|
PHP - Sessions Help Needed
hello.
i have 2 issues. 1. im trying to create a session or a global for the pageName but im going in circles. on each page i have the page name. for example: Code: [Select] $pageName="adminHome"; each page has its own variables in the db which say how the page is layed out etc.. so the template index looks for the pageName and then pulls the correct layout from to db.. i need the template (and other pages) to get the $pageName="" everytime the page changes. please help. this code might help. this is a basic page: Code: [Select] <?PHP require_once("../includes/initialize.php"); $pName = "adminHome"; $page = Pages::find_by_pageName($pName); echo $page->id."<br />"; this is my layouts/header.php where $session = new Session(); is located and its also looking for the pageName but i cant seem to get it to see it Code: [Select] <?PHP require_once("../includes/initialize.php"); $session = new Session(); NEEDS TO FIND PAGE NAME HERE if($pageName == "adminHome"){ if (!$session->is_logged_in()) { $user=""; }else{ $user = User::find_by_id($_SESSION["user_id"]); redirect_to("home.php");} }else{ if (!$session->is_logged_in()) { $session->message("Access denied."); redirect_to("pages/admin_login.php"); }else{ $user = User::find_by_id($_SESSION["user_id"]); } } ?> --------------------------------------------------------------------- PROBLEM 2. problem 1 and 2 could be solved by the same thing really. on the page i have the pageName. i then get the various bits from the db like the template_id, the layout_id etc... which are needed on other pages . do i session each variable or put each in to a global or is there some other way. for example: Code: [Select] $pName = "adminHome"; $page = Pages::find_by_pageName($pName); echo $page->id."<br />"; echo $page->pageName."<br />"; echo $page->layoutTemps_id.'<br/>'; //ETC now i want to put these into there own sessions or globals (or something else) to pass to other pages ANY THOUGHTS... i have a session class. but im not using it for this. maybe i could use it but im not sure how. Code: [Select] <?PHP class Session { private $logged_in=false; public $user_id; public $message; function __construct(){ // session_start(); $this->check_login(); $this->check_message(); }//end function __construct() session start /* if($this->logged_in) { // do something } else { // do something } //end if */ public function is_logged_in() { return $this->logged_in; }//end function is_logged_in() public function login($user) { //database should find user based on username/password if($user) { $this->user_id = $_SESSION['user_id'] = $user->id; $this->logged_in = true; }//end if }//function login($user) public function logout() { unset($_SESSION['user_id']); unset($this->user_id); $this->logged_in = false; }//end function logout() // you have to set the message // this can set and get a message public function message($msg="") { if(!empty($msg)) { //then this is "set message" // make sure you understand why $this->message=$msg wouldn't work // we have to store it in the session $_SESSION['message'] = $msg; } else { // then this is "get message" return $this->message; } // end if } // end function message($msg="") private function check_login() { if(isset($_SESSION['user_id'])) { $this->user_id = $_SESSION['user_id']; $this->logged_in = true; }else{ unset($this->user_id); $this->logged_in = false; }//end if }//end function check_login() private function check_message() { //is there a message stored in the session? if(isset($_SESSION['message'])) { // Add it as an attribute and erase the stored version $this->message = $_SESSION['message']; unset($_SESSION['message']); }else{ $this->message = ""; }//end if }//end check_message() }//end class session $session = new Session(); //create a session $message = $session->message(); ?> THANKS rick Similar TutorialsI've been thinking that I needed to build a database to store sessions in. However, seeing a post in another topic got to pondering if I really need it now. My site is very small and as of now the login script makes the normal sessions variables, member id, display name, etc., and I've also thrown in http_user_agent. If sessions are destroyed by logging out or by closing the browser is a session database really needed? How much does site size matter? Say on a very small site (10-15 people a day, no money changing hands, just logging in and posting) or medium small site (50-100 people a day, no money ...) ? Thanks If you are a PHP expert, then I really your help. I have a question regarding PHP sessions and their security. So here is my story ... I created a login script (login.php) for my website. When a user goes to the login.php page, they see a login form that they must fill with their username and password to login to the members' area and view their profile, etc. On that login page, when the user enters their username and password and then clicks the "Login" button, my script filters the data, sends MySQL query and checks if the login is valid. If the login is NOT valid, then they get a "Login Failed" message. If the login is valid, I register their username and the password in sessions and redirect them to the members.php page. Here is some of my code for my login.php page after mysql confirms the login is valid <?php $query = mysql_query('SELECT * FROM `users` WHERE username='$user' AND password='$pass'"); $numRows = mysql_num_rows($query); if ( $numRows ) { // login is valid $_SESSION['username'] = $user; $_SESSION['pass'] = $pass; // redirect user to members area header('Location: /members.php'); } else { // login is invalid echo "Login failed"; } ?> My question is ... is this login script secured? I mean, I am not generating any session id or any cookie. I am just storing the username and the password in two session variables and those are the things that i will use to display the user's profile, etc. Can attackers attack this script? Is this secured or is there any other way I can make it stronger? I am new to SESSIONS and have a quick question about them. I want to use sesssions on my site but was wondering if they would work for the follow senario. Say a customer visits my url: http://www.mysite.com/?id=2 Now what i am doing is taking the id out of the URL using sessions and redirecting the user to http://www.mysite.com while my session ($_SESSION['id']) holds the value 2 in it. I have this working great, i believe it just looks better. Now if my customer decides to buy my product via paypal and is directed off my site while he/she is paying for said item on paypal when they return could i still use some of the information that i stored in my session?? I know i could use post and get to pass through paypal but unfortunately i have to use sessions for what i am trying to do. Hello, I would like to make a session which saves the input. To make this easier to understand i will explain my whole problem. I will have that image uploader: HTML: <input type="file" /......> <input type="submit".....> and some php behind it to upload the image. When the file will be uploaded, there will be the text if you want to continue to next page (other php file) to edit uploaded file. Now what i am asking you is: If the user clicks yes, i want the session to save name of uploaded image without extension and save it as variable, so i can use it on that another page and print it out. Thank you Hello, Is there a problem in destroying a session and then starting it in the same file, for example: session_name(); session_start(); session_destroy(); And lastly, if I create a variable $_SESSION['user'] under a session called 'one' i.e. session_name("one") and then create another variable $_SESSION['user'] under a session called 'two' i.e. session_name("two"). Are these two variables the same? hey i think i may have stored session variables incorrectly Code: [Select] $_SESSION['tel'] = $_GET['Lat']; $_SESSION['Lon'] = $_GET['Lon']; $_SESSION['Lat'] = $_GET['Lat']; is what i used to set the session variables with the data i then enter these into a table and they enter the correct information but two pages down the line i try to access them however i just get undefined variable when i set the variable is equal to the session. Code: [Select] $MyLon = $_SESSION['Lon']; $MyLat = $_SESSION['Lat']; the following is the errorr Quote Notice: Undefined index: Lat in I have an "Email a Friend" form that captures the referring url and saves it in a session. The problem is that if someone decides not to send the form and navigates away from the page, and then decides to email another page, it saves the previous url. How can I have it so that it clears the previous url and uses the new one? Code: [Select] if(!isset($_SESSION['referrer'])){ //get the referrer if ($_SERVER['HTTP_REFERER']){ $referrer = $_SERVER['HTTP_REFERER']; } else{ $referrer = "http://www.mcse-training-classes.com"; } //save it in a session $_SESSION['referrer'] = $referrer; } When using sessions, must there be a session_start() in each page for the browser to be considered part of the session? Can a user browse to a page without session_start() and still have that part of the original session that he/she began with?? hey on my page a list of people get listed by a category u choose if u choose a category and click ok, u are sent to the same page, and i get the category with POST if(isset ($_POST['type'])) { $gameholder = $_POST['game']; $typeholder = $_POST['type']; } this works ... the list of people is 30 members / page when u click on page 2, the post doesnt work anymore, and i get errors, logic ... now i want to get around this with making a session emediatly when the vars get out of POST if(isset ($_POST['type'])) { $gameholder = $_POST['game']; $typeholder = $_POST['type']; $_session['gameholder'] = $gameholder; $_session['typeholder'] = $typeholder; print $_session['gameholder']; } this also works now i want when people click on page 2, the needed vars will come out of the Sessions, and not out of POST so i did this if(!isset ($_POST['type'])) { $gameholder = $_session['gameholder']; $typeholder = $_session['typeholder']; } but this is not working theres nothing in $gameholder also when i move the print session out of the if, it should show when someone clicks page 2 but its not ... any suggestions on this? thanks! How do you set a time limit on a session? Hi guys, I have come across a problem when working with session data, I have been storing data from a textarea in a session, but the problem is when I retrieve the data and display it back in a textarea or to mysql it saves the carriage returns and line breaks as \r\n not converting it to actual line breaks. e.g saving the following from a text area; Line 1 Line 2 Line 3 will actually show as: Line 1 \r\nLine 2 \r\nLine3 How do I get it to show properly as intended? I have tried str_replace('\r\n', '\n'); with double and single quotes any helpful suggestions would be much appreciated. Thanks.. I there. I am making a small game, either you or the computer win depending on who's life hit 0 first I am using sessions to hold the health values, however I need a little bit of help. How do I make it actually go down after each move until one hits 0? Here is my script and thanks in advance... Code: [Select] <?php session_start(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Fighting Game</title> </head> <body> <form action="fighting_game.php" method="post"> <select name='move_choice' id='move_choice'> <option value='punch'>Punch</option> <option value='kick'>Kick</option> </select> <input type='submit' name='submitbtn' value='Continue' id='submitbtn'> </form> <div id='matchdiv'> <?php $_SESSION['ai_health'] = 100; $_SESSION['player_health'] = 100; $moves_ai = array("Computer punches you in the face!","Computer kicks you in the gut!"); $moves_player = array("You punch Computer in the face!","You kick computer in the gut!"); $move_damage = array(2,10); $move_dam_multiplier_player = array(rand(1,5),rand(5,10)); $move_dam_multiplier_ai = array(rand(1,5),rand(5,10)); if($_POST['submitbtn']){ $choice = $_POST['move_choice']; } if($choice == "punch"){ $total_dam_ai=($move_damage[0]*$move_dam_multiplier_ai[0]); $total_dam_player=($move_damage[0]*$move_dam_multiplier_player[0]); echo"$moves_player[1]"." Causing ".$total_dam_player." damage!<br>"; echo"Computers current health is ". ($_SESSION['ai_health']-$move_damage[0]*$move_dam_multiplier_player[0]); echo"<br>$moves_ai[1]"." Causing ".$total_dam_ai." damage!<br>"; echo"Your current health is ". ($_SESSION['player_health']-$move_damage[0]*$move_dam_multiplier_ai[0]); } elseif($choice == "kick"){ $total_dam_ai=($move_damage[1]*$move_dam_multiplier_ai[1]); $total_dam_player=($move_damage[1]*$move_dam_multiplier_player[1]); echo"$moves_player[1]"." Causing ".$total_dam_player." damage!<br>"; echo"Computers current health is ". ($_SESSION['ai_health']-$move_damage[1]*$move_dam_multiplier_player[1]); echo"<br>$moves_ai[1]"." Causing ".$total_dam_ai." damage!<br>"; echo"Your current health is ". $new_player_health=($_SESSION['player_health']-$move_damage[1]*$move_dam_multiplier_ai[1]); } if($_SESSION['ai_health']<=0 && $_SESSION['player_health']>=0){ echo"<br>Computer falls to the ground! He is knocked out! You win!"; } if($_SESSION['player_health']<=0 && $_SESSION['ai_health'] >= 0){ echo"<br>You fall to the ground! You are knocked out! You lose!"; } if($_SESSION['player_health']<=0 && $_SESSION['ai_health'] <=0){ echo"<br>You both fall to the ground! You are both knocked out! It's a draw!"; } ?> </div> </body> </html> Hi all, If I have a list of session ids, is it possible to use this list to determine which session is no longer active? Seems like it should be do-able but can't find help on it so I'm kinda guessing its not! Thanks for any help, Michael Hello everyone, i'm new to php and i'm having hard time with sessions i'm trying to create a php file with a drop down menu and when you select an item from the drop down menu, you could retreve it from another page. for example: a1.php Code: [Select] <?php session_start(); if(isset($_POST['color'])) { $_SESSION['blue']='blue'; $_SESSION['red']='red'; $_SESSION['green']='green'; $_SESSION['orange']='orange'; } ?> <html> <body> <form id="shirt" method="post" action="a2.php"> <p> <select name="Size"> <option value="invalid">Select a size ...</option> <option value="blue">blue</option> <option value="red">red</option> <option value="green">green</option> <option value="orange">orange</option> </select> <br /> <input type="Submit" value="Add" name="Add" /> </p> </form> </body> </html> when the user chooses a color, it adds it to the session and then when the user clicks add, he is redirected to another page named a2.php which shows the color is added. if the user goes back to the original page and adds the same color again it shows that he added the item again: Color: ----------- Quantity: Red ----------- 2 a2.php Code: [Select] <?php session_start(); $item_id = $_GET[id]; $action = $_GET[action]; switch($action) { case "add": $_SESSION['color'][$item_id]++; break; case "remove": $_SESSION['color'][$item_id]--; if($_SESSION['color'][$item_id] == 0) unset($_SESSION['color'][$item_id]); break; case "empty": unset($_SESSION['color']); break; } ?> sorry if my question is not clear, any help is appreciated Thank You, hi im new to php i am making shopping cart i made a session variable to add products in cart when i run it gives this warning Notice: Undefined index: cart in C:\wamp\www\cart\public\views\layouts\shop.php on line 15 Notice: Undefined index: total_items in C:\wamp\www\cart\public\views\layouts\shop.php on line 16 Notice: Undefined index: total_price in C:\wamp\www\cart\public\views\layouts\shop.php on line 17 but when i click on add to cart it add product price and quanitity kindly help me my shop.php code is <head> <title> Shopping Cart</title> <link href="stylesheets/cool_style.css" media="screen" rel="Stylesheet" type="text/css" /> </head> <body> <h1> products</h1> <div class="cart"> <p><b> Shopping Cart</b></p> print_r($_SESSION['cart']); echo $_SESSION['total_items']; echo number_format($_SESSION['total_price'],2); </div> <hr /> </body> </html> and my index file is where i set session variables are include('db_fns.php'); include("cart_functions.php"); session_start(); if(isset($_SEESION['cart'])) // if change this conditon if(!isset($_SEESION['cart'])) it gives not warning but does not //add products to the cart it does not do anything { $_SESSION['cart']=array(); $_SESSION['total_items']=0; $_SESSION['total_price']=0.00; } $view=empty($_GET['view'])?'index':$_GET['view']; $controller='shop'; switch ($view){ case "index"; $products = find_product(); break; case "add_to_cart"; $id=$_GET['id']; $add_item=add_to_cart($id); $_SESSION['total_items']=total_items($_SESSION['cart']); $_SESSION['total_price']=total_price($_SESSION['cart']); header('Location: index.php'); break; case "update_cart"; break; case "checkout"; break; } if change this conditon if(!isset($_SEESION['cart'])) it gives not warning file run correctly with no warning but does not add products to the cart and does not do anything kindly help me please So I'm trying to understand Sessions and how to store a variable within a session. What I want to t do, is start a session, check if variable is set, if not, set the variable. So with the code below, I start the session, i check the variable, if not set, i set it. But when i refrsh the page, it has the same session id but it didn't store the session variable from the previous load. Please, what am I missing? Code: [Select] <?php session_start(); echo "Session ID: ".session_id()."<br>"; echo "<br>chktrack P ".$_session['chktrack'].""; if ($_session['chktrack'] != 1){ $_session['chktrack']=1; } echo "<br>chktrack Post: ".$_session['chktrack'].""; echo "<br><a href='index.php'>Index</a>"; ?> Thanks in advance for your help. So I am trying to set my session length, but it doesn't seem to be working. session_set_cookie_params("84600"); session_start(); Hey Guys, Me again! Still working on this bloody database! Okay, so I have a site that people can add a record to a database. This record is filled using a form and the form contains an image that can be uploaded. This works fine. Then there's the ability to search a record based on a boolean search which displays a table with the record data and displays a thumbnail of the photo. This also works fine. Then I have a script that (once it's working) will allow you to edit the record. This is where I'm having issues. Here's my process for the form: User searches for the record by using a boolean search Search finds the record and displays a form containing the original values in the database User changes some parts of the original record using the form Form then updates the database with the new values The problem I'm having is with the photo function. If there's no photo attached, I was getting an error saying that the photo field could not be empty. So I used the following process: User searches for the record using edit.php Form is displayed using edit_process.php edit_process.php is posted to update.php that has conditions to check if the file upload field is empty or not If the field is empty, then it requires updatenophoto.php If the field has a new image, it uses updatephoto.php When I submit the form to the update.php script, it does nothing and gives me a blank page. Here's my code for each of the parts (hit the character limit, code in comments): Hello everyone, By default when someone comes to my site, it is the unencrypted web page (http://www.mydomain.com). I recently purchased a ssl certificate so when a user logs in, their password is encrypted (Posted to https://mydomain.com). Once the form is posted, the session is set and the header("Location: http://www.mydomain.com"); function is executed to bring them back to the unencrypted version of the site. However, now when a user tries to login, my site seems to drop the session when the location is set to the unencrypted version of the site. How do sites go about using a secure login form and running on the regular version of the site? Thanks! weee |
|||||||