PHP - Strange $_session Data Problem

This problem happens in both IE9 and Chrome 13.0.782.112 m on Windows

If I close the browser down, my session data is gone on browser restart, if however I just close the tab leaving other tabs say with BBC news and restart my app in a new tab, both browsers remember the old session data.

Since the intended user could do this at any time before completing a transaction, I don't actually get a chance to destroy the session this only happens if they complete payment for their order via..
Code: [Select]
  session_destroy();
  $conn->commit();
  $conn->autocommit(TRUE);

In an attempt to clean up I tried various combinations at the top of the start page "index.php"..

Code: [Select]
  session_start();
//  $_SESSION = array();
  session_destroy($_SESSION['cart']);
  session_destroy($_SESSION['address']);
//  $_SESSION['cart'] = array();
//  $_SESSION['address'] = array();
//  session_destroy();

Can anyone please shed any light on this behaviour difference?

Jamie

The below should choose the radio button that is set by the $_SESSION variable or default to 3. However, it's defaulting to 1.

Code: [Select]
$content.='
<p class="form_item"><label>Product Rating:</label><br />
<div class="rating_radio"><input type="radio" name="review_product_rating" value="1"';
if(isset($review_product_rating) && $review_product_rating=="1"){$content.='checked';}
$content.=' /> <br />1</div>
<div class="rating_radio"><input type="radio" name="review_product_rating" value="2"';
if(isset($review_product_rating) && $review_product_rating=="2"){$content.='checked';}
$content.=' /> <br />2</div>
<div class="rating_radio"><input type="radio" name="review_product_rating" value="3"';
if(isset($review_product_rating) && $review_product_rating=="3" || !isset($review_product_rating)){$content.='checked';}
$content.=' /> <br />3</div>
<div class="rating_radio"><input type="radio" name="review_product_rating" value="4"';
if(isset($review_product_rating) && $review_product_rating=="4"){$content.='checked';}
$content.=' /> <br />4</div>
<div class="rating_radio"><input type="radio" name="review_product_rating" value="5"';
if(isset($review_product_rating) && $review_product_rating=="5"){$content.='checked';}
$content.=' /> <br />5</div>
<div class="worst">(Worst)</div><div class="best">(Best)</div>
</p>

I'm figuring it's because it's multiple if statement (with no elseif) so it's evaluating the first if and being set to true. I tried changing everything else after the first one to elseif, and it's throwing an unexpected T_ELSEIF error.

First let me explain my code.
It comprises of three php files.

inc_fn_header_and_menu.php,  contains the HTML and CSS header details and it initializes the session via session_start();

 

This  is later included in project_status.php] .

 

In project_status.php] , I have included another file project_status_app.php which contains a HTML form.

 project_status.php:

<?php
 include 'inc_fn_header_and_menu.php';
function includeFile($file,$variable) {
    $var = $variable;
    include($file);
}
if (isset($_GET['id']) && $_GET['id']!="") {
    $pid    = $_GET['id'];
    $_SESSION['pidForApproval'] = $_GET['id'];
    $query = 'SELECT * FROM `profile` WHERE pid ='.'\''.$pid.'\'';
    $result=mysqli_query($db,$queryToRetrievePP) or die("There are no records to display ... \n" . mysqli_error());
    foreach ($result as $row) {
        $status = $row['status'];
    }        
}
...........some PHP and HTML code.......
	<div id="customerPurchaseApprovalForm">
<?php  
  echo '<p>APPROVAL FOR CUSTOMER PURCHASE</p>';
  $discountApprovalStatus = "Granted";
  if ($discountApprovalStatus == "Granted") {  
 
  includeFile("project_status_app.php",$highestannualvalue);
  } else {
     //.........
  }

In project_status_app.php I am attempting to retrieve pidForApproval from the $_SESSION array.

<?php
        // put your code here  UPDATE `pp` SET `customer_purchase_remarks` = 'hahaha' WHERE `pp`.`id` = 207;
        
        if ($_SERVER['REQUEST_METHOD'] == 'POST') {
            include '../../inc/fastlogin.php';      
            $sql = "UPDATE pp SET customer_purchase_remarks ='{$_POST['remarkstxt']}' WHERE pp.pid='{$_SESSION['pidForApproval']}'"; 
            $result = mysqli_query ( $fastdb, $sql ) ;
            if (mysqli_affected_rows($fastdb) != 1) { 
               $_SESSION['err_cpa_rmks'] = "<p>Error while updating WHERE id='{$_SESSION['pidForApproval']}'</p>";
                //echo "<p>Error while updating WHERE id='{$_POST['pidForApproval']}'</p>".mysqli_error($fastdb);                 
            } else { 
                $_SESSION['suc_cpa_rmks'] = "<p>Records was updated successfully.</p>";
                //echo "Records was updated successfully."; 
            }
            header ("location: project_status.php?id="$_SESSION['pidForApproval']);
            exit();
        }    
        
        ?>

When I load  project_status.php,  project_status_app.php is supposed to display the form. Once the user fills in the form the and the submit button has been pressed, the UPDATE statement is supposed to run and then it is supposed to navigate back to project_status.php?id=FA142. But the update is failing and the when the project_status.php is loaded back, the url looks like this http://localhost/fast/project_status.php?id= . The id is empty. It is supposed to be something like this http://localhost/fast/project_status.php?id=FA142. With the id being populated at the 

header ("location: project_status.php?id=".$_SESSION['pidForApproval']);

I suspected that my $_SESSION['pidForApproval'] is not being populated in project_status.php but I echoed back $_SESSION['pidForApproval'] in that file itself and I can see it is being populated. Hence, I suspect that the $_SESSION['pidForApproval'] is not being passed to project_status_app.php. I have already attempted to include session_start(); clause in project_status_app.php but that gives an error, stating that the session has already started, in inc_fn_header_and_menu.php. Can someone help me as to why the $_SESSION['pidForApproval'] is not being passed on to the project_status_app.php file. Thank you.

Edited August 9, 2020 by Robinson
Missing some information.

Hiya, I'm quite new to php.
My script was working fine till I transferred to a new host. The login system doesn't seem to register the $_SESSION 'userid' variable, so the proper page won't load because it thinks I'm not logged in.
login.php - processes the login information
Code: [Select]
<?php
session_start();
include('functions.php');
connect();
// note: session_start needs to be on every document apart 
// from index.php, login.php and register.php

$username = protect($_POST['username']);
$password = protect($_POST['password']);
// the password and username from the inputs are stored in variables

if ($username&&$password) {
// if both the username and password variables are true
$query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrow = mysql_num_rows($query); 

if ($numrow!=0) {
// if $numrow does not equal nothing
while ($row = mysql_fetch_assoc($query)) {
$userid = $row['userid'];
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
if ($username==$dbusername&&md5($password)==$dbpassword) {
// $password gets encrypted so it can be checked on the database password
$_SESSION['username'] = $username;
$_SESSION['userid'] = $userid;
// used for sessions knowing who is logged in
header("Location:main.php");
// redirects to main.php page after successful login
} else {
echo "Incorrect password";
}
} else {

?>
<html>
<head>
<title>University Crusade</title>
<link rel="stylesheet" href="css/style.css" type="text/css" media="screen">
<meta name="viewport" content="width=device-width, minimum-scale=1,maximum-scale=1, user-scalable=no">
</head>
<body>
<div id="wrapper">
<?php
die ("

That account doesn't exist...<br /><a href=\"index.php\">try again,</a>
&nbsp;<a href=\"register.php\">or register an account.</a>
");
}
} else {
die("Please enter a username and password");
}
?>
</div>
<div id="footer">

</div>
</body>
</html>

and the main.php - after login.php it takes the user here
Code: [Select]
<?php 
session_start();
include('functions.php');
connect();
?>
<html>
<head>
<title>University Crusade</title>
<link rel="stylesheet" href="css/new.css" type="text/css" media="screen">
<meta name="viewport" content="width=device-width, minimum-scale=1,maximum-scale=1, user-scalable=no">
</head>
<body>
<?php
if (isset($_SESSION['userid'])) {
include('safe.php');
?>
<ul id="tab-nav">
<li><a href="stats.php" id="tab-character">CHARACTER</a></li>
<li><a href="games.php" id="tab-games">GAMES</a></li>
<li><a href="account.php" id="tab-account">ACCOUNT</a></li>
</ul>
<div id="wrapper">
<h2 id="name">Hello,&nbsp;<?php echo $_SESSION['username'] ?>!</h2>
<p>
Welcome to UNIVERSITY CRUSADE the fantasy-themed pervasive web game!
</p>
<p>
To start playing, begin with clicking the "games" button at the top of
the screen, from there choose a challenge and follow the instructions
</p>
<p>
What are the other buttons for? Well, the "account" button (top-right)
is where you can change settings for your account - things like changing
your password, deleting your account etc. The "character" button (top-left)
when clicked takes you to your character, you can change your display picture,
view your statistics and battle other players.
</p>
<p>
More help with the game is available in the "account" section, this includes
a detailed game manual describing in-detail game concepts and information.
</p>
</div>
<div id="footer">
<a href="logout.php" class="button">log me out</a>
</div>
<?php
} else {
die ("
<div id=\"wrapper\">
<p>Opps! You don't seem to be logged in...</p>
<a class=\"button\" href=\"index.php\">login now</a><br />
<p>Don't have an account? No worries, just <a href=\"register.php\">register for one.</a></p>
</div>
");
}
?>
</body>
</html>
I appreciate any help, as I'm left scratching my head.

Hi all,

I'm in trouble with a strange problem. At the system login a script sets a $_SESSION['status'], this keeps user status for admin (a), user (u), and so on...

In another part of the system I need to post a value also called 'status':

Code: [Select]
<input value="N" type="hidden" name="status"/>
and this 'status' value has nothing to do with 'status' session. The problem is that when I post the value 'N' it overwrite the session value, crashing the system then.

The most strange is that on the localhost the problem does not happen, it only occurs on the server.

Any clue?

Thankx 
Danilo Jr.

Hi,
I'm kinda new to php, so I followed a video tutorial on making a login/registration system and nearly everything works, except for when a registered user follows a link to the members.php page, the $_SESSION variable is supposed to check if they are logged-in and say "Welcome, [name of user]!. But it keeps saying I need to be logged in, even though I am.

The php code from the members.php page.
Code: [Select]
if ($_SESSION['username']) {
     echo "Welcome," .$_SESSION['username']. "!";
} else {
     die ("You must be logged in.");
}


This is the php code form the login page.
Code: [Select]
session_start();
$username = $_POST['username'];
$password = $_POST['password'];

if ($username&&$password) {
$connect = mysql_connect("localhost","root","password") or die ("Unable to connect");
mysql_select_db("database") or die ("Unable to find database");

$query = mysql_query("SELECT * FROM users WHERE username='$username'");
$numrow = mysql_num_rows($query);

if ($numrow!=0) { //
while ($row = mysql_fetch_assoc($query)) {
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
if ($username==$dbusername&&md5($password)==$dbpassword)
echo "You're in! - <a href=\"members.php\">Go to members page</a>";
$_SESSION['username'] == $dbusername;
} else {
echo "Incorrect password";
}
} else {
die ("That user doesn't exist");
}
} else {
die("Please enter a username and password");
}
Any help would be much appreciated. 

So like When somones enter my site it shows them as a guest, but then if they havn't clicked anywere for about 5minutes and then refresh or if somone else refresh it will delete from the active users list because it's been over 5 minutes, but then if that same person refreshes again my script wont catch them as a GUEST AGAIN!! It just shows no one online, none of my if's catch him and put him in the ibf_session table!


Code: [Select]
//check for cookies
//If no username, Is a Guest, Has COOKIE_ID and cookie USER_NAME and COOKIe PASSWORD
if(!isset($_SESSION['user_name']) && !isset($_SESSION['is_guest']) &&
 isset($_COOKIE['user_id']) && isset($_COOKIE['user_name']) && isset($_COOKIE['password'])){
$user_cond = "user_name='{$_COOKIE['user_name']}'";

$sql = "SELECT `id`,`user_name`,`approved` FROM users WHERE
           $user_cond
AND `pwd` = '{$_COOKIE['password']}' AND `banned` = '0'
";
$result = mysql_query($sql) or die (mysql_error());
$num = mysql_num_rows($result);
  // Match row found with more than 1 results  - the user is authenticated.
    if ( $num > 0 ) {
list($id,$full_name,$approved) = mysql_fetch_row($result);
if(!$approved) {
echo "YOU FREAKING HACKER";
exit();
}
$_SESSION['user_id']= $id; 
$_SESSION['user_name'] = $full_name;
$lol = session_id();
//$minute5 = 30 ? (time() - 30) : (time() - 3600);
           // mysql_query("DELETE FROM ibf_sessions WHERE running_time < {$minute5}");
mysql_query("INSERT INTO ibf_sessions (id, member_name, member_id, ip_address, running_time, location, member_group) ".
                       "VALUES ('".$lol."', '{$_SESSION['user_name']}', '{$_SESSION['user_id']}', '{$_SERVER['REMOTE_ADDR']}', '".time()."', ".
                       "'Index', '1')") or die(mysql_error());
unset($_SESSION['is_guest']);
   }
}
$lol = session_id();
//Thanks
if (!$id) { //Create Guest Session ~
if (!isset($_SESSION['user_id']) && @(!$_SESSION['is_guest']) && !isset($_COOKIE['password'])) {
//$minute5 = 39 ? (time() - 30) : (time() - 3600);
//echo $minute5;
           // mysql_query("DELETE FROM ibf_sessions WHERE running_time < {$minute5}");

mysql_query("INSERT INTO ibf_sessions (id, member_name, member_id, ip_address, running_time, location, member_group) ".
                       "VALUES ('".$lol."', 'Guest', '0', '{$_SERVER['REMOTE_ADDR']}', '".time()."', ".
                       "'Index', '0')") or die(mysql_error());
    $_SESSION['is_guest'] = 'yes';
}
}
if (isset($_SESSION['user_id']) && !isset($_SESSION['is_guest'])) {
 mysql_query("UPDATE ibf_sessions SET member_name='{$_SESSION['user_name']}',member_id='{$_SESSION['user_id']}',member_group='1', running_time='".time()."', in_forum='".$f."', in_topic='".$topicid."', location='".$act."' WHERE id='".$lol."'") or die(mysql_error());
  }
else {
mysql_query("UPDATE ibf_sessions SET member_name='Guest',member_id='0',member_group='0', running_time='".time()."', in_forum='".$f."', in_topic='".$topicid."', location='".$act."' WHERE id='".$lol."'") or die(mysql_error());

 
 }

Thanks, it might be confusing but re read

I am trying to create a history of requested URI's (upto 3) for two purposes Login page and Error Logging. My problem is the Session is written and the values are set yet i can not retrieve the values in it upon a refresh. The use of an Array is to manage the quantity of max values (not written in yet).

    <?php

    session_start();

    //printing $_SESSION['REQUEST_URI'] here will result in nothing when it should contain something.

    $REQUEST_URI = time().','.$_SERVER['REQUEST_URI'];

    if(is_array($_SESSION['REQUEST_URI'])){array_push($_SESSION['REQUEST_URI'],array($REQUEST_URI));}

    else{$_SESSION['REQUEST_URI'] = array($REQUEST_URI);Print('never set? ');}//if dosent exist create the array

    if(isset($_SESSION['REQUEST_URI'])){print_r($_SESSION['REQUEST_URI']);}

    ?>

Session contains

    REQUEST_URI|a:1:{i:0;s:19:"1422925783,/~Debug/";}

After a refresh i expect

    REQUEST_URI|a:2:{i:0;s:19:"1422925783,/~Debug/";i:1;s:28:"1422925784,/~Debug/index.php";}

Yet it only contains
 

    REQUEST_URI|a:1:{i:0;s:28:"1422925784,/~Debug/index.php";}

Hi there
I have been working on a login PHP script and had it working until I made so change late at

night and forgot to back it up.
The script uses PHP and Javascript as well as a Mysql database.
The problem I am having is with the session closing unexpectedly when I go to enter the

profile (or any other button placed after the login). It is rather hard to explain so here

is the code

[syntax=php]<?php //login php script   
include_once 'rnfunctions.php';
$theaction='index14.php';
function destroySession()
{
$_SESSION=array();
if ((session_id() != '') || isset($_COOKIE[session_name()])){
setcookie(session_name(),'', time()-2592000,'/');
session_destroy();
}
}
function startsessions($user,$pass,$theaction)
{
session_start();
session_name($user);
$_SESSION['user'] = $user;
$_SESSION['pass'] = $pass;
$theuser =($_SESSION['user']);
echo "You are now logged in as $theuser";
}

function loggedin($theaction)
{
echo <<<_END
<table>
<tr>
<td>
<form name="myform" method='post' action='$theaction'>
<input type='hidden' name='logout'value='logout' />
<a href="#" onMouseDown="submitform(0);">logout</a> |
</form>
</td>
<td>
<form name="myform2" method='post' action='$theaction'>
<input type='hidden' name='profile'value='profile' />
<a href="#" onMouseDown="submitform(2);">profile</a> |
</form>
</td>
<td>
<form name="myform3" method='post' action='$theaction'>
<input type='hidden' name='unregister'value='unregister' />
<a href="#" onMouseDown="submitform(3);">unregister</a>
</form>
</td>
</tr>
</table>
_END;
}
function loginform($theaction)
{
echo <<<_END
<table border="0">
<tr>
<form name="myform" method='post' action='$theaction'>
<td>Username->    </td><td> <input type='text' STYLE="color: #FFFFFF; font-family: Verdana;

font-size: 12px; background-color: #1BCE11;" id ='password' id='username' size='12'

maxlength='16' name='user'
value='user' /></td>
</tr>
<tr>
<td>Password->    </td><td> <input type='text' STYLE="color: #FFFFFF; font-family: Verdana;

font-size: 12px; background-color: #1BCE11;" id ='password' size='12' maxlength='16'

name='pass'
value='pass' /></td>
</tr>
<tr>

<td colspan="2"><a href="#" onMouseDown="submitform(0);">login</a></td>
</form>
</tr><tr><td colspan="2">
<form name="myform2" method='post' action='$theaction'>
<input type='hidden' name='register'value='register' />
<a href="#" onMouseDown="submitform(2);">register</a>
</form></td></tr>
<tr><td colspan="2">
<form name="myform3" method='post' action='$theaction'>
<input type='hidden' name='reset'value='reset' />
<a href="#" onMouseDown="submitform(3);">reset password</a></td>
</tr>
</table>
_END;
}
function regform($theaction)
{
echo <<<_END
<table border="0">
<tr>
<form name="myform" method='post' action='$theaction'>
<td>Username->    </td><td> <input type='text'STYLE="color: #FFFFFF; font-family: Verdana; 

font-size: 12px; background-color: #1BCE11;" size='12' maxlength='16' name='username'
value='username' onBlur='checkUser(this)'/></td>
</tr>
<tr>
<td>Password->    </td><td> <input type='password' STYLE="color: #FFFFFF; font-family:

Verdana;  font-size: 12px; background-color: #1BCE11;" size='12' maxlength='16'

name='password'
value='password' onBlur='checkpass(this)'/></td>
</tr>
<tr>
<td>Email->    </td><td> <input type='text' STYLE="color: #FFFFFF; font-family: Verdana;

font-size: 12px; background-color: #1BCE11;"size='12' maxlength='30' name='email'
value='email' onBlur='checkEmail(this)'/></td>
</tr>
<tr>
<td colspan="2"><a href="#" onMouseDown="submitform(0);">register</a>
</form></td></tr><tr>
<td colspan="2">
<form name="myform2" method='post' action='$theaction'>
<input type='hidden' name='login'value='login' />
<a href="#" onMouseDown="submitform(2);">login</a>
</form>
</td>
</tr>
</table>
<span id='logtext'></span>
_END;
}
function retlogin($theaction)
{
echo <<<_END
<form name="myform" method='post' action='$theaction'>
<input type='hidden' name='login'value='login' />
<a href="#" onMouseDown="submitform(0);">back to login</a>
</form>
_END;
}
function resetform($theaction)
{
echo <<<_END
<table border="0">
<tr>
<form name="myform" method='post' action='$theaction'>
<td>Enter New Password->    </td><td> <input type='password' STYLE="color: #FFFFFF;

font-family: Verdana; font-size: 12px; background-color: #1BCE11;"size='12' maxlength='16'

name='password1'
value='password1' onBlur='checkpass(this)'/></td>
</tr>
<tr>
<td>Email->    </td><td> <input type='text' STYLE="color: #FFFFFF; font-family: Verdana;

font-size: 12px; background-color: #1BCE11;" id ='password' size='12' maxlength='30'

name='email'
value='email'onBlur='checkreset(this)'/></td>
</tr>
<tr>
<td colspan="2"><a href="#" onMouseDown="submitform(0);">reset password</a>
</form></td></tr><tr>
<td colspan="2">
<form name="myform2" method='post' action='$theaction'>
<input type='hidden' name='login'value='login' />
<a href="#" onMouseDown="submitform(2);">back to login</a>
</form>
</td>
</tr>
</table>
<span id='logtext'></span>
_END;
}

if (isset($_POST['login']))
{
loginform($theaction);
}
elseif (isset($_POST['logout']))
{
echo "you have logged out";
destroySession();
loginform($theaction);
}
//recieve reset password call
elseif (isset($_POST['reset']))
{
resetform($theaction);
}
//recieve reset password info
elseif (isset($_POST['password1']))
{
$theemail =   $_POST['email'];
$newpass =   $_POST['password1'];
//salt hash password for replacement
$newpass = encriptpass($newpass);
$query = "SELECT * FROM users WHERE email='$theemail'";
if (mysql_num_rows(queryMysql($query)) == 0)
{
echo "Email invalid please register<br />";
regform($theaction);
}
else
{
      $message = validate_password($newpass);
      if ($message =="")
      {
      $regaddress =

"http://www.imandanband.com.resetpass.php?newpass=".$newpass."&email=".$theemail;
          $to = $theemail;
          $subject = "Reset password at Imandan";
          $body = "Hi there,\n\nYou have requested to reset your password to

$newpass.\n\nPlease click the following link to validate your new password\n\n$regaddress or

ignore this message if it has been sent in error";
          if (mail($to, $subject, $body)) {
               echo("Message successfully sent! Go to your email to

validate your new password");
         retlogin($theaction);
           } else {
           echo("Message delivery failed...You must enter a valid email

address");
         }
      }

        }
}
elseif (isset($_POST['user']))
{
$user = sanitizeString($_POST['user']);
$pass = sanitizeString($_POST['pass']);
$pass = encriptpass($pass);
if ($user == "" || $pass == "")
{
$error = "Not all fields were entered<br />";
}
else
{
$query = "SELECT user, pass FROM users WHERE user='$user' AND pass ='$pass'";

if (mysql_num_rows(queryMysql($query)) == 0)
{
   echo "Username/Password invalid<br />";
   loginform($theaction);
}
else
{
startsessions($user,$pass,$theaction);
showprofile();

}
}
Hi there
I have been working on a login PHP script and had it working until I made so change late at

night and forgot to back it up.
The script uses PHP and Javascript as well as a Mysql database.
The problem I am having is with the session closing unexpectedly when I go to enter the

profile (or any other button placed after the login). It is rather hard to explain so here

is the PHP code
<?php //login php script
include_once 'rnfunctions.php';
$theaction='index14.php';
function destroySession()
{
$_SESSION=array();
if ((session_id() != '') || isset($_COOKIE[session_name()])){
setcookie(session_name(),'', time()-2592000,'/');
[color=#FFBF40]session_destroy();[/color]
}
}
function startsessions($user,$pass,$theaction)
{
session_start();
session_name($user);
$_SESSION['user'] = $user;
$_SESSION['pass'] = $pass;
$theuser =($_SESSION['user']);
echo "You are now logged in as $theuser";
}

function loggedin($theaction)
{
echo <<<_END
<table>
<tr>
<td>
<form name="myform" method='post' action='$theaction'>
<input type='hidden' name='logout'value='logout' />
<a href="#" onMouseDown="submitform(0);">logout</a> |
</form>
</td>
<td>
////////////////////here is the problem point////////////////////////////////////
<form name="myform2" method='post' action='$theaction'>
<input type='hidden' name='profile'value='profile' />
<a href="#" onMouseDown="submitform(2);">profile</a> |
</form>
///////////////////////////////////////////////////////////////////////////////////
</td>
<td>
<form name="myform3" method='post' action='$theaction'>
<input type='hidden' name='unregister'value='unregister' />
<a href="#" onMouseDown="submitform(3);">unregister</a>
</form>
</td>
</tr>
</table>
_END;
}
function loginform($theaction)
{
echo <<<_END
<table border="0">
<tr>
<form name="myform" method='post' action='$theaction'>
<td>Username->    </td><td> <input type='text' STYLE="color: #FFFFFF; font-family: Verdana; 

font-size: 12px; background-color: #1BCE11;" id ='password' id='username' size='12' 

maxlength='16' name='user'
value='user' /></td>
</tr>
<tr>
<td>Password->    </td><td> <input type='text' STYLE="color: #FFFFFF; font-family: Verdana; 

font-size: 12px; background-color: #1BCE11;" id ='password' size='12' maxlength='16' 

name='pass'
value='pass' /></td>
</tr>
<tr>

<td colspan="2"><a href="#" onMouseDown="submitform(0);">login</a></td>
</form>
</tr><tr><td colspan="2">
<form name="myform2" method='post' action='$theaction'>
<input type='hidden' name='register'value='register' />
<a href="#" onMouseDown="submitform(2);">register</a>
</form></td></tr>
<tr><td colspan="2">
<form name="myform3" method='post' action='$theaction'>
<input type='hidden' name='reset'value='reset' />
<a href="#" onMouseDown="submitform(3);">reset password</a></td>
</tr>
</table>
_END;
}
function regform($theaction)
{
echo <<<_END
<table border="0">
<tr>
<form name="myform" method='post' action='$theaction'>
<td>Username->    </td><td> <input type='text'STYLE="color: #FFFFFF; font-family: Verdana;  

font-size: 12px; background-color: #1BCE11;" size='12' maxlength='16' name='username'
value='username' onBlur='checkUser(this)'/></td>
</tr>
<tr>
<td>Password->    </td><td> <input type='password' STYLE="color: #FFFFFF; font-family: 

Verdana;  font-size: 12px; background-color: #1BCE11;" size='12' maxlength='16' 

name='password'
value='password' onBlur='checkpass(this)'/></td>
</tr>
<tr>
<td>Email->    </td><td> <input type='text' STYLE="color: #FFFFFF; font-family: Verdana; 

font-size: 12px; background-color: #1BCE11;"size='12' maxlength='30' name='email'
value='email' onBlur='checkEmail(this)'/></td>
</tr>
<tr>
<td colspan="2"><a href="#" onMouseDown="submitform(0);">register</a>
</form></td></tr><tr>
<td colspan="2">
<form name="myform2" method='post' action='$theaction'>
<input type='hidden' name='login'value='login' />
<a href="#" onMouseDown="submitform(2);">login</a>
</form>
</td>
</tr>
</table>
<span id='logtext'></span>
_END;
}
function retlogin($theaction)
{
echo <<<_END
<form name="myform" method='post' action='$theaction'>
<input type='hidden' name='login'value='login' />
<a href="#" onMouseDown="submitform(0);">back to login</a>
</form>
_END;
}
function resetform($theaction)
{
echo <<<_END
<table border="0">
<tr>
<form name="myform" method='post' action='$theaction'>
<td>Enter New Password->    </td><td> <input type='password' STYLE="color: #FFFFFF; 

font-family: Verdana; font-size: 12px; background-color: #1BCE11;"size='12' maxlength='16' 

name='password1'
value='password1' onBlur='checkpass(this)'/></td>
</tr>
<tr>
<td>Email->    </td><td> <input type='text' STYLE="color: #FFFFFF; font-family: Verdana; 

font-size: 12px; background-color: #1BCE11;" id ='password' size='12' maxlength='30' 

name='email'
value='email'onBlur='checkreset(this)'/></td>
</tr>
<tr>
<td colspan="2"><a href="#" onMouseDown="submitform(0);">reset password</a>
</form></td></tr><tr>
<td colspan="2">
<form name="myform2" method='post' action='$theaction'>
<input type='hidden' name='login'value='login' />
<a href="#" onMouseDown="submitform(2);">back to login</a>
</form>
</td>
</tr>
</table>
<span id='logtext'></span>
_END;
}

if (isset($_POST['login']))
{
loginform($theaction);
}
elseif (isset($_POST['logout']))
{
echo "you have logged out";
[color=#FFBF40]destroySession();[/color]
loginform($theaction);
}
//recieve reset password call
elseif (isset($_POST['reset']))
{
resetform($theaction);
}
//recieve reset password info
elseif (isset($_POST['password1']))
{
$theemail = $_POST['email'];
$newpass = $_POST['password1'];
//salt hash password for replacement
$newpass = encriptpass($newpass);
$query = "SELECT * FROM users WHERE email='$theemail'";
if (mysql_num_rows(queryMysql($query)) == 0)
{
echo "Email invalid please register<br />";
regform($theaction);
}
else
{
$message = validate_password($newpass);
if ($message =="")
{
$regaddress = 

"http://www.imandanband.com.resetpass.php?newpass=".$newpass."&email=".$theemail; 
  $to = $theemail;
  $subject = "Reset password at Imandan";
  $body = "Hi there,\n\nYou have requested to reset your password to 

$newpass.\n\nPlease click the following link to validate your new password\n\n$regaddress or 

ignore this message if it has been sent in error";
  if (mail($to, $subject, $body)) {
    echo("Message successfully sent! Go to your email to 

validate your new password");
retlogin($theaction);
   } else {
   echo("Message delivery failed...You must enter a valid email 

address");
}
}

        }
}
elseif (isset($_POST['user']))
{
$user = sanitizeString($_POST['user']);
$pass = sanitizeString($_POST['pass']);
$pass = encriptpass($pass);
if ($user == "" || $pass == "")
{
$error = "Not all fields were entered<br />";
}
else
{
$query = "SELECT user, pass FROM users WHERE user='$user' AND pass ='$pass'";

if (mysql_num_rows(queryMysql($query)) == 0)
{
echo "Username/Password invalid<br />";
loginform($theaction);
}
else
{
startsessions($user,$pass,$theaction);
showprofile();

}
}
}
else{
loginform($theaction);
}
The code that is marked is where I have the problem. It calls a javascript function to submit the form.
The javascript function is as follows
Code: [Select]
function submitform(num)
{
if (num == 2)
{
document.myform2.submit();
return 1;
}
if (num == 3)
{
document.myform3.submit();
return 1;
}
if (num == 4)
{
document.myform4.submit();
return 1;
}
if (num == 5)
{
document.myform5.submit();
return 1;
}
if (num == 6)
{
document.myform6.submit();
return 1;
}
else
{
document.myform.submit();
return 1;
}
}I can log in though when I go to enter the profile the $_SESSION['user'] is gone and I am logged out. I just can't seem to track down the problem and it is frustrating the heck out of me.
If anyone has any ideas PLEASE help!

    

Hi,

I am using a $_SESSION for my shopping cart but cannot figure out how to total my quantity.

The format I am using is:  $_SESSION['cart']['itemid']['qty']

I realise that i could write a for loop to start at item id 0 and end at 1000 each time totalling the qty field but there must be a better, more efficient way,

Does anybody have any advice?

Mark

For some reason the line commented // executes unexectedly does exactly that

Any ideas why?
if ($_POST['user'] == null){
$errors[] = 'An Interviewer ID is Required';
}elseif ($_POST['task'] != 'receipting' || $_POST['task'] != 'dataentry'){
$errors[] = 'Invalid Task'; // EXECUTES UNEXPECTEDLY
}
if (!empty($errors)){
print_LoginForm($errors);
}

Code: [Select]
echo "</b><select name='task'>\n";
echo "<option value='receipting'>Receipting</option>\n";
echo "<option value='dataentry'>Data Entry</option>\n";
echo "</select>\n";

Hello everyone, I am working on a form that is similar to a shopping cart system and I am thinking of creating a button that submits the checked value and saves them to a $_SESSION variable. And also a link that links to a cart.html that takes the values of a $_SESSION variable. I am have trouble figuring what tag/attribute should I use in order to achieve that.   Right now my code attached below submits the checked values to cart.html directly. However I want my submit button to save the checked box to a $_SESSION variable and STAY on the same page. And then I will implement a <a> to link to the cart.php.   I researched a little bit about this subject and I know it's somewhat related to ajax/jquery. I just wanted to know more about it from you guys. I appreciate your attention for reading the post and Thanks!   Below is the form that I currently have:

<form name= "finalForm" method="POST" action="cart.php">
<input type="Submit" name="finalSelected"/>

<?php foreach($FinalName as $key => $item) {?>
<tr>
<td><input type="checkbox" name="fSelected[]" value="<?php echo htmlspecialchars($FinalID[$key])?>" />
<?php echo "$FinalID[$key] & $item";?>
</td>
</tr>
<?php } ;?>

Below is the code for cart.php

<?php
require ('connect_db.php');
if(isset($_POST['finalSelected']))
{
	if(!empty($_POST['fSelected']))
	{
		$chosen = $_POST['fSelected'];
		foreach ($chosen as $item)
			echo "aID selected: $item </br>";
		$delimit = implode(", ", $chosen);
		print_r($delimit);
	}

}
if(isset($delimit))
{
$cartSQL = "SELECT * from article where aID in ($delimit)";
$cartQuery = mysqli_query($dbc, $cartSQL) or die (mysqli_error($dbc));
while($row = mysqli_fetch_array($cartQuery, MYSQLI_BOTH))
{
	$aTitle[] = $row[ 'name' ];
}
}
?>

<table>
	
		<?php if(isset($delimit)) { 
		$c=0; foreach($aTitle as $item) {?>
		<tr>
		<td>
			<?php echo $aTitle[$c]; $c++;?>
		</td>
		</tr>
		<?php }}?>
</table>

Quote

Hi guys,
            I have a question, I have a fairly large site wich we have resellers for, but in certain circumstances for admin purposes, we need to be able to login under the same credentials EG:
I might be doing something on one machine and i need to log in on another machine to do something else but with my user name and pass

At the moment when i try to to this It will log out the session already logged in when i try to log in from the other machine

Is there away around this,, i suspect that when i log in from the other machine its ending the first session
Any Idears Guys and Gals..... really stuck

I'm trying to have a running total of the number of views an image gets. My test file works perfectly every time. The actual file, image_win.php, does not and after much testing can't see what's wrong. This files STRANGENESS: the first two views count fine, with 1 added the total in the field image_visit. But every time after that 2 is added to the total in image_visit. Very bizarre.

Thanks for taking a look -Allen
Code: [Select]
<?php
////////TEST IMAGE_WIN //////////THIS WORKS
include_once "scripts/connect_to_mysql.php";
include_once "scripts/paths.php";
$art_id = 372;
$QUERY="SELECT user_id FROM artWork WHERE art_id = '$art_id'";
$res = mysql_query($QUERY);
$num = mysql_num_rows($res);
if($num >0){

while($row = mysql_fetch_array($res)){ 
     $owner_id = $row['user_id'];
    }
}
mysql_query("UPDATE userInfo SET image_visit = image_visit +1  WHERE user_id = '$owner_id'"); 
?>

<?php 
//////// image_win.php  /////////THIS DOES NOT WORK
$user_id=$_SESSION['user_id'];
include_once "scripts/connect_to_mysql.php";
include_once "scripts/paths.php";
$image_link = $_GET['image_link'];
$art_id = $_GET['art_id'];
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="viewport" content="width=device-width, height=device-height, target-densityDpi=device-dpi">
<title>Image Window</title>
</head>
<body bgcolor="#000000" leftmargin="0">
<div  align="center" >
<img src="slir/w640-h535/<?php echo $path.$image_link.$postCat; ?>" />
<?php
$QUERY="SELECT user_id FROM artWork WHERE art_id = '$art_id'";
$res = mysql_query($QUERY);
$num = mysql_num_rows($res);
if($num >0){
while($row = mysql_fetch_array($res)){ 
     $owner_id = $row['user_id'];
    }
}
mysql_query("UPDATE userInfo SET image_visit = (image_visit +1)  WHERE user_id = '$owner_id' ");

?>

MOD EDIT: code tags added.

Ok, not sure what the problem is....hard to explain.   I am trying to setup a login script but I get the normal: Warning: session_start() [function.session-start]: Cannot send session cache limiter error code.  I have no white space above to cause problem.  I have used this same code written by Jpmaster77 on a number of sites.  What the strange thing is it also messed up a couple of my css text boxes.   

See the difference: 
http://www.monstersgonewild.ca/index.php - Problem
http://www.monstersgonewild.ca/index1.php - Without session()

I would post the code of the original page but it is 600+lines and growing.

Anybody have any ideas?