|
PHP - Start A Session Name From A Result From A Login
hey guys, Im trying to register a session from a login im making and for some reason its not working.
here is my code: <?php session_start(); if(isset($_POST['username'])){ $username = $_POST['username']; //name of the text field for usernames $password = $_POST['password']; //likewise here just for the password //connect to the db $user = 'root'; $pswd = ''; $db = 'chat'; $conn = mysql_connect('localhost', $user, $pswd); mysql_select_db($db, $conn); //run the query to search for the username and password the match $query = "SELECT * FROM users WHERE username = '$username' AND password ='$password'"; $result = mysql_query($query) or die("Unable to verify user because : " . mysql_error()); //this is where the actual verification happens if(mysql_num_rows($result) == 1){ //the username and password match //so e set the session to true $_SESSION['username'] = $username; $_SESSION['uID'] = $result['user_id']; //$_SESSION['email'] = $result['email']; //and then move them to the index page or the page to which they need to go header('Location: index.php'); }else{ $err = 'Incorrect username / password.' ; } //then just above your login form or where ever you want the error to be displayed you just put in echo $err; } else ?> Im trying to make it so it also gets the user_id of the user logging in and creates a session for it. It works for the username part, and Im able to echo the username im logged in with, but for some reason it does want to work for the user_id part. This is what doesnt register $_SESSION['uID'] = $result['user_id']; Thanks for the upcoming help. Similar TutorialsI am having trouble resolving an error. Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/s519970/public_html/header.php:27) in /home/s519970/public_html/admin/login.php on line 2 What I can gather is I can't use "header (Location: 'admin.php')" after i've used session_start(). I have tried to replace the header (Location: 'admin.php') with this: echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; I've been trying to read up on solutions but haven't been able to get it sorted. If anyone can offer some advice that would be greatly appreciated as im new to php. Code: [Select] <?php session_start(); if(isset($_SESSION['user'])) echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; ?> <div id="loginform"> <form action="dologin.php" method="post"> <table> <tr> <td><span>Username:</span></td> <td><input type="text" name="username" /></td> </tr> <tr> <td><span>Password:</span></td> <td><input type="password" name="password" /></td> </tr> <tr> <td colspan="2" align="right"><input type="submit" name="login" value="Login" /></td> </tr> </table> </form> </div> I have tried using require_once('yourpage.php'); before my <head></head> tags in the header document where I've specified the html information but this doesn't seem to work. I've been advised to use ob_start("ob_gzhandler"); but I am not sure how to implement this. Any advice is greatly appreciated! in this page http://maximaart.com/newscp/ i have this problem Code: [Select] Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/maximasy/public_html/newscp/index.php:1) in /home/maximasy/public_html/newscp/index.php on line 2 my source code is <?php session_start(); include_once("config.php"); include_once("functions.php"); $errorMessage = ''; if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) { if ($_POST['txtUserId'] === "$user" && $_POST['txtPassword'] === "$pass") { // the user id and password match, $_SESSION['basic_is_logged_in'] = true; require("main.php"); exit;?> I am trying to create an index page which contains registration and login field the problem that i get is on successful login a warning is displayed session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\xampp\htdocs\Eventz.com\index.php:116) in C:\xampp\htdocs\Eventz.com\index.php on line 235 This is the login part of my index.php this tag is inside an html table below the login form I also have a registration form and its php code above the login form Code: [Select] <?php if (isset($_REQUEST['pass'])) { $id=$_POST['id']; $pass=$_POST['pass']; $conn =mysql_connect("localhost","root",""); if (!$conn) { die('Could not connect: ' . mysql_error()); } /* checking connection....success! */ $e=mysql_select_db('test', $conn); if(!$e) { die(''.mysql_error()); } else { echo 'database selected successfully'; } if (isset($_REQUEST['id']) || (isset($_REQUEST['pass']))) { if($_REQUEST['id'] == "" || $_REQUEST['pass']=="") { echo "login fields cannot be empty"; } else { $sql=mysql_query("Select email,password from login where email='$id' AND password='$pass'"); $count=mysql_num_rows($sql); if($count==1) /* $count checks if username and password are in same row */ { session_start(); $_SESSION['id']=$id; echo "</br>Login Successful</br>"; } else { echo "</br>invalid</br>"; echo "please try to login again</br>"; } } } } ?> Any help or suggestion would be appreciated Hi all, I have a session problem on my development site. Whenever I go to my login screen at www.mydomain.com/my/path/index.php, i get the following error messages: Quote Warning: session_start() [function.session-start]: open(/tmp/sess_f89c3850adf5a752b13f5c6b9022d8c4, O_RDWR) failed: Permission denied (13) in /home/account/public_html/shop_lite/admin/index.php on line 2 Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/account/public_html/shop_lite/admin/index.php:2) in /home/account/public_html/shop_lite/admin/index.php on line 2 However, when I go to mydomain.com/my/path/index.php, the error messages aren't there. I am very confused. We don't have an SSL (which google suggested it could be) or any whitespace between the opening php tag. I have chmoded the /tmp directory to 777 but to no avail. Any ideas? My opening code is below: Code: [Select] <?php session_start(); require_once("includes/db_connector.php"); include("includes/cms_class.php"); include("includes/login_class.php"); loginForwarder(); $issue = checkLoginIssue(); if (isset($_POST["login"])) { loginUser($_POST["email"], $_POST["password"]); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/my_template.dwt.php" codeOutsideHTMLIsLocked="false" --> I have issues with a user being logged in and staying logged in, When logging in I create these $_SESSION variables
Array
(
[usr_login] => username
[usr_fname] => first
[usr_lname] => last
[usr_email] => email
[ses_usrid] => 1
[loggdin] => Yes
[loginremember] =>
)
And after login it looks great till I refresh the page or go anywhere else on the site. All variables above are gone. Consequently, this works with no issues on the prod server, just not on my machine. Code I've been playing with since it started, specifically the setting of the cookie. (this code runs before anything else)
// =================================================================
// Sesssion start
// =================================================================
session_set_cookie_params(
0,
"/; SameSite=Strict",
".killgorack.com",
true,
true
);
session_start();
// =================================================================
// Security stuff
// =================================================================
header("strict-transport-security: max-age=31536000");
header('X-Frame-Options: sameorigin');
header("X-XSS-Protection: 1; mode=block");
header('X-Content-Type-Options: nosniff');
header("Content-Security-Policy: default-src BLA BLA BLA ");
header("Feature-Policy: vibrate 'none'");
header("Referrer-Policy: no-referrer");
header("Access-Control-Allow-Origin: https://www.MYWEBSITE.com/");
header("Expect-CT: max-age=86400, enforce");
header_remove("X-Powered-By");
// =================================================================
Any ideas? Edited May 19, 2019 by KillGorackI keep having the same problem when i run my script on the server. the error is Code: [Select] Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/alliapop/public_html/ekloges2010/ekloges2010/eisagogi.php:1) in /home/alliapop/public_html/ekloges2010/ekloges2010/includes/session.php on line 1I know i have to put session start at he very first line and i did but the problem keeps showing up. What else should i check?
I'm trying to start a session in a simple php file.
Here's *all* the code:
Here's the URL: I have several pages on my site using the exact same code at the very top, which works fine except for one page: <?php include_once("../members/dbinfo.php"); The top of dbinfo looks like this: <?php session_start(); And then the connection strings for the database However it is giving me this error on this one page: Quote Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\Inetpub\WebSites\premierathome_com\products\FrenchTalkingDictionary.php:1) in C:\Inetpub\WebSites\premierathome_com\members\dbinfo.php on line 1 Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at C:\Inetpub\WebSites\premierathome_com\products\FrenchTalkingDictionary.php:1) in C:\Inetpub\WebSites\premierathome_com\members\dbinfo.php on line 1 Now the session does actually start and doesn't prevent anything from working, I just get those messages. I'm at a loss as to why a different page with the exact same code, save for searching the database for a different product version would have this problem. I have had this code in place as well which works fine on other pages but doesn't help my problem at all: if(!isset($_SESSION['OK'])){ session_start(); } OK being a variable I set up during log in. I'm at a loss, is anyone able to help me out with this? I am using sprintf( mysql_insert_id()); to print primary key but I can save this in a varible and echo this. But I would like to know how to save this in to a session and use this one another page. Hey guys, Currently Im using: $row = mysql_fetch_array($result) or die(mysql_error()); echo $row['user_family']. " - ". $row['user_registered']; $row['user_family'] = $fam; $_SESSION['family'] = $fam; to take data from a mysql table & set it as SESSION family. However, I cant seem to get this to set. The information IS being taken from mysql because its being echo'd earlier up in the code, but its just not passing to the session. Any ideas? Hi Everyone I am having a few issues with my website. I have developed in on my xampp local host and it works ok but when I upload the files and try to renew a membership using stripe I get the following messages. Warning: session_start(): Cannot start session when headers already sent in /customers/a/d/f/mywebsite.co.uk/httpd.www/mywebsite/inc/settings.php on line 2 Warning: Cannot modify header information - headers already sent by (output started at /customers/a/d/f/mywebsite.co.uk/httpd.www/mywebsite/procedures/payments/charge.php:1) in /customers/a/d/f/mywebsite.co.uk/httpd.www/mywebsite/procedures/payments/charge.php on line 141 I have some includes that appear on every page. This is the bootstrap.php file. This file holds the settings.php which connects to my database and other function files. In this settings page I call the session_start() php function and then connect to my database. I call the bootstrap.php file on every page to there for call the session_start() on every page. I am using sessions alot so is this the right thing to do? I have attached the renew_membership payment page which holds the form. The user fills out the payment page and the form data gets sent to a script called charge.php which uses the stripe objects to make the payment. I then want to do a redirect to the paymentSuccess.php page to output to the user that the payment was made successfully. This is where the issues arrise. I have split the charge file into 3 screen shots so it is more readable. Hope someone can help me. Thanks a lot David
Edited April 26 by Irish_Dave Hi guys, I have a loggin page which works fine except it doesnt pass the session, could someone help me to see what mistake im making? once users login they will be diverted to another page where is their profile page, i have echoed the session in member page but it doesnt read it. i have attached both codes (member page and login page) below, thanks in advance for your help code is below: login page code: Code: [Select] <?php //connect to database include '../include/db.php'; //we start a session here to help us pass the user login variable to other pages of the webs application while user is logged in. session_start(); //php login // if post has been successfully sent, do the action below if ($_POST['login']){ // get data from form fields $email=strip_tags($_POST['email']); $password=strip_tags($_POST['password']); // check if email (username) and password have been inserted, if not show an error if($email == "" || $password == "") echo "Please enter your email address and postcode"; else { //check if email exists $checkemail=mysql_query("SELECT * FROM member WHERE EmailAddress='$email'"); //if exists we get the information from database if ($getrows=mysql_num_rows($checkemail)>=1){ while ($row=mysql_fetch_array($checkemail)) { $myemail=$row['EmailAddress']; $mypassword=$row['Password']; } //convert the password to md5 $pass=md5($password); //now we check if entered email and password match our database record if ($myemail==$email && $mypassword==$pass) { $_SESSION['emailaddress']=$myemail; //update the loggedin to 1 so we users go to next page, our website will compare if users is logged in or not $update=mysql_query("UPDATE member SET loggedin='1' WHERE EmailAddress='$email'"); //if details exist we get the users first name our database to pass this information along with our sessions $getuser=mysql_query ("SELECT * FROM member WHERE EmailAddress='$email'"); while($row=mysql_fetch_array($getuser)) { $firstname=$row['FirstName']; } echo "Welcome $firstname, <a href='profile.php'>Click here</a> to be directed to your profile"; } } else { echo "This user doesn't exists"; } } } ?> and this is the member page so far Code: [Select] <?php //connect to database include '../include/db.php'; //we start a session here to help us pass the user login variable to other pages of the webs application while user is logged in. session_start(); echo "Welcome ".$_SESSION['emailaddress'].""; ?> This should be really simple, but I just can't figure out why it isn't working. It's my first time using sessions, so I'm probably doing something silly. It's just a login to an admin page. It's for a photo gallery, that's why the database is called "photo". This is the login page: Code: [Select] <?php session_start(); if(isset($_POST['user']) && isset($_POST['password'])){ $user = $_POST['user']; $password = sha1($_POST['password']); $photo = new mysqli('localhost', 'user', 'password', 'photo'); $login = $photo->query("select user, sha1(password) from settings where user = '$user' and sha1(password) = '$password'"); if($login->num_rows > 0){ $_SESSION['login'] = 1; ?> <META HTTP-EQUIV="Refresh" Content="0; URL=admin.php"> <?php } else { $badlogin = 1; } } ?> <html> <head> <style> body {margin-top: 50px;} td {text-align: right;} input {width: 200px;} </style> </head> <body><center> <?php if(isset($badlogin)){ ?> <span style="color: red;">Oops! Wrong login.</span><br><br> <?php } ?> <table> <form action="admin.php" method="post"> <tr><td>User:</td><td><input type="text" name="user" /></td></tr> <tr><td>Password:</td><td><input type="password" name="password" /></td></tr> <tr><td></td><td><input type="submit" value="Login" /></td></tr> </form> </table> </center></body> </html> And this is the admin page: Code: [Select] <?php session_start(); if($_SESSION['login'] != 1){ ?> <META HTTP-EQUIV="Refresh" Content="0; URL=login.php"> <?php } else { ?> <html> <head> </head> <body> Admin stuff here. </body> </html> <?php } ?> OK when i go to my website and login i stay login in intill i sign out but when im stilled loged in and click new tab and type my website i see the login table but im already loged in so i have to click on my logo to time to make the login table go away why if you need the login code i would be happy to give it to use Im trying to make sessions work with my script, its finding the user/pass in the database and redirects me to the homepage after but the parts that are supposed to show when the session is set are not showing. My code: <?php // Login Logic $username = ""; $err = ""; $err_style = ""; $err_style2= ""; //Checks if there is a login cookie if(isset($_SESSION['username'])) { //if there is, it logs you in and directes you to the members page $_SESSION['username'] = $username; $_SESSION['password'] = $password; //$username = $_COOKIE['user_id']; //$pass = $_COOKIE['pass_id']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());$quer++; while($info = mysql_fetch_array( $check )) { if ($pass != $info['password']) { } else { header("Location: index.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // SANITISE $username = sanitize($_POST['username']); $pass = sanitize($_POST['password']); $red = sanitize($_POST['red']); // makes sure they filled it in if(!$_POST['username']) { $err = 'You did not fill in a required section'; $err_style = "style='border: 1px solid #CC0000'"; $show_login = 1; } if(!$_POST['password']) { $err = 'You did not fill in a required section'; $err_style2 = "style='border: 1px solid #CC0000'"; $show_login = 1; } // checks it against the database if (!$err) { $check = mysql_query("SELECT * FROM users WHERE username = '".$username."'")or die(mysql_error());$quer++; //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { $err = 'User not found - please try again!'; $err_style = "style='border: 1px solid #CC0000'"; $show_login = 1; } while($info = mysql_fetch_array( $check )) { $info['password'] = stripslashes($info['password']); $pass = $pass; //gives error if the password is wrong if ($pass != $info['password']) { $err = 'Incorrect password, please try again.'; $err_style2= "style='border: 1px solid #B02B2C;'"; $show_login = 1; } else { session_start(); $_SESSION['username'] = $username; $_SESSION['password'] = $password; // if login is ok then we add a cookie //$hour = time() + 3600; //setcookie("user_id", $username, $hour); //setcookie("pass_id", $pass, $hour); //then redirect them to the members area if (!$red) { header("Location: index.php"); } else { header("Location: $red.php"); } exit; } } } } ?> And: <?php session_start(); //checks cookies to make sure they are logged in if(isset($_SESSION['username'])) { $_SESSION['username'] = $username; $_SESSION['password'] = $password; //$username = $_COOKIE['user_id']; //$pass = $_COOKIE['pass_id']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); $quer++; while($info = mysql_fetch_array( $check )) { //if the cookie has the wrong password, they are taken to the login page if ($pass != $info['password']) { header("Location: login.php"); } //otherwise they are shown the admin area else { // Update some info session_start(); $_SESSION['username'] = $username; $_SESSION['password'] = $password; //setcookie ("user_id", $_COOKIE['user_id'], time() + 3600 ); //setcookie ("pass_id", $_COOKIE['pass_id'], time() + 3600 ); // Get some basic user details, so we can use these later! $uname = $info['username']; $uID = $info['user_id']; $email = $info['email']; $loggedin = 1; $admin_user = $info['admin']; } } } ?>
<!DOCTYPE html>
<html>
<head>
<style type="text/css" media="screen">
.ss
{
border-width: 1px;
border-style:solid;
width: 100px;
height: 100px;
</style>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title></title>
<link rel="stylesheet" href="">
</head>
<body>
<form action="index.php" method="post">
<table align="center" class="ss">
<tr>
<td>Name<input type="text" name="name">
</td>
</tr>
<tr>
<td>Pass :<input type="password" name="pass">
</td>
</tr>
<tr>
<td>Email<input type="text" name="eml">
</td>
<tr>
<td><input type="submit" name="sb">
</td>
</table>
</form>
</body>
</html>
<?php
include "db.php";
session_start();
if(isset($_POST['sb']))
{
$name=mysqli_real_escape_string($con, $_POST['eml']);
$pass=mysqli_real_escape_string($con, $_POST['pass']);
$usr=mysqli_real_escape_string($con,'user');
$std='std';
$type='admin';
$qer="select * from users where eml='$name' AND pass='$pass' AND type='$type'";
$sql=mysqli_query($con,$qer);
$qer=" select * from users where eml='$name' AND pass='$pass' AND type='$std'";
$sql1=mysqli_query($con,$qer);
$qer=" select * from users where eml='$name' AND pass='$pass' AND type='$usr'";
$sql3=mysqli_query($con,$qer);
$fe=mysqli_fetch_array($sql);
if(is_array($fe)) {
$name=$name;
$pass=$pass;
{
header("location:wel.php?msg=Scuessfull login");
}
echo "Admin of this site";
}
else if($fe=mysqli_fetch_array($sql1)){
if(is_array($fe))
$name=$name;
$pass=$pass;
echo "Moderator of the site";
{
header("location:mod.php?msg=Scuessfull login");
}
}
else if($fe=mysqli_fetch_array($sql3)){
if(is_array($fe))
$name=$name;
$pass=$pass;
$_SESSION['eml'] =true;
header("location:sim.php?msg=Scuessfull login");
echo "Simple user this site";
}
else
{
echo "invalid pass";
}
}
?>
I'm trying to implement sessions into my website. At the moment index.php contains a login form that posts to AccountManagement.php. AccountManagement.php then checks the database to see if they have entered a correct username/password combination. This all works fine, however I would like the site to remember that a user has logged in, and not tell them that they have entered an invalid password every time they come to this page by any means other than index.php's login form (e.g. a back button on a page that follows from AccountManagement). I have tried for days to get this to work using a for loop that checks if the session is started, but I can't seem to get the placement/syntax correct. Any help would be greatly appreciated. AccountManagement.php: Code: [Select] <?php include ("Includes/database.php"); include ("Includes/htmlheader.php"); dbconnect ("localhost", "xxxxx", "xxxxx", "xxxxx"); $query=sprintf("SELECT wowUsername, Password, UserID FROM Users WHERE (((wowUsername)=\"%s\") AND ((Password)=\"%s\"));", $_POST['Username'], $_POST['Password']); $result=mysql_query($query); if (!$result) { $message = 'Invalid query: ' . mysql_error() . "\n"; $message .= 'Whole query: ' . $query; die($message);} if (mysql_num_rows($result) !=1) { $errormessage= "Incorrect Username or Password, please try again."; include ("Includes/error.php"); } else { $row=mysql_fetch_assoc($result); $CustomerID = $row['UserID']; $query2=sprintf("SELECT CustomerID, FName FROM Customers WHERE CustomerID=$CustomerID"); $result2=mysql_query($query2); $row2=mysql_fetch_assoc($result2); $_SESSION['UserID']=$CustomerID; ?> <form action="index.php" id="home" name="home" style="width: 8em"></form> <h1> Account Management </h1> <p><h3 align="center">Welcome <?php echo $row2['FName'];?>, use the buttons below to manage your subscriptions.<h3><br /> <h2> <form action="Subscription.php" id="subs" name="subs"> <p> <input class="button5" name="Setup" type="submit" value="New Subscription" align="center" /></p> </form></h2> <form action="AccountUpdate.php" id="remove" name="remove" style="width: 8em"> <p> <input class="button5" name="NewDetails" type="submit" value="Update Details" /> </p></form> </p> <p> <form action="AccountCancel.php" id="remove" name="remove" style="width: 8em"> <input name="Logout3" type="submit" class="button5" value="Cancel Account" align="right" /> </form> </p> <p> <br /> <form action="index.php" id="remove" name="remove" style="width: 8em"> <input class="button5" name="Logout" type="submit" value="Log Out" /> </p> </p> <?php } ?> </div> </body> </html> </form> htmlheader.php: Code: [Select] <?php error_reporting(E_ERROR | E_WARNING | E_PARSE ); if(!isset($_SESSION)) { session_start(); $_SESSION['UserID']=0; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head><link rel="stylesheet" type="text/css" href="CSS/Styles.css"/> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Account Management</title> </head> <body> </form> <div id="content"> |
|||||||