|
PHP - User Session Expires Immediately After Opening Another Web Page
Similar TutorialsHello, i've got some shop script which has 2 payment modules which i'd like to use for something else, the payment modules only work if the user is logged in though, i tried to make them standalone scripts but that didn't work out too well. So now i decided to go another way and just let everyone have the same session so everyone will be using the same username&password automatically. the index file looks like this: Code: [Select] <?php include('./inc/config.php'); include('./inc/functions.php'); include('./lang/'.$language.'.lng'); $id = addslashes($_REQUEST["id"]); $user = addslashes($_REQUEST["username"]); $pass = addslashes($_REQUEST["password"]); $language = strtolower($language); if(empty($id)) $id =1; $file = mysql_query('SELECT * FROM navi_'.$language.' WHERE id="'.$id.'"'); if(mysql_num_rows($file)>0) $file = mysql_fetch_array($file); else $file = mysql_fetch_array(mysql_query('SELECT * FROM navi_'.$language.' WHERE id="404"')); if(!empty($user) AND !empty($pass)) {$query = mysql_query('SELECT * FROM users WHERE username="'.$user.'" AND pass="'.md6($pass).'"'); if(mysql_num_rows($query) == 1) {$_SESSION[$session_prefix."user"] = ucfirst($user); echo'<meta http-equiv="refresh" content="0; url=index.php?id=8">';} else $error = 'Username oder Passwort ist falsch.';} include('./designe/'.$designe.'/head.tpl'); include('./designe/'.$designe.'/navi.php'); include('./designe/'.$designe.'/middle.tpl'); if(file_exists('./pages/'.$file["file"])) {echo'<h1>'.ucfirst($file["title"]).'</h1>'; include('./pages/'.$file["file"]);} if(!empty($error)) echo '<font color="red">'.$error.'</font>'; include('./designe/'.$designe.'/foot.tpl'); ?> Now i tried alot of things including adding: Code: [Select] session_start(); $_SESSION["username"] = "peter"; $_SESSION["user"] = "peter"; $_SESSION["id"] = "1"; $_SESSION["pass"] = "peter"; $_SESSION["password"] = "peter"; or Code: [Select] $id = "1"; $user = "peter"; $username = "peter"; $pass = "peter"; $password = "peter"; also a combination of both, nothing works, but i don't understand why ? Any help is appreciated. /Edit, i tried adding it to the paymentmodule .php aswell, but no luck. Hi guys I need to know how i can create a session for userid from my database, I have done the session for username but not being able to do it for user name, here is my code. my database table is called users and I can login successfully, but i tried few code and it wont show the user id, the column for user id is 'id' <?php include 'global.php'; $session_username = $_SESSION['username']; if ($_POST['login']) { //get form data $username = addslashes(strip_tags($_POST['username'])); $password = addslashes(strip_tags($_POST['password'])); if (!$username||!$password) echo "Enter a username and password"; else { //log in $login = mysql_query("SELECT * FROM users WHERE username='$username'"); if (mysql_num_rows($login)==0) echo "No such user"; else { while ($login_row = mysql_fetch_assoc($login)) { //get database password $password_db = $login_row['password']; //encrypt form password $password = md5($password); //check password if ($password!=$password_db) echo "Incorrect password"; else { //check if active $active = $login_row['active']; $email = $login_row['email']; if ($active==0) echo "You haven't activated your account, please check your email ($email)"; else { $_SESSION['username']=$username; //assign session header('Location:my.php'); } } } } } } else { if (isset($session_username)) { echo "You are logged in, $session_username., <a href='logout.php'>Log out</a>"; } else { echo " <form action='index.php' method='POST'> Username: <input type='text' name='username'><p /> Password: <input type='password' name='password'><p /> <input type='submit' name='login' value='Log in'> </form> "; } } ?> thanks Hi, I have stored user data in the database, but I think I need to somehow grab the "id" of the username, and use that in a SESSION when they log in, so that I can pull up the user information in the database for that particular user when they log in. and do that for everyone when they log in. My idea is user logs in Something like "grab the user "id" linked to this user, and add that value to "$currentUser", then somehow when it is time to show their user profile page, I do something like "display all field data where username=$currentUser. I don't know I am confused, any help plus code would be great if anyone can help, or just the pseudocode would be good. I hope I explained it right. thanks. Hi there, I am new to PHP and trying to put my learning together as I progress. Here's the problem: I would like to open HTML file after a certain condition is met. I tried to fopen() but it gave an empty page. Here's the code: Code: [Select] <?php $shape = $_POST['shape']; if($shape=='Triangle') { fopen('ogc_show_triangle.php', 'r'); } else { echo "Select a shape."; } ?> Thanks in advance! ^_^ is it necessary to store users session on db? if so please explain someone why? and block multiple session login. say if im logged in and someone else tries to log into my id from some other place how would i stop that to happen? any idea and example would be appreciated. This will be a little difficult to explain, but keep with me. On the profile.php page. It starts a new session. Code: [Select] // Connect to MySQL... $conn = mysql_connect($hostname, $username, $password) or die("Connecting to MySQL failed"); mysql_select_db($database, $conn) or die("Selecting MySQL database failed"); // Run our query, see if session username exists in session field... $sql="select username,email from user where username='{$_SESSION['user']}' limit 1"; $result=mysql_query($sql,$conn); // Parse our results into $data (as an associative array)... $data=mysql_fetch_assoc($result); // If one row was found in the result set, username exists... if (mysql_num_rows($result)==1) { $_SESSION['sellername'] = $data['username']; So what I am hoping that is doing, is the session named "sellername" is stored with the variable of the logged in user. In this example "testuser". Now the page updates.php will have an id attached to like so: updates.php?id=13. Which will have info only available for testuser's eyes. On the page it does this. Code: [Select] // Connect to MySQL... $conn = mysql_connect($hostname, $username, $password) or die("Connecting to MySQL failed"); mysql_select_db($database, $conn) or die("Selecting MySQL database failed"); // Run our query, see if session username exists in session field... $sql="select username from user where username='{$_SESSION['user']}' limit 1"; $result=mysql_query($sql,$conn); // Parse our results into $data (as an associative array)... $data=mysql_fetch_assoc($result); // If one row was found in the result set, username exists... if (mysql_num_rows($result)==1) { $query='select seller from listings where seller = "'.$data['username'].'"'; $queryresult=mysql_query($query,$conn); while($info = mysql_fetch_assoc($queryresult)){ if ( $_SESSION['sellername'] == $info['seller'] ){ The if statement should process: "If the session variable for 'sellername' equals the database entry 'seller' then display the rest of the page." However, no matter what user is logged, it will display the page. Any ideas? Hi guys, I am trying to put together a little system that allows users to log onto my website and access there own personal page. I am creating each page myself and uploading content specific to them which cannot be viewed by anyone else. I have got the system to work up as far as: 1/ The user logs in 2/ Once logged in they are re-directed to their own page using 'theirusername.php' Thats all good and working how I need it too. The problem I have is this. If I log onto the website using USER A details - I get taken to USER A's page like I should but - If I then go to my browser and type in USERBdetails.php I can then access USER B's page. This cannot happen!! I need for USER A not to be able to access USER B profile - there is obviously no point in the login otherwise! If you are not logged in you obviously cannot access any secure page. That much is working! Please find below the code I am using: LOGIN <?php session_start(); function dbconnect() { $link = mysql_connect("localhost", "username", "password") or die ("Error: ".mysql_error()); } ?> <?php if(isset($_SESSION['loggedin'])) { header("Location:" . strtolower($username) . ".php"); if(isset($_POST['submit'])) { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $mysql = mysql_query("SELECT * FROM clients WHERE username = '{$username}' AND password = '{$password}'"); if(mysql_num_rows($mysql) < 1) { die("Password or Username incorrect! Please <a href='login.php'>click here</a> to try again"); } $_SESSION['loggedin'] = "YES"; $_SESSION['username'] = $username; $_SESSION['name'] header("Location:" . strtolower($username) . ".php"); } ?> HEADER ON EACH PHP PAGE <?php session_start(); if(!isset($_SESSION['loggedin'])) { die(Access to this page is restricted without a valid username and password); ?> --------------------------------------------------- Am I right in thinking it is something to do with the "loggedin" part? The system I have here is adapted from a normal login system I have been using for years. The original just checks the details and then does a 'session start'. This one obviously has to re-direct to a user specific page. To do this I used the <<header("Location:" . strtolower($username) . ".php");>> line to redirect to a page such as "usera.php" or "userb.php" Any help would be greatly appreciated! Ta i have my upload process working that uploads documents to the server and then displays in onto the user page like this:
<?php
function find_all_files($dir)
{
$root = scandir($dir);
foreach($root as $value)
{
if($value === '.' || $value === '..') {continue;}
if(is_file("$dir/$value")) {$result[]="$dir/$value";
continue;
}
foreach(find_all_files("$dir/$value") as $value)
{
$result[]=$value;
}
}
return $result;
}
$fileupload = 'fileupload';
$getem = find_all_files($fileupload);
foreach($getem as $key => $value)
{
echo '<a href="'.$value.'">'.$value.'</a><br />';
}
?>
<?php
if($handle = opendir('members/')) {
while (false !== ($entry = readdir($handle))) {
if($entry != "." && $enrty != "..") {
echo "<a href='download.php?file=".$entry."'>".$entry."</a>\n";
}
}
closedir($handle);
}
?>
here they can download the files to their computer however is there a way to only display the file of the user that is logged in through their session?
Hello all, I have a membership website which is using sessions... and ive been asked to add some promotion points system. So that each user is able to see how many promotion points they have... Now, I'm a beginner in mysql and php, but feel I'm learning fairly quickly. What I need help with, is to be able to display the amount of promotion points for the logged in user. I created a new field in my "essenti1_Users" table for the promotion code. database is called "essenti1_membership" table is "essenti1_Users" feild is "promo" I think im going to have to manually add the points to each user manually through phpMyAdmin Navicat unfortunatly. Unless anyone has any other ideas just for adding the points to each user account? ziggynerja is online now Add to ziggynerja's Reputation Report Post Edit/Delete Message Some code from my pages ,
Page1 ( Redirecting page )
<html> <title>login_redirect.</title> body> <form name="redirect" action="http://mysite/page2.php" method="post"> <input type="hidden" name="mac" value="$(mac)"> </form> <script language="JavaScript"> <!-- document.redirect.submit(); //--> </script> </body> </html>Page 2 ( select product )
<?php
session_start();
ini_set('display_errors',1);
error_reporting(E_ALL);
include '../lib/config.php';
include '../lib/opendb.php';
// get user mac adres from redirect post page1
$_SESSION['macid'] = $_POST['mac'];
// set $macid for other use ( maybe not needed, am learning )
$macid = $_SESSION['macid'];
// echo $macid does show mac adress, so variable is not empty here
if (!empty($_POST["submit"]))
{
$product_choice = $_POST['accounttype'];
$query= "SELECT AccountIndex, AccountCost, AccountName FROM AccountTypes WHERE AccountIndex='$product_choice'";
$result = mysql_query($query) or die('Query failed. ' . mysql_error());
while($row = mysql_fetch_array($result))
{
$_SESSION['AccountIndex'] = $row['AccountIndex'];
$_SESSION['AccountCost'] = $row['AccountCost'];
$_SESSION['AccountName'] = $row['AccountName'];
}
header('Location: page3.php');
}
// did leave out the other/html/form stuff here
Page 3 ( show Session variables )
<?php
ini_set('display_errors',1);
error_reporting(E_ALL);
session_start();
print_r($_SESSION);
?>
Now, on page 3 i do see the right session varables, only the "macid" is empty.
why ?
This topic has been moved to Apache HTTP Server. http://www.phpfreaks.com/forums/index.php?topic=311239.0 Unfortunately I have no code for this yet cuz I don;t even know if its possible... I am programming an application that is used by a couple of stores, which could end up being a lot of stores. Anyways, the basis is that the stores would, though a separate application (and therefore separate database) create a username and password, I now want to use this username and password to do the following 1. Allow them to login to my application using the same username and password 2. I want the store the username in a session to pull tables based on the username from my database For instance, a user has the login store123, after loggin in it now pulls the information from the tables store123_items, store123_prices, store123_settings, etc. Now my database will have quite a lot of store###_tables I am, sadly, a noobie to PHP and I do recall seeing an article (somewhere on the net, and I stupidly forgot to bookmark it, knowing I would need it eventually) on how to access multiple databases easily. Now because they are both under my account I can use the same username and password for both, its accessing the MySQL username/password database and storing the info I know I am lacking on how to do it. Any ideas? Login.php Code: [Select] <?php session_start(); mysql_connect("localhost","root") or die(mysql_error()); mysql_select_db("cute") or die(mysql_error()); $username = $_POST['username']; $password = $_POST['pass']; if (isset($_POST["submit"])) { $log = "SELECT * FROM regis WHERE username = '$username'"; $login = mysql_query($log); $row = mysql_fetch_array($login); $number = mysql_num_rows($login); if ($number > 0) { $_SESSION['username'] = $row['username']; $_SESSION['userlevel'] = $row['userlevel']; if($_SESSION['userlevel']==1) { $_SESSION['is_logged_in'] == 1; header("Location: form2.php"); } else if($_SESSION['userlevel']== 0) { $_SESSION['is_logged_in'] == 1; header("Location: registration.php"); } } Registration.php Code: [Select] <?php echo 'Welcome:' .$_SESSION['is_logged_in'];?> form2.php Code: [Select] <?php session_start(); if (empty($_SESSION['is_logged_in'])) { header("Location:chatframe.php"); die(); // just to make sure no scripts execute } ?> <?php mysql_connect("localhost","root") or die(mysql_error()); mysql_select_db("cute") or die(mysql_error()); $message=$_POST['message']; $a=$_SESSION['username']; if(isset($_POST['submit'])) //if submit button push has been detected { if(strlen($message)>1) { $message=strip_tags($message); $IP=$_SERVER["REMOTE_ADDR"]; //grabs poster's IP $checkforbanned="SELECT IP from ipbans where IP='$IP'"; $checkforbanned2=mysql_query($checkforbanned) or die("Could not check for banned IPS"); if(mysql_num_rows($checkforbanned2)>0) //IP is in the banned list { print "You IP is banned from posting."; } else { $thedate = date("U"); //grab date and time of the post $insertmessage="INSERT into chatmessages (name,IP,postime,message) values('$a','$IP','$thedate','$message')"; mysql_query($insertmessage) or die("Could not insert message"); } } } ?> <html> <head> <script type="text/javascript"> function addsmiley(code) { var pretext = document.smile.message.value; this.code = code; document.smile.message.value = pretext + code; } function a() { var x = document.smile.message.value; if(x=="") { alert("Please insert an message!"); return false; } } </script> <style type="text/css"> body{ background-color: #d8da3d } </style> </head> <body> <form name="smile" method="post" action="form2.php" onSubmit="return a()" > Your message:<br><textarea name='message' cols='40' rows='2'></textarea><br> <img src="smile.gif" alt=":)" onClick="addsmiley(':)')" style="cursor:pointer;border:0" /> <img src="blush.gif" alt=":)" onClick="addsmiley('*blush*')" style="cursor:pointer;border:0" /> <input type='submit' name='submit' value='Send' class='biasa' ></form> <br> <br> </body> </html> In this registration.php when im called back its appear nothing im means the number is not showing and the login code even im had also put the "$_SESSION['is_logged_in'] == 1;" outside if else userlevel statement and then i put $d= $_SESSION['is_logged_in'] == 1; and im echoing back but it is nothing im thinks something wrong in session is login and also still it cannot redirect to admin -form2.php when session is login in is 1 Hello, everyone. I have code that effectively calls a PHP page with AJAX (no JQuery). The PHP responds fine with an echo. Here is the javaScript that calls the PHP so refreshing the page doesn't need to be done.
function deleteCategory()
{
var e= document.getElementById("dropDown1");
var var1 = e.options[e.selectedIndex].text;
var xmlhttp = new XMLHttpRequest();
xmlhttp.onreadystatechange = alerta() {
if (this.readyState == 4 && this.status == 200) {
document.getElementById("insert").innerHTML = xmlhttp.responseText;
}
};
xmlhttp.open("GET", "deleteRow.php?q=" + var1 , true);
xmlhttp.send();
}
How do I call a PHP function on the same page while preserving the above AJAX.
Sincerely, Joshua Hi guys, I know that you can open web page with $handle = fopen("http://www.example.com/", "r"); but i am wondering is there a way to pass POST vars when doing so, or there is another method that can that like you do it with ajax. I have mvc application that i want to test. I am using CodeIgniter framework so i want to call my controllers with POST values. Every controller method returns data holder object that holds the data of operation whether is successful or not. Also every method inside controller can be called with parameter input or with post input. If you omit the parameters when calling controller method than he will try to load that parameters from post and that is why i want to pass POST vars with php when calling controller for example i want to call: fopen("http://localhost/MyAppFolder/index.php/controller/method"); but i want to pass it some POST vars if that is possible Thanks. Hi.. I have an issue on my project.I want to open a particular page of a PDF file by clicking a hyper link.How should I do it?any idea ? I used the following code <?php header("Content-Type: application/pdf"); $pdfFile="readme.pdf#page=10"; ?> <html> <head> <title>Untitled Document</title> </head> <body> <a href="http://<?php echo $pdfFile; ?>">Click Here</a> </body> </html> But it showing an alert like following File does not begin with '%PDF-' After clicking alert showing a black screen.. can u please send me the entire code? Thanks... My intended goal is to have it see if the post allows comments and if it does then check to make sure the date_comments_expires is NOT before the passed day. I'm not quite sure how to finish this if statement. Any help? Code: [Select] if ($mainNews[0]['allow_comments'] == 'Yes' AND $mainNews[0]['date_comments_expire'] == ) { show list of files uploaded by current session user to the database. I want to show different users when they log in to the website...they can see a list of old files that they have uploaded. can anyone tell me the code/script to this.....please, ty Hello All, I have a PHP web application which will refresh itself(ajax calls connecting to the server and get the latest data) periodically. These also update the Database-based session handler class. i.e. There is NO UPDATE to the session data but the timestamp is constantly updated. Our problem is that garbage collection does not kick in as it looks at the difference between timestamp and session_gc.maxlifetime. So, if and the user is not interacting with the application. Now my question is how can I force the timeout even though refreshing happens but the user is not interacting with the application and there are "phantom" session updates made by these ajax calls. Please let me know. Thanks. Or is it all pieced together into one file then executed? I ask because I'm thinking of a weird way to handle errors on my site that would integrate with the interface smoothly without much work on my part. Every page on my site requires template_top.php at the start of the script and template_bottom.php at the bottom. I believe this is a pretty common thing to do, and it standardizes all my menus and interfaces and whatever else, plus it gives me a nice place to deliver messages to the user. What I want to do is something like this simplified example: template_top.php: <?php // layout stuff here try { ?> index.php: <?php require_once('template_top.php'); // a wild error appears! throw new Exception('oh no!'); require_once('template_bottom.php'); ?> template_bottom.php: <?php } catch (Exception $e) { echo 'An error occured! Message: ' . $e->getMessage(); } // layout stuff here ?> So that's where my question comes in. Both template files contain code that, if executed on it's own, is invalid. Pieced together in my pages though, it forms correct code. I'd really like to do this since all I'd have to do if my script encounters a problem is throw an Exception and everything is instantly handled without me having to fight with display issues. If this isn't possible, does anybody have any better suggestions? |
|||||||