|
PHP - Session Variables Get Lost
Hello all, I just wrote a php website to communicate with a database and it has a login based on the users email and password, they login on the first page and then the php checks for every page they visit if they indeed logged in before and not just found out what php file to open to get where they want to be. For this I used session variables to store both e-mail and password. The login info gets posted from the 1st(login) site to the 2nd site where it is checked for the first time, after that the login info isn't posted to the next page anymore, but just checked, this works for the 3rd page but when the user hits for the 4th page the variables are lost(I can't echo them either). However if I'd go from the 2nd page directly to the 4th page the page will load, however the 5th will then get my security-msg. So offcourse, I am wondering how this might have happened and how to fix this problem, here's some of the code I wrote:
This is the check for the logininfo: <?php include('SessionStart.php'); include('logindata.php'); $db = mysql_connect($host, $user, $pw); if (!$db) { echo "<br />Helaas, u heeft geen verbinding met de database."; exit(); } else { mysql_select_db("teammanagementtool", $db); $sql24 = "SELECT * FROM leidinggevenden"; $allesarray = mysql_query($sql24); $i = 0; while ($mails = mysql_fetch_array($allesarray)) { $mailtjes[$i] = $mails['lg_mailadres']; $i = $i+1; } echo "...".$_SESSION['sessie']['email']."...".$_SESSION['sessie']['password']."...".$session_name."..."; if (in_array($_SESSION['sessie']['email'],$mailtjes)) { $sql25 = "SELECT lg_wachtwoord FROM leidinggevenden WHERE lg_mailadres = '".$_SESSION['sessie']['email']."'"; $pass = mysql_query($sql25); $pasje = mysql_fetch_array($pass); if ($_SESSION['sessie']['password'] != $pasje['lg_wachtwoord']) { echo "<script>alert('U bent hier op incorrecte manier terecht gekomen!');</script>"; echo "<meta http-equiv='refresh' content='0;URL=index.php' />"; exit(); } else if ($_SESSION['sessie']['password'] = "" || $_SESSION['sessie']['email'] = ""){ echo "<script>alert('U bent hier op incorrecte manier terecht gekomen!');</script>"; echo "<meta http-equiv='refresh' content='0;URL=index.php' />"; exit(); } else { } } else { echo "<script>alert('U bent hier op incorrecte manier terechtgekomen!');</script>"; echo "<meta http-equiv='refresh' content='0;URL=index.php' />"; exit(); } ?> And this is the code in my SessionStart.php: <?php $session_name = 'sessie'; $session_exp_time = 10000 ; $previous_name = session_name($session_name); ini_set('session.gc_maxlifetime', $session_exp_time); ini_set('session.gc_probability', '1'); ini_set('session.gc_divisor', '1000'); ini_set('session.name', $session_name); ini_set('session.cookie_domain', ''); ini_set('session.cookie_lifetime', 0 ); session_set_cookie_params($session_exp_time, '/', ''); session_start(); if (isset($_COOKIE[$session_name])) setcookie($session_name, $_COOKIE[$session_name], 2147483647 , ''); ?> the includes are at the start of all of my pages, I only do a session_unset() at my index.php(the login page). and my 2nd page gets: $_SESSION['sessie']['email'] = $_POST['email']; $_SESSION['sessie']['password'] = $_POST['password']; from the login. I could really use some help here, thanks in advance. Similar TutorialsHi, I have a feeling that this is going to be an easy miss but I've been over is a good few times and cannot see what it could be. Essentially, when I post the form in the first set of code (I've got rid of a load of unecessary html) the SESSION variables are not loaded into the second piece of code. Any ideas? Code: [Select] <?php session_start(); require ("connect.php"); $timeout = 1800; $logout_redirect_url = "login.php"; if (isset($_SESSION['start_time'])) { $elapsed_time = time() - $_SESSION['start_time']; if ($elapsed_time >= $timeout) { session_destroy(); header("Location: $logout_redirect_url"); } } $_SESSION['start_time'] = time(); ?> <div id="leftlink"> <a href="logout.php">Logout</a> </div> <table align="center" width="600px" cellpadding="0" cellspacing="0"> <tr> <td> <h2 align="center"><a href="index.php"><img src="images/logo.jpg" border="0" /></a> <br /> Emergency</h2> <hr /> </td> </tr> </table> </head> <body> <form action="post_reset.php" method="post" name"passre"> <table width="500" border="0" align="center" cellpadding="2" cellspacing="1"> <tr> <td width="230"><div align="right">E-mail Address : </div></td> <td width="40"> </td> <td width="230"><div align="left"> <input name="email" readonly="readonly" value="<?php echo ($_SESSION['email']) ; ?>" /></div></td> </tr> <tr> <td colspan="3"><div align="center"><input type="submit" name="submit" value="Submit" /></div></td> </tr> </table> </form> </body> </html> Code: [Select] <?php session_start; echo ($_SESSION['start_time']); require ("connect.php"); if (isset($_POST['submit'])){ $email = $_POST['email']; $getde = "SELECT * FROM users WHERE email = '$email'"; $getder = mysql_query($getde, $conn); $getdere = mysql_fetch_array($getder) Thanks Gareth Well i have a session['rmanr'] a have set after a submit containing the date and unique id.
I have to be able to do multiple submits on that same form but if they submit multiple times the same rmanr have to be used...
I tried the following:
$date = date("Y-m-d");
$datestrip = str_replace("-", "", $date);
$lastdetid = $dbh->lastInsertId();
if(!isset($_SESSION['rmamr'])){
$rmanr = $datestrip;
$rmanr .= $lastdetid;
$_SESSION['rmanr'] = $rmanr;
} else {
$rmanr = $_SESSION['rmanr'];
}
$uprmastmt = $dbh->prepare("UPDATE rma SET r_nr = '$rmanr' WHERE r_id = ?");
$uprmastmt->bindParam(1, $lastid);
$uprmastmt->execute();
But i keep getting a new rmanr every time i submit... Could it be that my form submit reset my SESSION?
hello everyone....i need your help i face session lost problem so many times and every times i just find out other logic to implement the code in different ways. but i don't get a perfect solution.Please help me to resolve this............why it was happened..... i searched google for it.........this is the common problem but i dont get any proper solution.............. recently i write a code to fetch tweets from twitter..but when returning back from .i lost my session value......... supp this is my page page.php when user click on button........i just check the form submitted like this session_start(); $_SESSION['id']=$id; //supp $id=10 if($_POST['submit']) { header("Location:tweet.php "); } i already included session_start() at the top of every page. in tweet.php i just generate a token and send user to twitter for authorization. in tweet.php i checked session started i check it with Print_r($_SESSION); in this page i used session like this session_start(); if($_SESSION['id']) { header("Location:$url") //$url will be authoritarian url generated by twitter oauth.. }else { header("Location:index.php") } after returning from twitter some times session variable are not lost.but sometimes i lost my session.this really irritates me....if logic is wrong then every time session destroyed............... i check my php.ini file configuration.. session_save.path=/tmp; //by default register global are off................. any help is appreciated................ My form Code: [Select] <form action="process.php" method="post"> <font face= "calibri" size= "4"> <table border= "1"> <tr style= "background: #cccccc"> <td><b>Item Description:</b></td> <td><input type= "text" name= "itemDescription" size= "30" value=""/></td> </tr> <tr style= "background: #99ff00"> <td><b>Item Price:</b></td> <td><input type= "text" name= "itemPrice" size= "5" value=""/></td> </tr> </tr style= "background: #A8E5FF"> <td><b>Winning Bidders:</b></td> <td><input type="text" name= "winningBidder" size= "5" /> </td> </tr> <tr> <td><b>How many deals?:</b></td> <td><input type="text" name= "itemQty" size= "3" value= "1" /></td> </tr> </table> <br/> <input type="reset" value="Reset Form"><input type="submit" name="submit" value= "Save & Cont." " /> </form></font> My process script: Code: [Select] <?php error_reporting(E_ALL); ini_set("display_errors", 1); $host= ""; $db_name= ""; $db_user= ""; $db_password= ""; $logUser= $_POST['logUser']; $deleteBidder = $_POST['deleteBidder']; $newBidder= $_POST['newBidder']; $itemDescription= $_POST['itemDescription']; $itemPrice= $_POST['itemPrice']; $winningBidder= $_POST['winningBidder']; $itemQty= $_POST['itemQty']; ob_start(); if ($_POST['newBidder']) { $bidderId= $newBidder; mysql_connect("$host", "$db_user", "$db_password")or die("cannot connect to server"); mysql_select_db("$db_name")or die("cannot select DB"); $sql="SELECT * FROM bidders WHERE biddersId='$bidderId'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==0){ // Add $biddersId and redirect to anypage mysql_Query("INSERT INTO bidders (biddersId) VALUES ('$bidderId')"); header("Location: index.php"); exit(); } } if ($_POST['deleteBidder']) { mysql_connect("$host", "$db_user", "$db_password")or die("cannot connect to server"); mysql_select_db("$db_name")or die("cannot select DB"); mysql_query("DELETE FROM bidders WHERE biddersId='$deleteBidder'"); header("Location: index.php"); exit(); } if ($_POST['itemDescription'] AND $_POST['itemPrice'] AND $_POST['winningBidder'] AND $_POST['itemQty']) { mysql_connect("$host", "$db_user", "$db_password")or die("cannot connect to server"); mysql_select_db("$db_name")or die("cannot select DB"); $sql="SELECT * FROM transactions WHERE biddersId='$winningBidder'"; $result=mysql_query($sql); $count=mysql_num_rows($result); // If result matched, table row must be 1 row if($count==0){ echo "That Bidder Number is NOT logged in, "; echo "would you like to set this bidder as active?"; echo " Enter 1 for NO or 2 for YES"; echo "<form action= \"process.php\" method= \"POST\">"; echo "<input type =\"text\" name= \"logUser\"/>"; echo "<input type= \"submit\" value = \"Submit\"/>"; $logUser= $_POST['logUser']; exit(); } if ($logUser= 1) { header("Location: inprogress.php"); exit(); } else if ($logUser= 2){ // Add $biddersId and redirect to anypage mysql_connect("$host", "$db_user", "$db_password")or die("cannot connect to server"); mysql_select_db("$db_name")or die("cannot select DB"); mysql_Query("INSERT INTO bidders (biddersId) VALUES ('$winningBidder')"); mysql_query("INSERT INTO transactions (itemDescription, itemPrice, bidderId, itemQty , totalPrice) VALUES('$itemDescription', '$itemPrice','$winningBidder', '$itemQty', '$totalPrice')") or die(mysql_error()); $_SESSION['itemDescription']='$itemDescription'; header("Location: index.php"); exit(); } } echo "<font color= \"red\" face=\"calibri\" size=\"4\">That bidder is already logged, Please press your browsers back button and try again.</font>"; ob_end_flush(); ?> DeleteBidder and newBidder are the only variables working? Some code from my pages ,
Page1 ( Redirecting page )
<html> <title>login_redirect.</title> body> <form name="redirect" action="http://mysite/page2.php" method="post"> <input type="hidden" name="mac" value="$(mac)"> </form> <script language="JavaScript"> <!-- document.redirect.submit(); //--> </script> </body> </html>Page 2 ( select product )
<?php
session_start();
ini_set('display_errors',1);
error_reporting(E_ALL);
include '../lib/config.php';
include '../lib/opendb.php';
// get user mac adres from redirect post page1
$_SESSION['macid'] = $_POST['mac'];
// set $macid for other use ( maybe not needed, am learning )
$macid = $_SESSION['macid'];
// echo $macid does show mac adress, so variable is not empty here
if (!empty($_POST["submit"]))
{
$product_choice = $_POST['accounttype'];
$query= "SELECT AccountIndex, AccountCost, AccountName FROM AccountTypes WHERE AccountIndex='$product_choice'";
$result = mysql_query($query) or die('Query failed. ' . mysql_error());
while($row = mysql_fetch_array($result))
{
$_SESSION['AccountIndex'] = $row['AccountIndex'];
$_SESSION['AccountCost'] = $row['AccountCost'];
$_SESSION['AccountName'] = $row['AccountName'];
}
header('Location: page3.php');
}
// did leave out the other/html/form stuff here
Page 3 ( show Session variables )
<?php
ini_set('display_errors',1);
error_reporting(E_ALL);
session_start();
print_r($_SESSION);
?>
Now, on page 3 i do see the right session varables, only the "macid" is empty.
why ?
they recently reset my website so my php.ini file has been adjusted. One of my sites is no longer passing a session variable to the next page. I am sure its one of the settings being reset. here is the data from my phpinfo file. Anything that looks off to anyone? session Session Support enabled Registered save handlers files user sqlite Registered serializer handlers php php_binary wddx Directive Local Value Master Value session.auto_start Off Off session.bug_compat_42 On On session.bug_compat_warn On On session.cache_expire 180 180 session.cache_limiter nocache nocache session.cookie_domain no value no value session.cookie_httponly Off Off session.cookie_lifetime 0 0 session.cookie_path / / session.cookie_secure Off Off session.entropy_file no value no value session.entropy_length 0 0 session.gc_divisor 100 100 session.gc_maxlifetime 1440 1440 session.gc_probability 1 1 session.hash_bits_per_character 4 4 session.hash_function 0 0 session.name PHPSESSID PHPSESSID session.referer_check no value no value session.save_handler files files session.save_path /home/users/web/b535/ipw.plevtech/public_html/cgi-bin/tmp /home/users/web/b535/ipw.plevtech/public_html/cgi-bin/tmp session.serialize_handler php php session.use_cookies On On session.use_only_cookies Off Off session.use_trans_sid 0 0 Say I have a dropdown menu consisting of user specific options. I need to be able to set a session variable depending on the option chosen & then re-access it on the following page. Can someone give me a crash course on how to utilize session variables? Hi Can some steer me in the right direction. I am having issues subtotaling 2 session variables: <td>'.$_SESSION['itemqty'][$key].'*'.$_SESSION['itemprice'][$key].'</td> Can you advise if I am doing this right? Cheers Hi. I'm brand new to this forum, so sorry if I do something wrong... I'm someone who has thought myself to code in php to add dynamic objects to my basic static websites. I have had no formal education. This is not my first project however. I'm having problems with session variables working fine up to a point when I call a new file and then all my session variables are lost. I have tried everything, but cannot keep them alive when I get into this or any other new file. I display a form, get user data submitted, then display a next form and after the user submits this next form all the session variables are lost. Anyone have any idea what is killing my session variables? Thanks in advance. ...anyone know anything about Internet Explorer not printing values from session variables. It works on Firefox but not on Internet Explorer. The session variable value works find on the web page but click on Print preview and it dissapears and will not print. Hello everyone, I'm sitting here in a position where I can't work on my site or test any code, but my mind is racing about what I can do to solve a particular problem that I have. I won't get into the problem because it would take more time to type than I have right now, but I have an idea for a simple solution, just not sure if it will work or not. So, here's my question: Is it possible to have multiple session variables during a session? Such as: $email=$_SESSION['email']; $user=$_SESSION['userid']; If this is possible, my problem is solved (I think)... otherwise, I have to keep thinking about it. Thanks for any help! Hello everyone and thanks in advance for the help. I am working on a permission system for a site I am creating that will be used to restrict access to various areas of the site. I have a table with all the permission that is linked to a group that the user is a member of. I then use a query to get a list of the permission ids the user is part of and put those into the session array. I used a basic login script I found online I planned on modifying to add my own features and to make more secure. Originally it had just a member id and member name variable in the session array saved in the login script which are both working fine after login. I am using a dynamic variable to set one session variable for each permission with the id being the changing part in the variable name. The problem I found is that the new variables are not being set. When i removed the redirect from my login script so I could check the problem I found that the temp variable, which is also set before it saves to the session array, is blank as well. If I hit refresh on my browser the new variables become set and all is well. I was talking to nvee in irc chat who said I need to make a function on the page I am redirected to that checks if the variable exists. I looked through the original code of the login script I am using and found that this seems to be how they did it as well so I added an if statement to my index page to check if the variable has a value with and without using if isset. In both cases the new variable is still not getting set. He also gave me some pointers to help make my login checks more secure but the main thing IM concerned with right now is to make my new permission variables accessible to the session. My login script is available in my pastebin. Question about variable variables and using session variables for them. O.K. So if I have: $foo = 3; $_SESSION['bar'] = "foo"; $$_SESSION['bar'] should equal the value of $foo, however I can't get it to work. Can someone tell me what I am doing wrong..... is it formatting??? Thanks, Thomas Hello! I'm a bit of a novice on PHP variables still and perhaps I'm trying to run before I can walk. I have an SQL database that I am able to successfully write to without any problems. I have also created a session variable for the user id number that I am able to retrieve on a later page. My problem is that I have hit a wall when it comes to retrieving the data from the database based upon the session variable user id. Here is my code and error: $_SESSION['ID_ASSIGNED']=$_POST[KSU_ID]; //this line takes the form data and successfully assigns it to the session variable on an earlier page echo $_SESSION['ID_ASSIGNED']; //that line works normally. Here's my problem code (the line starting with $result ). The line works fine if I input: $result = mysql_query("SELECT * FROM $usertable WHERE KSU_ID='some id number'");: <?php $result = mysql_query("SELECT * FROM $usertable WHERE KSU_ID=$_SESSION['ID_ASSIGNED']"); $row = mysql_fetch_array($result); echo "<br />Participant Number:"; echo $row['ID']; echo "<br />Name: "; echo $row['lname']; echo ", "; echo $row['fname']; echo "<br />Student Number:"; echo $row['KSU_ID']; echo "<br />Age: "; echo $row['age']; echo "<br />Gender: "; echo $row['gender']; echo "<br />Grade: "; echo $row['grade']; mysql_close($con); ?> I am finally making the upgrade from PHP 5.3 to PHP 7.3. When converting over the code I noticed that session some sessions are not being processed. My test code for this is below:
session_start();
include ("../includes/connect.inc");
echo "hiiiiiiii: ".$currentDate;
echo "He ".$_SESSION['user'];
if (isset($_SESSION['user']))
{
$user = $_SESSION['user'];
$currentDate = date("Y/m/d");
}
else
{
echo "Session not started: ";
}
My include is listed below:
$link = mysqli_connect('localhost', 'root', '');
if (!$link) {
die('Could not connect: ' . mysql_error("Connection error message"));
}
mysqli_select_db($link, 'dbname') or die (mysqli_error($link));
date_default_timezone_set('America/Chicago');
define ("TZ_CORRECTION", 43200);
$bkcolor = "#FFFFFF";
$currentDate = (Date("Y-m-d"));
I am not getting the message "Session not started or the current date from the include". If it matters I am using WAMP as my testing server Any help is greatly appreciated. I have created a test account in my database with a user level of -1 and i think my code might be wrong but i am hoping someone can spot where i have gone wrong as i cannot, also a similar problem with another session variable loggedIn this is what i get when i login this is on the index page.
Notice: Undefined index: loggedIn in C:\xampp\htdocs\Login\index.php on line 11 Notice: Undefined index: loggedIn in C:\xampp\htdocs\Login\index.php on line 17 You must be logged in to view this page!Index page source code:
<?php
session_start();
error_reporting(E_ALL | E_NOTICE);
ini_set('display_errors', '1');
require 'connect.php';
if($_SESSION['loggedIn'] == 1) {
//Do Nothing
exit();
} else if($_SESSION['loggedIn'] != 1) {
echo "You must be logged in to view this page!";
exit();
}
if($_SESSION['user_level'] == -1) {
header("Location: banned.php");
} if(isset($_SESSION['username'])) {
echo "<div id='welcome'> Welcome, ". $_SESSION['username'] ." <br> </div> ";
}
?>
Also if you need my login source code:
<?php
error_reporting(E_ALL | E_NOTICE);
require 'connect.php';
session_start();
if (isset($_POST['submit'])) {
$username = trim($_POST['username']);
$password = trim($_POST['password']);
if (empty($username)) {
echo "You did not enter a username, Redirecting...";
echo "<meta http-equiv='refresh' content='2' URL='login.php'>";
exit();
}
if (empty($password)) {
echo "You did not enter a password, Redirecting...";
echo "<meta http-equiv='refresh' content='2' URL='login.php'>";
exit();
}
//Prevent hackers from using SQL Injection to hack into Database
$username = mysqli_real_escape_string($con, $_POST['username']);
$password = mysqli_real_escape_string($con, $_POST['password']);
$result = $con->query("SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'");
$row = $result->fetch_array();
$user_level = $row['user_level'];
// check to make sure query did execute. If it did not then trigger error use mysqli::error to see why it failed
if($result->num_rows > 0)
{
//Set default user
$_SESSION['loggedIn'] == 1;
$_SESSION['user_level'] == 1;
$_SESSION['username'] == trim($_POST['username']);
header("Location: index.php");
exit();
} else if($row['user_level'] == 1) {
$_SESSION['user_level'] == 1;
//Location admin
header("Location: admin.php");
exit();
} else if($row['user_level'] == -1) {
$_SESSION['user_level'] == -1;
$_SESSION['username'] == trim($_POST['username']);
//Location banned
header("Location: banned.php");
exit();
} else if($_SESSION['loggedIn'] == true) {
//Location default user home page
header("index.php");
} else {
echo "Invalid Username/Password";
}
//Kill unwanted session
} if(isset($_POST['killsession'])) {
session_destroy();
echo "<br> <br> The Session Destroyed. (Basically means you have been logged out)";
exit();
}
?>
I appreciate all help
About to pull my hair out. Looks simple, I think it's simple, but something is not behaving. I have a simple login page (loginpage.php) which checks a database for the FamilyID and Password, if it is a match, then it redirects them to userspage.php. I eventually want to use the FamilyID as a filter for my database so I only show the stuff relative to that FamilyID. Using CS5 and the built in functions, and it looks to me that the session variable 'MM_Username' should contain the FamilyID which is "adminid" in my database. It appears to work since it sends me to my userspage.php when I enter a valid FamilyID and Password, but it will not show me my session variable on the that page!!! PLEASE PLEASE HELP...Slap me in the face if it's a stupid question, but I have spent WAY too much time trying to figure what is wrong. I have included my code: CODE FOR LOGINPAGE.PHP <?php require_once('Connections/MyTest.php'); ?> <?php if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { if (PHP_VERSION < 6) { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; } $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? doubleval($theValue) : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } ?> <?php // *** Validate request to login to this site. if (!isset($_SESSION)) { session_start(); } $loginFormAction = $_SERVER['PHP_SELF']; if (isset($_GET['accesscheck'])) { $_SESSION['PrevUrl'] = $_GET['accesscheck']; } if (isset($_POST['familyid'])) { $loginUsername=$_POST['familyid']; $password=$_POST['password']; $MM_fldUserAuthorization = ""; $MM_redirectLoginSuccess = "userspage.php"; $MM_redirectLoginFailed = "loginpage.php"; $MM_redirecttoReferrer = false; mysql_select_db($database_MyTest, $MyTest); $LoginRS__query=sprintf("SELECT adminid, password FROM `admin` WHERE adminid=%s AND password=%s", GetSQLValueString($loginUsername, "int"), GetSQLValueString($password, "text")); $LoginRS = mysql_query($LoginRS__query, $MyTest) or die(mysql_error()); $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $loginStrGroup = ""; if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();} //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; if (isset($_SESSION['PrevUrl']) && false) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } header("Location: " . $MM_redirectLoginSuccess ); } else { header("Location: ". $MM_redirectLoginFailed ); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> </head> <body> <form id="form1" name="form1" method="POST" action="<?php echo $loginFormAction; ?>"> <p> <label for="familyid">FamilyID:</label> <input type="text" name="familyid" id="familyid" /> </p> <p> <label for="password">Password:</label> <input type="text" name="password" id="password" /> </p> <p> <input type="submit" name="Submit" id="Submit" value="Submit" /> </p> </form> </body> </html> CODE FOR USERSPAGE.PHP <?php if (!isset($_SESSION)) { session_start(); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> </head> <body> <strong>YOU MADE IT! </strong> <?php echo $_SESSION['MM_Username']; ?> </body> </html> THANKS IN ADVANCED!!! Hi, I am facing problems in destroying the session variables in my logout file .I have used session_id() in my php files for ex $sid = session_id().Now when I click on logout I naviagte to my index file but the session variable $sid still remain.I have chkd it.I have kept session_start() function in a file and I am including that file in every php by require_once function.The file is palced in Includes folder..is it causing the problem?? please help me out Also can I use session_start() more than once in a single php file? My logout file is : <?php session_start(); session_destroy(); header("location:index.php"); exit(); ?> Hi All! I've written up a script for my website. It\ is basically a virtual job quest. My queries are all correct it just isn't registering the variable for the session. It is $-SESSION[theid']. I want to be bale to use it in my table but I get an error. How do I write this in my SQL query for it to work. The page (when no errors), doesn't show my data. Here is my ocde: Code: [Select] <?php session_start(); include("config536.php"); ?> <html> <head> <link rel="stylesheet" type="text/css" href="style.css" /> </head> <?php if(!isset($_SESSION['username'])) { echo "<ubar><a href=login.php>Login</a> or <a href=register.php>Register</a></ubar><content><center><font size=6>Error!</font><br><br>You are not Logged In! Please <a href=login.php>Login</a> or <a href=register.php>Register</a> to Continue!</center></content><content><center><font size=6>Messages</font><br><br></center></content>"; } if(isset($_SESSION['username'])) { echo "<nav>$shownavbar</nav><ubar><img src=/images/layout/player.gif><a href=status.php>$showusername</a>.......................<img src=/images/layout/coin.gif> $scredits</ubar><content><center><font size=6>Basic Quests</font><br><br>"; $startjob = $_POST['submit']; $jobq = "SELECT * FROM jobs WHERE username='$showusername'"; $job = mysql_query($jobq); $jobnr = mysql_num_rows($job); if($jobnr == "0") { ?> <form action="<?php echo "$PHP_SELF"; ?>" method="POST"> <input type="submit" name="submit" value="Start Job"></form> <?php } if(isset($startjob)) { $initemidq = "SELECT * FROM items ORDER BY RAND() LIMIT 1"; $initemid = mysql_query($initemidq); while($ir = mysql_fetch_array($initemid)) { $ids = $ir['itemid']; } mysql_query("INSERT INTO jobs (username, item, time, completed) VALUES ('$showusername', '$ids', 'None', 'No')"); $wegq = "SELECT * FROM items WHERE itemid='$ids'"; $weg = mysql_query($wegq); while($wg = mysql_fetch_array($weg)) { $im = $wg['image']; $nm = $wg['name']; $id = $wg['itemid']; } $_SESSION['theid'] = $id; echo "<font color=green>Success! You have started this Job!</font><br><br>Please bring me this item: <b>$nm</b><br><br><img src=/images/items/$im><br><br><br>"; echo $_SESSION['theid']; } if($jobnr == "1") { $finish = $_POST['finish']; $okgq = "SELECT * FROM items WHERE itemid='$yes'"; $ok = mysql_query($okgq); while($ya = mysql_fetch_array($ok)) { $okname = $ya['name']; $okid = $ya['itemid']; $okimage = $ya['image']; } echo "Where is my <b>$okname</b>?<br><br><img src=/images/items/$okimage><br><br><br>"; echo $_SESSION['theid']; ?> <form action="<?php echo "$PHP_SELF"; ?>" method="POST"> <input type="submit" name="finish" value="I have the Item"></form> <?php } } if(isset($finish)) { $cinq = "SELECT * FROM uitems WHERE theitemid='$_SESSION[theid]'"; $cin = mysql_query($cinq); $connr = mysql_num_rows($cin); if($connr != "0") { echo "<font color=green>Success! You have the item.</font>"; } else { echo "<font color=red>Error! You do not have my item!</font>"; } } ?> . I basically just want to know how I can set this session as a variable. Also..I have a user login on every page and I want to be able to destroy JUST THE "theid" session and NOT the username session. How would I do that too? thanks for the help in advance! Having some problems with PHP session i currently use cookies to log users in, but i have decided to use php session instead but i can get it to work, it simply dose not pass the variables unless include session id in every single link on my website, can anyone tell me where i am going wrong these are the session setting from php.in session.use_cookies = 1 session.use_only_cookies = 0 session.name = usersesid session.auto_start = 1 session.cookie_lifetime = 0 session.referer_check = 1 session.cache_expire = 180 session.use_trans_sid = 1 |
|||||||