|
PHP - Unable To Login Using Sessions
Hello.
I am coding a remember me feature. Everything is working, except i am being logged in using cookies even when i want to use a session. To login using a cookie i must select the checkbox, for sessions i must leave it blank. Here is my code, if someone could spot a mistake i would be really grateful. Login page Code: [Select] <?php ob_start(); // starting session... session_start(); // requiring connection... require("functions.php"); // assigning variables... $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $submit = mysql_real_escape_string($_POST['submit']); $rememberme = $_POST['rememberme']; // querying database... $query = mysql_query("SELECT * FROM users WHERE username = '$username'"); $numrows = mysql_num_rows($query); if ($numrows != 0) { while ($row = mysql_fetch_assoc($query)) { $db_username = $row['username']; $db_password = $row['password']; } } // verifying login details... if ($submit) { if (!empty($username) && !empty($password)) { if ($username == $db_username && $password == $db_password) { if ($rememberme = "on") { setcookie("username", $username, time() + 7200); header('Location: tablets.php'); } else { $_SESSION['username'] = $db_username; $url = $_SESSION['origin'] ? $_SESSION['origin'] : "main.php"; unset($_SESSION['origin']); header('Location: ' . $url); exit; } } else { echo "Incorrect login details"; } } else { echo "You must type in username and password"; } } ob_end_flush(); ?> Login form Code: [Select] <?php session_start(); require("connect.php"); if (isset($_SESSION['username']) || isset($_COOKIE['username'])) { header('Location: main.php'); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>Login</title> <link rel="stylesheet" type="text/css" href="form.css" /> </head> <body> <form method="post" action="login.php"> <div class="box"> <h1>Login</h1> <label> <span>Username</span> <input type="text" class="input_text" name="username" id="name" /> </label> <label> <span>Password</span> <input type="password" class="input_text" name="password" id="password" /> </label> <input type="checkbox" name="rememberme" /> <label> <input type="submit" class="button" value="Login" name="submit" /> </label> </div> </form> </body> </html> Similar TutorialsChecking to see if I am going in the right direction, any suggestions would be appreciated! I am setting up SESSIONs for login and setting a time limit on them. I have basically 2 scenarios that I need to code for. 1. Registerd user w/good billing has all access 2. Registerd user w/expired billing & Guest user can only go to certain pages and have limited access This is my login page, will validate the login info and either sends user to one page or another or gives error that the login is incorrect <?php // http://www.daniweb.com/forums/thread124500.html session_start(); // starting session if( isset($_POST['submitLogin'])) { include('library/login.php'); login(); mysql_select_db('test'); // username and pswd from login $userID=$_POST["userID"]; $pswd=$_POST["pswd"]; // to protect from MySQL injection $userID = stripslashes($userID); $pswd = stripslashes($pswd); $userID = mysql_real_escape_string($userID); $pswd = mysql_real_escape_string($pswd); $sql="SELECT * FROM user WHERE userID='$userID' and pswd='$pswd'"; $result=mysql_query($sql); while ($r=mysql_fetch_array($result)) { $exp_date=$r["exp_date"]; $todays_date=date("Y-m-d"); } // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $userID and $pswd, table row must be 1 row if($count == 1) { session_register("userID"); session_register("pswd"); $_SESSION['userID'] = $userID; // verifies billing if ($exp_date >= $todays_date) { // billing is up to date echo "<meta http-equiv='refresh' content='0;url=session2.php'>"; } else { // billing has expired echo "<meta http-equiv='refresh' content='0;url=expBilling.php'>"; } } else { // login form for when there us an incorrect user/password echo " <div id='incorrect'>Please verify the username or password.</div> <form method='post' action='' name='login' id='login'> <div id='loginForm'> <fieldset> <span class='textbox'> <label for='username'>Username: </label> <input type='text' name='userID' size='25' class='cells' value='$userID'> <br><label for='pswd'>Password: </label> <input type='password' name='pswd' size='25'class='cells' value='$pswd'> <br><label for='pswd'> </label>Remember Me: <input type='checkbox' name='Remember' value='21'> <br><label for='blank'> </label><a href='resetPswd.php'>Forget Your Password? </a> <br><label for='blank'> </label><input type='image' value='Login' src='img/button_login.gif' width='64' height='25' onmouseover=\"javascript:this.src='img/button_login2.gif';\" onmouseout=\"javascript:this.src='img/button_login.gif';\"> <input type='hidden' name='submitLogin' value='true'> </span> </fieldset> </div> </form> "; } } else { // log in form echo " <form method='post' action='' name='login' id='login'> <div id='loginForm'> <fieldset> <span class='textbox'> <label for='username'>Username: </label> <input type='text' name='userID' size='25' class='cells'> <br><label for='pswd'>Password: </label> <input type='password' name='pswd' size='25'class='cells'> <br><label for='pswd'> </label>Remember Me: <input type='checkbox' name='Remember' value='21'> <br><label for='blank'> </label><a href='resetPswd.php'>Forget Your Password?</a> <br><label for='blank'> </label><input type='image' value='Login' src='img/button_login.gif' width='65' height='25' onmouseover=\"javascript:this.src='img/button_login2.gif';\" onmouseout=\"javascript:this.src='img/button_login.gif';\"> <input type='hidden' name='submitLogin' value='true'> </span> </fieldset> </div> </form> "; } ?> If the billing is good then user will go here <?PHP session_start(); // session timing // set timeout period in seconds $inactive = 15; // check to see if $_SESSION['timeout'] is set if(isset($_SESSION['timeout']) ) { $session_life = time() - $_SESSION['timeout']; if($session_life > $inactive) { session_destroy(); } } $_SESSION['timeout'] = time(); // END session timing if(!session_is_registered(userID)){ header("location:login.php"); } ?> <html> <body> Login Successful </body> </html> If the billing has expired user goes here <?php session_start(); // session timing // set timeout period in seconds $inactive = 15; // check to see if $_SESSION['timeout'] is set if(isset($_SESSION['timeout']) ) { $session_life = time() - $_SESSION['timeout']; if($session_life > $inactive) { session_destroy(); } } $_SESSION['timeout'] = time(); // END session timing // if the user has been timed out or not logged in if(!session_is_registered(userID)){ header("location:form.php"); } // user is logged in and their billing is good else { echo "Warning! <b>"; echo $_SESSION['userID']; echo "</b> Your billing has expired "; } // end session ?> I also created this page to test what happens when a non-subscriber trys to go to a page without logging in, it also test the billing and blocks a user whose billing is expired. <?php session_start(); // session timing // set timeout period in seconds $inactive = 15; // check to see if $_SESSION['timeout'] is set if(isset($_SESSION['timeout']) ) { $session_life = time() - $_SESSION['timeout']; if($session_life > $inactive) { session_destroy(); } } $_SESSION['timeout'] = time(); // END session timing // if the user has been timed out or not logged in if(session_is_registered(userID)){ // verify billing if user comes in directly thru this page include('library/login.php'); login(); mysql_select_db('test'); $userID = $_SESSION['userID']; $sql="SELECT * FROM user WHERE userID='$userID'"; $result=mysql_query($sql); while ($r=mysql_fetch_array($result)) { $exp_date=$r["exp_date"]; $todays_date=date("Y-m-d"); } // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $userID and $pswd, table row must be 1 row if($count == 1) { // checks dates if ($exp_date >= $todays_date) { // billing is up to date echo "Welcome: "; echo $_SESSION['userID']; } else { // billing has expired echo "<meta http-equiv='refresh' content='0;url=expBilling.php'>"; } } // END verify billing } // user is logged in and their billing is good else { echo "Welcome: "; echo "Non-user can view this stuff."; echo "<br><a href='form.php'>Click here to register</a>"; } // end session ?> These are all test pages once I get the coding right I will incorporate it into the real pages. I'm using a login form which allows me enter the pages as member only the only thing that I need to do is to include the file safe.php and the user has to login in order to see the content of this page. so far so good. if I use my subscription forms ( spread over 2 pages) the first page can be filled in properly however when I come to the second page (where I included the safe.php aswell I think I loose the session ID that I got after logging in the first time) I am redirected to the login page which I don't want. how can I avoid this? this is the content of safe.php Code: [Select] <?php // Pagina: safe.php: Includen if you want te securise your page just add it at the top of your page include("config.php"); if(isset($_SESSION['user_id'])) { // Inloggen correct, updaten laatst actief in db $sql = "UPDATE gebruikers SET lastactive=NOW() WHERE id='".$_SESSION['user_id']."'"; mysql_query($sql); }else{ if(isset($_COOKIE['user_id'])) { $sql = "SELECT wachtwoord,status FROM gebruikers WHERE id='".$_COOKIE['user_id']."'"; $query = mysql_query($sql); $rij = mysql_fetch_object($query); $dbpass = htmlspecialchars($rij->wachtwoord); $dbstatus = htmlspecialchars($rij->status); if($dbpass == $_COOKIE['user_password']) { $_SESSION['user_id'] = $_COOKIE['user_id']; $_SESSION['user_status'] = $dbstatus; }else{ setcookie("user_id", "", time() - 3600); setcookie("user_password", "", time() - 3600); echo "Cookies incorrect. Cookies verwijderd."; header("Location: inloggen.php"); } }else{ header("Location: inloggen.php"); } } ?> Hi What is the best way of handling a login system with sessions, I have read that you should never hold the password in a session, so what should you hold in the session in order to access a users data? File name:loginch.php <? include ("session.php"); include ("Connection.php"); ?> <!doctype html public "-//w3c//dtd html 3.2//en"> <html> <head> <title>(Welcome)</title> <meta name="GENERATOR" content="Arachnophilia 4.0"> <meta name="FORMATTER" content="Arachnophilia 4.0"> </head> <body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#800080" alink="#ff0000"> <? $usr = $_POST['userid']; $pass = $_POST['password']; $usr=mysql_real_escape_string($usr); $pass=mysql_real_escape_string($pass); if($rec=mysql_fetch_array(mysql_query("SELECT * FROM signup WHERE userid='$usr' AND password = '$pass'"))){ if(($rec['userid']==$usr)&&($rec['password']==$pass)){ include ("newsession.php"); echo "<p class=data> <center>Successfully,Logged in<br><br><a href='logout.php'> Log OUT </a><br><br><a href=welcome.php>Click here if your browser is not redirecting automatically or you don't want to wait.</a><br></center>"; print "<script>"; print " self.location='welcome.php';"; // Comment this line if you don't want to redirect print "</script>"; } } else { session_unset(); echo "<font face='Verdana' size='2' color=red>Wrong Login. Use your correct Userid and Password and Try <br><center><input type='button' value='Retry' onClick='history.go(-1)'></center>"; } ?> </body> </html> File Name:Front.htm Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Home Page</title> <style type="text/css"> #dropDownMenu ul { padding: 5px; margin: 0px; text-decoration: none; list-style-type: none; } #dropDownMenu ul li { display: inline; width: 100px; float: left; text-transform: uppercase; font-size: large; padding: 0px 20px 0px 0px; } #dropDownMenu ul li a { color: #666666; text-decoration: none; line-height: 15px; font-size: medium; } #dropDownMenu ul li ul { visibility: hidden; } #dropDownMenu ul li ul li a { font-size: 0.70em; text-transform: uppercase; } .style1 { text-align: left; } .style2 { text-align: center; } .style3 { margin-left: 0px; } #apDiv1 { position:absolute; width:723px; height:93px; z-index:3; left: 124px; top: -11px; } body { background-color: #69F; } #apDiv2 { position:absolute; width:416px; height:182px; z-index:3; left: 314px; top: 318px; } </style> </head> <body> <div style="position: absolute; width: 929px; height: 564px; z-index: 2; left: 158px; top: 36px" id="layer1"> <div style="position: absolute; width: 193px; height: 90px; z-index: 4; left: 626px; top: 135px; bottom: 579px" id="layer3"> <img src="th_ibm-logo.gif" width="219" height="88" /></div> <div style="position: absolute; width: 711px; height: 178px; z-index: 3; left: 100px; top: 79px" id="layer2"><img src="top_banner_corporate2.gif" width="769" height="203" class="style3" /></div> <div class="style2" id="apDiv1"> <h1><em>WELCOME TO AZ GLOBALCTS</em></h1> </div> <div id="apDiv2"> <form action='loginck.php' method=post> <table border='0' align=center cellpadding='0' cellspacing='0'> <tr id='cat'> <tr> <td bgcolor='#f1f1f1' ><font face='verdana, arial, helvetica' size='2' align='center'> Login ID </font></td> <td bgcolor='#f1f1f1' align='center'><font face='verdana, arial, helvetica' size='2' > <input type ='text' class='bginput' name='userid' ></font></td></tr> <tr> <td bgcolor='#ffffff' ><font face='verdana, arial, helvetica' size='2' align='center'> Password </font></td> <td bgcolor='#ffffff' align='center'><font face='verdana, arial, helvetica' size='2' > <input type ='text' class='bginput' name='password' ></font></td></tr> <tr> <td bgcolor='#f1f1f1' colspan='2' align='center'><font face='verdana, arial, helvetica' size='2' align='center'> <input type='submit' value='Submit'> <input type='reset' value='Reset'> </font></td> </tr> <tr> <td bgcolor='#ffffff' ><font face='verdana, arial, helvetica' size='2' align='center'> <a href='signup.php'>New Member Sign UP</a></font></td> <td bgcolor='#ffffff' align='center'><font face='verdana, arial, helvetica' size='2' ><a href=forgot-password.php> Forgot Password</a> ?</font></td></tr> <tr> <td bgcolor='#f1f1f1' colspan='2' align='center'><font face='verdana, arial, helvetica' size='2' align='center'> </font></td> </tr> </table> </center> </form> </div> </div> </body> </html> Error: Successfully,Logged in Log OUT Click here if your browser is not redirecting automatically or you don't want to wait. "; print ""; } } else { session_unset(); echo "Wrong Login. Use your correct Userid and Password and Try "; } ?> Please help Thanks in advanced If you are a PHP expert, then I really your help. I have a question regarding PHP sessions and their security. So here is my story ... I created a login script (login.php) for my website. When a user goes to the login.php page, they see a login form that they must fill with their username and password to login to the members' area and view their profile, etc. On that login page, when the user enters their username and password and then clicks the "Login" button, my script filters the data, sends MySQL query and checks if the login is valid. If the login is NOT valid, then they get a "Login Failed" message. If the login is valid, I register their username and the password in sessions and redirect them to the members.php page. Here is some of my code for my login.php page after mysql confirms the login is valid <?php $query = mysql_query('SELECT * FROM `users` WHERE username='$user' AND password='$pass'"); $numRows = mysql_num_rows($query); if ( $numRows ) { // login is valid $_SESSION['username'] = $user; $_SESSION['pass'] = $pass; // redirect user to members area header('Location: /members.php'); } else { // login is invalid echo "Login failed"; } ?> My question is ... is this login script secured? I mean, I am not generating any session id or any cookie. I am just storing the username and the password in two session variables and those are the things that i will use to display the user's profile, etc. Can attackers attack this script? Is this secured or is there any other way I can make it stronger? hi i need help an idea how can i separate members from admins since i dont know how to create login form i used tutorial ( http://www.youtube.com/watch?v=4oSCuEtxRK8 ) (its session login form only that i made it work other tutorials wre too old or something) how what i want to do is separate members and admins because admin need more rights to do now i have idea but dont know will it work like that what i want to do is create additional row in table named it flag and create 0 (inactive user) 1 (member) 2 (admin) will that work? and how can i create different navigation bars for users and admins? do you recommend that i use different folders to create it or just script based on session and flag? Hi guys. What I want to create is really complicated. Well I have a login system that works with post on an external website. I have my own website, but they do not give me access to the database for security reasons, therefore I have to use their login system to verify my users. What their website does is that it has a post, with username and password. The POST website is lets say "https://www.example.com/login". If login is achieved (i.e. username and password are correct), it will redirect me to "https://www.example.com/login/success" else it will redirect me to "https://www.example.com/login/retry". So I want a PHP script that will do that post, and then according to the redirected website address it will return me TRUE for success, FALSE for not successful login. Any idea?? Thanks Hi guys, Can anyone assist me. I am trying to create a login for admin and user (if user not a member click register link) below is my code: But whenever I enter the value as: Username: admin Password:123 - I got an error message "That user does not exist!" Any suggestion and help would be appreciated. Thanks. login.php <?php //Assigned varibale $error_msg as empty //$error_msg = ""; session_start(); $error_msg = ""; if (isset($_POST['submit'])) { if ($a_username = "admin" && $a_password = "123") { //Define $_POST from form text feilds $username = $_POST['username']; $password = $_POST['password']; //Add some stripslashes $username = stripslashes($username); $password = stripslashes($password); //Check if usernmae and password is good, if it is it will start session if ($username == $a_username && $password == $a_password) { session_start(); $_SESSION['session_logged'] = 'true'; $_SESSION['session_username'] = $username; //Redirect to admin page header("Location: admin_area.php"); } } $username = (isset($_POST['username'])) ? $_POST['username'] : ''; $password = (isset($_POST['password'])) ? $_POST['password'] : ''; if($username && $password) { $connect = mysql_connect("localhost", "root", "") or die ("Couldn't connect!"); mysql_select_db("friendsdb") or die ("Couldn't find the DB"); $query = mysql_query ("SELECT * FROM `user` WHERE username = '$username'"); $numrows = mysql_num_rows($query); if ($numrows != 0){ while ($row = mysql_fetch_array($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } //Check to see if they are match! if ($username == $dbusername && md5($password) == $dbpassword) { header ("Location: user_area.php"); $_SESSION['username'] = $username; } else $error_msg = "Incorrect password!"; //code of login }else $error_msg = "That user does not exist!"; //echo $numrows; } else $error_msg = "Please enter a username and password!"; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Login Page</title> </head> <body> <br /> <?php require "header.php"; ?><br /> <div align="center"> <table width="200" border="1"> <?php // If $error_msg not equal to emtpy then display error message if($error_msg!="") echo "<div id=\"error_message\"style=\"color:red; \">$error_msg</div><br />";?> <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post"> <!--form action="login_a.php" method="post"--> Username: <input type="text" name="username" /><br /><br /> Password: <input type="password" name="password" /><br /><br /> <input type="submit" name = "submit" value="Log in" /> </form> <p> </p> Register a <a href="register.php">New User</a> </table> </div> </body> </html> Hello guys, Is there on web any updated tutorial on how can I add Facebook login on my simple php login script? How to add the ability to login with username or email for login?
<?php
ob_start();
include('../header.php');
include_once("../db_connect.php");
session_start();
if(isset($_SESSION['user_id'])!="") {
header("Location: ../dashboard");
}
if (isset($_POST['login'])) {
$email = mysqli_real_escape_string($conn, $_POST['email']);
$password = mysqli_real_escape_string($conn, $_POST['password']);
$result = mysqli_query($conn, "SELECT * FROM users WHERE email = '" . $email. "' and pass = '" . md5($password). "'");
if ($row = mysqli_fetch_array($result)) {
$_SESSION['user_id'] = $row['uid'];
$_SESSION['user_name'] = $row['user'];
$_SESSION['user_email'] = $row['email'];
header("Location: ../dashboard");
} else {
$error_message = "Incorrect Email or Password!!!";
}
}
?>
Hi all,
I am not sure why my header is not displaying the header image after using the CSS
I have a png file that repeats horizotally.
Please help
<!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>Wikigets The online store</title> <style type="text/css"> body { margin:0 px;} #pageTop { background: url(style/headerline1.png); height:110 px; } </style> </head> <body> <div id="pageTop"> </div> <div id="pageMiddle"></div> <div id="pageBottom"></div> </body> </html> headerline1.png 2.82KB 0 downloads headerline1.png 2.82KB 0 downloads Hello, I've never really used the update command before for mysql and I'm attempting to use it and struggling a little bit. I'm trying to use mysqli prepared statements.. here's the code that I have thus far: if($query = $database->connection->prepare("UPDATE videos SET comments=?, views=?, uploader=? WHERE title = ?")) { $query->bind_param('iiss', $comments, $views, $uploader, $title); $query->execute(); $result = $query->affected_rows; $query->close(); } For some reason I cannot get this working. I have created a modification page for the administrators to be able change any of the values and wanting to update the database to reflect the changes. When using the MySQL UPDATE command do all of the values have to get changed or modified, or am I able to pass back some of the same values? Like with the above code.. if I only wanted to update the views, would I still be able to just pass in the same values for comments and uploader and it would just replace the values? Code: [Select] <?php function checking_out() { $conn = db_connect(); $nickname=$_SESSION['valid_user']; $query="select sum(price) from preorders where name='".$nickname."'"; $result = $conn->query($query); if ($result) { echo '<h1>'.$result.'</h1>'; } } ?> This is not working, there is no result in the browser, any idea ? I get the unable to jump to row zero mysql error. Code: [Select] function is_admin($uid, $cid) { $uid = (int)$uid; $cid = (int)$cid; $sql = "SELECT `users`.`id` AS `uid`, `companies`.`companyid` AS `cid`, `companies`.`adminid` AS `aid` FROM `companies` LEFT JOIN `users` ON `users`.`id` = companies.adminid WHERE `users`.`id` = {$uid} AND `companies`.`companyid` = {$cid}"; $user = mysql_query($sql); return (mysql_result($user, 0) == '1') ? true : false; } Hi guys, I have come across a problem when working with session data, I have been storing data from a textarea in a session, but the problem is when I retrieve the data and display it back in a textarea or to mysql it saves the carriage returns and line breaks as \r\n not converting it to actual line breaks. e.g saving the following from a text area; Line 1 Line 2 Line 3 will actually show as: Line 1 \r\nLine 2 \r\nLine3 How do I get it to show properly as intended? I have tried str_replace('\r\n', '\n'); with double and single quotes any helpful suggestions would be much appreciated. Thanks.. Hello everyone, i'm new to php and i'm having hard time with sessions i'm trying to create a php file with a drop down menu and when you select an item from the drop down menu, you could retreve it from another page. for example: a1.php Code: [Select] <?php session_start(); if(isset($_POST['color'])) { $_SESSION['blue']='blue'; $_SESSION['red']='red'; $_SESSION['green']='green'; $_SESSION['orange']='orange'; } ?> <html> <body> <form id="shirt" method="post" action="a2.php"> <p> <select name="Size"> <option value="invalid">Select a size ...</option> <option value="blue">blue</option> <option value="red">red</option> <option value="green">green</option> <option value="orange">orange</option> </select> <br /> <input type="Submit" value="Add" name="Add" /> </p> </form> </body> </html> when the user chooses a color, it adds it to the session and then when the user clicks add, he is redirected to another page named a2.php which shows the color is added. if the user goes back to the original page and adds the same color again it shows that he added the item again: Color: ----------- Quantity: Red ----------- 2 a2.php Code: [Select] <?php session_start(); $item_id = $_GET[id]; $action = $_GET[action]; switch($action) { case "add": $_SESSION['color'][$item_id]++; break; case "remove": $_SESSION['color'][$item_id]--; if($_SESSION['color'][$item_id] == 0) unset($_SESSION['color'][$item_id]); break; case "empty": unset($_SESSION['color']); break; } ?> sorry if my question is not clear, any help is appreciated Thank You, I am new to SESSIONS and have a quick question about them. I want to use sesssions on my site but was wondering if they would work for the follow senario. Say a customer visits my url: http://www.mysite.com/?id=2 Now what i am doing is taking the id out of the URL using sessions and redirecting the user to http://www.mysite.com while my session ($_SESSION['id']) holds the value 2 in it. I have this working great, i believe it just looks better. Now if my customer decides to buy my product via paypal and is directed off my site while he/she is paying for said item on paypal when they return could i still use some of the information that i stored in my session?? I know i could use post and get to pass through paypal but unfortunately i have to use sessions for what i am trying to do. So I'm trying to understand Sessions and how to store a variable within a session. What I want to t do, is start a session, check if variable is set, if not, set the variable. So with the code below, I start the session, i check the variable, if not set, i set it. But when i refrsh the page, it has the same session id but it didn't store the session variable from the previous load. Please, what am I missing? Code: [Select] <?php session_start(); echo "Session ID: ".session_id()."<br>"; echo "<br>chktrack P ".$_session['chktrack'].""; if ($_session['chktrack'] != 1){ $_session['chktrack']=1; } echo "<br>chktrack Post: ".$_session['chktrack'].""; echo "<br><a href='index.php'>Index</a>"; ?> Thanks in advance for your help. hey i think i may have stored session variables incorrectly Code: [Select] $_SESSION['tel'] = $_GET['Lat']; $_SESSION['Lon'] = $_GET['Lon']; $_SESSION['Lat'] = $_GET['Lat']; is what i used to set the session variables with the data i then enter these into a table and they enter the correct information but two pages down the line i try to access them however i just get undefined variable when i set the variable is equal to the session. Code: [Select] $MyLon = $_SESSION['Lon']; $MyLat = $_SESSION['Lat']; the following is the errorr Quote Notice: Undefined index: Lat in |
|||||||