but unable to pass sessions to virtual subdomains on my site.. I edited ihi.ini file and included Code: [Select] session.cookie_domain = .mydomain.com I like to add that session is active on my main domain for www.mydomain.com only.. So how do I pass sessions for WWW to other subdomains ? Thanks n Advance Unfortunately I have no code for this yet cuz I don;t even know if its possible... I am programming an application that is used by a couple of stores, which could end up being a lot of stores. Anyways, the basis is that the stores would, though a separate application (and therefore separate database) create a username and password, I now want to use this username and password to do the following 1. Allow them to login to my application using the same username and password 2. I want the store the username in a session to pull tables based on the username from my database For instance, a user has the login store123, after loggin in it now pulls the information from the tables store123_items, store123_prices, store123_settings, etc. Now my database will have quite a lot of store###_tables I am, sadly, a noobie to PHP and I do recall seeing an article (somewhere on the net, and I stupidly forgot to bookmark it, knowing I would need it eventually) on how to access multiple databases easily. Now because they are both under my account I can use the same username and password for both, its accessing the MySQL username/password database and storing the info I know I am lacking on how to do it. Any ideas? in this page http://maximaart.com/newscp/ i have this problem Code: [Select] Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/maximasy/public_html/newscp/index.php:1) in /home/maximasy/public_html/newscp/index.php on line 2 my source code is <?php session_start(); include_once("config.php"); include_once("functions.php"); $errorMessage = ''; if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) { if ($_POST['txtUserId'] === "$user" && $_POST['txtPassword'] === "$pass") { // the user id and password match, $_SESSION['basic_is_logged_in'] = true; require("main.php"); exit;?> I am having trouble resolving an error. Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/s519970/public_html/header.php:27) in /home/s519970/public_html/admin/login.php on line 2 What I can gather is I can't use "header (Location: 'admin.php')" after i've used session_start(). I have tried to replace the header (Location: 'admin.php') with this: echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; I've been trying to read up on solutions but haven't been able to get it sorted. If anyone can offer some advice that would be greatly appreciated as im new to php. Code: [Select] <?php session_start(); if(isset($_SESSION['user'])) echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; ?> <div id="loginform"> <form action="dologin.php" method="post"> <table> <tr> <td><span>Username:</span></td> <td><input type="text" name="username" /></td> </tr> <tr> <td><span>Password:</span></td> <td><input type="password" name="password" /></td> </tr> <tr> <td colspan="2" align="right"><input type="submit" name="login" value="Login" /></td> </tr> </table> </form> </div> I have tried using require_once('yourpage.php'); before my <head></head> tags in the header document where I've specified the html information but this doesn't seem to work. I've been advised to use ob_start("ob_gzhandler"); but I am not sure how to implement this. Any advice is greatly appreciated! I am trying to create an index page which contains registration and login field the problem that i get is on successful login a warning is displayed session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\xampp\htdocs\Eventz.com\index.php:116) in C:\xampp\htdocs\Eventz.com\index.php on line 235 This is the login part of my index.php this tag is inside an html table below the login form I also have a registration form and its php code above the login form Code: [Select] <?php if (isset($_REQUEST['pass'])) { $id=$_POST['id']; $pass=$_POST['pass']; $conn =mysql_connect("localhost","root",""); if (!$conn) { die('Could not connect: ' . mysql_error()); } /* checking connection....success! */ $e=mysql_select_db('test', $conn); if(!$e) { die(''.mysql_error()); } else { echo 'database selected successfully'; } if (isset($_REQUEST['id']) || (isset($_REQUEST['pass']))) { if($_REQUEST['id'] == "" || $_REQUEST['pass']=="") { echo "login fields cannot be empty"; } else { $sql=mysql_query("Select email,password from login where email='$id' AND password='$pass'"); $count=mysql_num_rows($sql); if($count==1) /* $count checks if username and password are in same row */ { session_start(); $_SESSION['id']=$id; echo "</br>Login Successful</br>"; } else { echo "</br>invalid</br>"; echo "please try to login again</br>"; } } } } ?> Any help or suggestion would be appreciated I'm making a simple login system with MySQL and PHP (very simple, I'm just starting with PHP). The MySQL portion is done, but I need to ensure only people who are logged in can see certain content. To check if people are logged in, my website checks that they have the $_SESSION['user'] variable set. If it is set, then it lets them continue through the website, if not, it tells them to login. Is that enough security, or can people simply inject a session cookie into their browser to spoof that they are logged in? My idea was to generate a session key cookie when they login (just a random string of letters and numbers) and store that in the database, then on every page, check to make sure their session key is the same thing that's in the database. Is this necessary? It seems expensive. Just curious how other people feel about this. I am working on an application where a lot of info is pulled from MySQL and needed on multiple pages.
Would it make more sense to...
1. Pull all data ONCE and store it in SESSION variables to use on other pages
2. Pull the data from the database on each new page that needs it
I assume the preferred method is #1, but maybe there is some downside to using SESSION variables "too much"?
Side question that's kind of related: As far as URLs, is it preferable to have data stored in them (i.e. domain.com/somepage.php?somedata=something&otherdata=thisdata) or use SESSION variables to store that data so the URLs can stay general/clean (i.e. domain.com/somepage.php)?
Both are probably loaded questions but any possible insight would be appreciated.
Thanks!
Greg
Edited by galvin, 04 November 2014 - 10:30 AM. Evening! I've been iffing and ahhing over this and well im not too sure, hence the post. Code: [Select] // Redirects if there is no session id selected and echos the error on the previous page if(!isset($_GET['get']) || ($_GET['getget'])){ header("Location: #.php?error"); } So it should simply check if get is set if it isnt then see if getget is set? If not redirect and show the error. Now ive tried it and even when get/getget is set it still redirects, probably something silly. Care to share anyone? Harry. I'd like to pass a value from a URL to an iframe. This would look as follows: URL: http://www.mysite.com?www.mysite2.com The value (www.mysite2.com) will be an actual web address which should then be inserted into an iframe on www.mysite.com via php. Since I know little to no php, I don't know how the URL has to be structured and what php coding I need to use to include the web address in the iframe. Any suggestions are highly appreciated I was wondering if there was any way in which I could create a link which would direct to a paypal payment page and the amount to be paid could be specifed in the URL (GET method) as I have multiple products at differnt prices and would like to redirect the user to a page with a price I specify to be paid. Anyone have ideas? Hope someone can respond soon - thanks in advance for any help! Jake Hi I am looking for help with a working script to input multiple lines of data , but i am looking for each line of data to have the $_SESSION[userid] entered into each line, ie into the table $_SESSION[userid], name, surname, age Many Thanks <? include "include/session.php"; include "include/z_db.php"; // check the login details of the user and stop execution if not logged in require "check.php"; // If member has logged in then below script will be execuated. // let us collect all data of the member $row=mysql_fetch_object(mysql_query("select * from plus_signup where userid='$_SESSION[userid]'")); if(isset($_POST['submit'])) { foreach($_POST['person'] as $person) { $name= mysql_real_escape_string($person['name']); $surname= mysql_real_escape_string($person['surname']); $age= mysql_real_escape_string($person['age']); $values[] = "('$name', '$surname', '$age')"; } $query = "INSERT INTO plus_signup (name,surname,age) VALUES " . implode(', ', $values); $result = mysql_query($query) or die("Error!<br />Query: $query<br />Error: " . mysql_error()); } ?> <form method="POST" action='multi.php' name=""> <table> <tr> <td>Name<input type="text" name="person[0][name]"></td> <td>surname<input type="text" name="person[0][surname]"></td> <td>age<input type="text" name="person[0][age]"></td> </tr> <tr> <td>name<input type="text" name="person[1][name]"></td> <td>surname<input type="text" name="person[1][surname]"></td> <td>age<input type="text" name="person[1][age]"></td> </tr> <tr> <td>name<input type="text" name="person[2][name]"></td> <td>surname<input type="text" name="person[2][surname]"></td> <td>age<input type="text" name="person[2][age]"></td> </tr> </table> <td><p> <input type="submit" name="submit" value="add"> </p> <p> </p>| <a href=update-profile.php>back</a>| </form> <? require "bottom.php"; ?> <center><br>| <a href=update-profile.php>back</a>|<br></center> </body> </html> Is there anyway to work out the age of a session, i.e the time that has elapsed since it was created? Cheers People please help me i beg you, been trying to do this same thing for the past 4hours (-) close to giving up on php and learning a new languages :S Well as I was updating my login/sign up because its old and it was not very safe. Now my session are not working, well they work when i set them but it wont destroy so you cant log out. I have tryed doing 100 ways but i get one error or another or it dont work out all. login page <?php session_start(); require_once "../config.php"; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Admin CP</title> <?php $flag=0; if(isset($_POST['Submit'])) { $con = database_connect(); $username = $_POST['username']; $password = $_POST['password']; clean($username); clean($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); mysql_close($con); $md5password= md5($password); database_connect(); $sql="select * from $membertables WHERE username='$username' and password='$md5password' and (userlevel='1' or userlevel='2') "; $res=mysql_query($sql); if(!$res) { die('error in database'); } $row=mysql_fetch_array($res); if(mysql_num_rows($res)>0) { $_SESSION['logged_in'] ="loggedin"; $_SESSION['userid']=$row['uid']; $_SESSION['username']=$row['username']; $_SESSION['userlevel']=$row['userlevel']; session_write_close(); header('location:welcome.php'); } else { $_SESSION['logged_in'] = "notloggedin"; $flag=1; } } ?> <script language="javascript"> function valid() { if(document.frm1.txtuname.value=="") { alert('Enter User-ID'); document.frm1.txtuname.focus(); return false; } if(document.frm1.txtpass.value=="") { alert('Enter Password'); document.frm1.txtpass.focus(); return false; } } </script> <!-- CSS --> <link href="style/css/transdmin.css" rel="stylesheet" type="text/css" media="screen" /> <!--[if IE 6]><link rel="stylesheet" type="text/css" media="screen" href="style/css/ie6.css" /><![endif]--> <!--[if IE 7]><link rel="stylesheet" type="text/css" media="screen" href="style/css/ie7.css" /><![endif]--> <!-- JavaScripts--> <script type="text/javascript" src="style/js/jquery.js"></script> <script type="text/javascript" src="style/js/jNice.js"></script> </head> <body> <div id="wrapper"> <!-- h1 tag stays for the logo, you can use the a tag for linking the index page --> <h1><a href="#"><span>Transdmin Light</span></a></h1> <!-- You can name the links with lowercase, they will be transformed to uppercase by CSS, we prefered to name them with uppercase to have the same effect with disabled stylesheet --> <ul id="mainNav"> <li></li> <!-- Use the "active" class for the active menu item --> <li></li> <li></li> <li class="logout"></li> </ul> <!-- // #end mainNav --> <div id="containerHolder"> <div id="container"><!-- // #sidebar --> <!-- h2 stays for breadcrumbs --> <h2>Login »</h2> <div id="main"> <form action="index.php" method="post" name="frm1" id="frm1" onSubmit="return valid();"> <table width="100%" border="0" cellpadding="0" cellspacing="0""> <tr> <td align="left"><table border="0" cellpadding="5" cellspacing="1" width="576"> <tbody> <tr> <td colspan="2" align="center"><br /> Please enter your User Name and password below.<br /></td> </tr> <?php if($flag==1) { ?> <tr> <td width="333" align="center" style="background-color: #F00; text-decoration: underline; color: #FF0;" ><p>Enter Valid User-Name or Password </p></td> </tr> <?php } ?> <tr> <td align="right" >User Name:</td> <td width="344"><input style="background-color: rgb(221, 234, 248);" class="form_text" id="username" name="username" /> <script language="JavaScript" type="text/javascript">document.getElementById('txtuname').focus(); </script></td> </tr> <tr> <td align="right">Password:</td> <td><input class="form_text" id="password" name="password" type="password" /></td> </tr> <tr> <td> </td> <td> <input class="buttons" value="sign me in" name="Submit" type="submit" id="Submit" /> </td> </tr> <tr> <td style="height: 30px;"> </td> <td> </td> </tr> </table> </td> </tr> </tbody> </table> </form> </div> <!-- // #main --> <div class="clear"></div> </div> <!-- // #container --> </div> <!-- // #containerHolder --> <p id="footer"><?php echo $footer ?></p> </div> <!-- // #wrapper --> </body> </html> <?php session_start(); if($_SESSION['logged_in']="loggedin"); else{ header('location:index.php'); } ?> sign out page <?php session_start(); session_unset(); session_destroy(); header('location:index.php'); ?> Pls tell me what is wrong? <?PHP include("dba.php"); function hvataj ($trazi, $id) { $upit = mysql_query ('select * from administrator where member_id = '.$id.''); return ( $row = mysql_fetch_assoc ($upit) ) ? $row[$trazi] : mysql_error (); } ?> I have parse error here on this line when I want to echo it: <?PHP echo "<img src='images/korisnik_slike/".hvataj('slika',$_SESSION['member_id']."' />"; ?> what is the problem here? $sql="INSERT INTO comment (linkid, text, anvid) VALUES ('$_POST[link]','$_POST[comment]','$_SESSION['user'];')"; If i use session in my php code then for how much time the session will be valid... And how can i change the length of the session... I am having trouble calling the session var "email" from the landing page. Here is the code that I am using. I am not even sure the session "email" is starting or registering. Code: [Select] $referer = $_SERVER['HTTP_REFERER']; $email = $_POST['email']; $sql="SELECT * FROM users WHERE email='$email' "; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $email, table row count must be 1 row if($count==1){ // Session Register email session_start(); $_SESSION['email'] = $email; header("location:".$referer2." "); exit(); } |