PHP - Session Redirect Problem

I have four session variables, two I am valueing using $_POST elements from a previous page's form, the other two I am valueing using items retrieved from a database.  Here is the code -
----------------------------------------------------
<?php session_start();
$_SESSION['UserLastName'] = strtolower(trim($_POST['txtLastName']));
$_SESSION['BadgeID'] = trim($_POST['txtBadgeID']);

//get list for supervisor drop down
$q1 = sprintf("select * from emps where emp_last = '".$_SESSION['UserLastName']."' and emp_badge = '".$_SESSION['BadgeID']."'");

$rs_emp_info = hitMSSQL($q1,"intra_sql","employees","xxxx","xxxx",1);

$_SESSION['SSN'] = $rs_emp_info->fields("emp_ssn");
$_SESSION['CostCenter'] = $rs_emp_info->fields("emp_costcenter");

if ($_POST['rdoAction'] == 0)
 {
    header("Location: http://webapps/injury/empForm.php");
 }
?>
----------------------------

When I get to the next page, empForm.php, the Last name and badge ID session vars are populated but the SSN and Cost Center session vars are not.  I have tried several things including putting an exit(); after my header statement and first putting the database items into plain old $vars and then trying to populate the session vars with the value of the regular $vars, but nothing seems to work.  I have a session_start() at the top of all of my scripts. 

Any idea why I am losing these values? (and why this box that I am typing into on this site is bouncing around so badly that I can't see what I am typing here???)

Hey guys, i always get the error: Warning: Cannot modify header information - headers already sent by (output started at /home/worldw44/public_html/Newsletter/Admin/Admin.php:1) in /home/worldw44/public_html/Newsletter/Admin/Admin.php on line 6

when im tyring to run:

    <?php
 if(isset($_SESSION['adminlogin'])) {
$run=yes;
}
else {
    header( 'Location: http://www.worldwidelighthouses.com/Newsletter/Admin/Log-In.php');
}?>
<!DOCTYPE HTML>
<html lang="en-GB">
<head>
            <meta charset="utf-8">
            <!--Search Engine Meta Tags--> 
            <meta name="author" content="Worldwide Lighthouses">
            <meta name="keywords" content="Lighthouses,Lightships,Trinity House,Fog Signals,Fog Horns,Fresnel">
            <meta name="description" content="Worldwide Lighthouses is the number 1 source of information, pictures and videos on the Subject of Lighthouses and Lightships">
            <!--Stylesheets/Javascript-->
            <link rel="stylesheet" href="../../Page-Layout.css" media="screen and (min-width: 481px)">
            <link rel="stylesheet" href="../../Mobile-Page-Layout.css" media="only screen and (max-width:480px)">
            <!--Mobile Browser Support-->
            <meta name="viewport" content="width=320; initial-scale=1.0; maximum-scale=1.0; user-scalable=0;">
            <!--IE Support-->
            <!--[if lt IE 9]><script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script> <link rel="stylesheet" href="../Page-Layout.css"><![endif]-->
<meta name="application-name" content="Worldwide Lighthouses"> 
<meta name="msapplication-starturl" content="http://worldwidelighthouses.com/"> 
         <meta name="msapplication-tooltip" content="Worldwide Lighthouses: Your number one source of Lighthouse Information, Videos and Pictures"> 
         <meta name="msapplication-task" content="name=Lighthouses;action-uri=http://worldwidelighthouses.com/Lighthouses.php;icon-uri=http://worldwidelighthouses.com/IE9/Lighthouses.ico"> 
         <meta name="msapplication-task" content="name=Lightships;action-uri=http://worldwidelighthouses.com/Lightships.php;icon-uri=http://worldwidelighthouses.com/IE9/Lightships.ico"> 
<meta name="msapplication-task" content="name=Fog Signals;action-uri=http://worldwidelighthouses.com/Fog-Signals.php;icon-uri=http://worldwidelighthouses.com/IE9/Fog-Signals.ico"> 
        <meta name="msapplication-task" content="name=Glossary;action-uri=http://worldwidelighthouses.com/Glossary.php;icon-uri=http://worldwidelighthouses.com/IE9/Glossary.ico">
             <title>Mailing List Administration | Worldwide Lighthouses</title> 
            </head>
<body>
  <header>
  <h1 id="WWLH">Worldwide Lighthouses</h1>
<form method="get" action="http://www.worldwidelighthouses.com/Search/search.php" id="Search-Box">
<input type="search" placeholder="Search Worldwide Lighthouses" name="query" id="query" size="30" value="" autocomplete="off">
<input type="submit" value="Search">
            <input type="hidden" name="search" value="1"> 
   </form>
</header>  <nav>
   <ul id="Nav">
  <li class="MenuButton" id="Index"><a href="../Index.php"><p class="Nav">Home</p></a></li>
        <li class="MenuButton" id="Lighthouses"><a href="../Lighthouses.php"><p class="Nav">Lighthouses</p></a></li>
        <li class="MenuButton" id="Lightships"><a href="../Lightships.php"><p class="Nav">Lightships</p></a></li>
        <li class="MenuButton" id="FogSignals"><a href="../Fog-Signals.php"><p class="Nav">Fog Signals</p></a></li>
            <li class="MenuButton" id="Daymarks"><a href="../Daymarks.php"><p class="Nav">Daymarks</p></a></li>
            <li class="MenuButton" id="Buoys"><a href="../Buoys.php"><p class="Nav">Buoys</p></a></li>
        <li id="MenuButtonLast"><a href="../Glossary.php"><p class="Nav">Glossary</p></a></li>
</ul>
</nav>
 
<article>
    <h1 class="Title">Contact Admin Centre</h1>
  <div class="Textbox"> 
<div id="Social">
<a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="WWlighthouses">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
        <object id="Facebook" data="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fworldwidelighthouses.com/&amp;layout=button_count&amp;show_faces=false&amp;width=450&amp;action=like&amp;colorscheme=light&amp;height=21"></object> 
    </div>
    </div>
</article>
    <footer>
    <ul>
     <li><a href="../About.php">About</a></li>
        <li><a href="../Contact-us.php">Contact</a></li>
        <li><a href="../Use-Our-Media.php">Use our media</a></li>
        <li><a href="../Search/search.php">Search</a></li>
        <li><a href="../Social-Networking.php">Social</a></li>
        <li><a href="#Top">Back to top</a></li>
    </ul>
    <br>
    <br>
     &#38;#169; Worldwide Lighthouses <?php echo date("Y"); ?>
</footer>
</body>

Cany anyone offer some suggestions as to why? Note i have no ability to change phpconfig.

hi i am trying to count the number of clicks to an external link this is what i have come up with but it doesnt redirect but the if statment doesnt work properly because every time i click a link it always echos hello saying $add is not numeric when it is????

please help




<html>
<a href="index.php?add=1">Gamerforums</a><br>
<a href="index.php?add=2">Google</a><br>
<a href="index.php?add=3">Ebay</a><br>
<a href="index.php?add=4">Paypal</a><br>

<?php
$add = $_GET['add'];
include 'connect.inc';
if (is_numeric($add))
   {
   mysql_query("UPDATE count SET clicks=clicks+1 WHERE id='$add'");
   $result = mysql_query("SELECT * FROM count WHERE id='$add'");
   $row = mysql_fetch_assoc($result);
    $url= $row[url];
   header ("Location: $url");
   }
else
   {
   echo "hello";
   }
?>
</html>

Hi,   I'm using this code to redirect visitors who are coming from another site (clicking on my ad on that site) to a page in my site where I can track them:

$referrer = $_SERVER['HTTP_REFERER'];
    if ( strstr($referrer, '://example.com/shop') )
       print ('<meta http-equiv="refresh" content="0; URL=http://www.mysite.com/1.php">');

The problem is that, by this code I can only redirect those who are coming from example.com/shop, but I need to redirect visitors coming from any sub directory or subdomain from example.com, not only a specific url in example.com   Is there any solution?     Thanks

Hi to all,

    Here is the my log in script:

if($submit=='Login')
{
        $query="select * from users where username='".$username."' and verify='Yes'";
   $res=mysql_query($query);
   $row=mysql_fetch_array($res);
   $pwds=$row['pwd'];
   if(strcmp($pwds,$password)==0){
      $_SESSION['username']=$username;
      header("location: ./myaccount.php");
   }else{
      $errmsg = "You are not an authorized person to login.";
   }
}

in header.php file
<?php
ob_start();
session_start();
?>

when am logging, the page is correctly redirected to myaccount.php in IE, where as in FF, it is redirected to index.php

Please let me know where i have to change the code.

It is simple but getting out of mind.

Thanks in advans,
 

I am using a script for users to download a file, however after the download I want to be able to
redirect the user or display a message etc... but I cannot get it to work.

My download code is below;

if($do_download){

 $filename = 'file.zip';
 $itemfile = ('/abc/123/htdocs/bin/'.$filename);
 $filelength = filesize($itemfile);

 $fp = @fopen($itemfile, "rb");

ob_start();
  Header("Pragma: public");
  Header("Expires: 0");
  Header("Cache-control: private");
  Header("Content-Type: application/x-zip-compressed");
  Header("Content-Transfer-Encoding: binary");
  Header("Content-Length: $filelength");
  Header("Accept-Ranges: bytes");
  Header('Content-Disposition: attachment; filename="'.$filename.'"');
  Header("Connection: close");
ob_end_clean();
  while(!feof($fp)){
  print stream_get_contents($fp); // for PHP 5+ else use fread
 }
 fclose($fp);

 header('Location: page2.php');
}

It doesn't seem to matter what I do whether a redirect or just an echo command nothing continues after the file is downloaded????

Hi guys.

Im making a script that stores different contents in sessions. And everything seems to be working fine. I previously had some problems with it, but managed to fix them. Now somehow a new problem have accrued for me. I did not do anything to it since it last worked. So i am a little confused. It keeps telling me that the session does not have any content.

I think that the problem is within these two files he

http://pastebin.com/T6sfzjWn

and

http://pastebin.com/BUAuFp6t

It keeps giving me the error on line 24 from the second file.

Can someone please help me and say what i am doing wrong?

I'm using xampp and am trying to create a login session...these are the my php files
login.php
Code: [Select]
<form action='login1.php' method='post'>
Email: <input type='text' name='id'></br>
Pass : <input type='password' name='pass'></br>
<input type='submit' name='login' value='login'>
login1.php
Code: [Select]
<?php
$id=$_POST['id'];
$pass=$_POST['pass'];

$conn=mysql_connect("localhost","root","");
if (!$conn)
{
die('Could not connect: ' . mysql_error());
}


$e=mysql_select_db('test', $conn);
if(!$e)
{
die(''.mysql_error());
}
else
{
echo 'database selected successfully';
}

$sql=mysql_query("Select email,password from login where email='$id' AND password='$pass'");
$count=mysql_num_rows($sql);
if($count==1) 
{ 
    session_start();
    
    echo "</br>Login Successful</br>";
echo "Please wait 5 seconds ";
/* redirct to the specified page */
header("refresh:5;url=empty.php");
}
else
{

echo "please try to login again</br>";
echo "you will be redirected to the login page in 5 seconds";
     /* redirct to the specified page */
header("refresh:5;url=login.php");
}
mysql_close();
?>
empty.php
Code: [Select]
<?php
session_start();

$logi=$_SESSION['id'];
echo 'welcome '.$logi;



?>

empty.php is supposed to display the email id from login.php
I checked it about an hour ago and it was working fine but now it gives me an error
Undefined index: id in C:\xampp\htdocs\littleprogress\empty.php on line 4
I didn't change anything after checking it. only cleared the history and cookies of my firefox browser
what could be the problem

I have this error, and I cann't find soluiton:
Code: [Select]
Notice: Undefined index: ime in C:\wamp\www\web\login_public.php on line 26

Notice: Undefined index: ime in C:\wamp\www\web\login_public.php on line 27
This is the code:
Code: [Select]
<?php require_once("public/includes/session.php"); ?>
<?php require_once("public/includes/connection.php"); ?>

<?php  

if(!$_POST['submit']){
header('refresh:0; url=index.php');}
else {
$korisnik = $_POST['korisnicko_ime']; 
$lozinka = $_POST['lozinka'];
$lozinka_db = sha1($lozinka);

if ($korisnik && $lozinka){
$query = mysql_query("SELECT * FROM korisnik WHERE korisnicko_ime = '$korisnik' ");
$numrow = mysql_num_rows($query);

if($numrow != 0){

while ($row = mysql_fetch_assoc($query)){
$korisnik_db = $row['korisnicko_ime'];
$db_lozinka = $row['lozinka'];
$ime = $row['ime'];
}
if ($korisnik == $korisnik_db && $lozinka_db == $db_lozinka){
echo "Uspesno ste ulogovani";
$_SESSION['ime'] == $ime;
echo $_SESSION['ime'];
}
else { echo "Lozinka je netacna"; }
} else {die("Korisnik ne postoji");}
}
}

?>
What seems to be the problem 

Hi Guys,

I am developer and relatively new to php although I have written a few scripts. I have a site which runs on linux/unix platform.

I am facing a weird problem:

- I have a php script (e.g. site.com/test/test.php) which takes a input from url, and creates a session and opens a wordpress php in another folder (e.g. site.com/wp/index.php)
- I wrote a small php code in that wp/index.php which checks if session exists or not. if yes, then no problem, if not then die and show a message.

Now the problem is when I run the script, it opens the wp/index.php and the page opens. Good. But when I click on any link in that page e.g about or so, then I get message which I wrote that session not found and so on...

I don't know why this is happening.

So if you guys can help me with this it would be great. Alternatively, I thought if I protect the wp folder (using protect folder thru cpanel) and write a php script outside which call the php inside the wp folder with a hardcoded uname & pw, then i can run the php inside without anyone knowing what the actual uname or pw is. This way if a user directly tries to access it , he wont be able to do so as uname & password box will appear.

But I dunno how to call a php inside protected folder. I tried to redirect but the uname & pw box appeared.

I would be grateful if anyone can help me.

Thanks a lot,

Cheers,
GR

Hello Everyone!

I have 2 problems with sessions that I'd like some assistance with.
1. The session often ends after clicking any link after logging in. (sometimes it remains alive, and in those cases it stays alive until browser is closed.)
2. The function that should start a session if a cookie is found (and correct) is not working, so if the browser is closed and re-opened the session won't start the session.

I'll include the code that I think is relevant. The odd part is that these problems occur in every browser, I have tried multiple tutorials (so different scripts) to creating a login form but somehow the same result appears every time.

function login($username, $password, $remember = false) 
{


    $sql = mysql_query("SELECT * FROM users WHERE password = '" . md5($password) . "' AND username = '" . $username . "' LIMIT 1");
    // If there are no matches then the username and password do not match
    if($sql === false) 
    {
        return false;
    }
    else
    {
        while($u = mysql_fetch_array($sql))
        { 
                
                // Check if user wants account to be saved in cookie
                if($remember == true)
                {
                    // Generate new auth key for each log in (so old auth key can not be used multiple times in case 
                    // of cookie hijacking)
                    $cookie_auth= rand_string(10) . $username;
                    $auth_key = session_encrypt($cookie_auth);
                    $auth_query = mysql_query("UPDATE users SET auth_key = '" . $auth_key . "' WHERE username = '" . $username . "'");
 
                    setcookie("auth_key", $auth_key, time() + 60 * 60 * 24 * 7, "/", "mycorrectwebsite.com", false, true);
                }
                // Assign variables to session
                session_regenerate_id(true);
                $session_id = $u[id];
                $session_username = $username;
                $session_level = $u[user_level];
 
                $_SESSION['user_id'] = $session_id;
                $_SESSION['user_level'] = $session_level;
                $_SESSION['user_name'] = $session_username;
                $_SESSION['user_lastactive'] = time();
return true;
        }
    }
} 

function initiate()
{
$logged_in = false;
if(isset($_SESSION['user_name']))
{
$logged_in = true;
}
 
        // Check that cookie is set
        if(isset($_COOKIE['auth_key']))
        {
            $auth_key = $_COOKIE['auth_key'];
 
            if($logged_in === false)
            {
                // Select user from database where auth key matches (auth keys are unique)
                $auth_key_query = mysql_query("SELECT username, password FROM users WHERE auth_key = '" . $auth_key . "' LIMIT 1");
                if($auth_key_query === false)
                {
                    // If auth key does not belong to a user delete the cookie
                    setcookie("auth_key", "", time() - 3600);
                }
                else
                {
                    while($u = mysql_fetch_array($auth_key_query))
                    {
                        // Go ahead and log in
                        login($u['username'], $u['password'], true);
                    }
                }
            }
            else
            {
                setcookie("auth_key", "", time() - 3600);
            }
        }
 
}


And then in the header I start every page with:


<?php 
session_start();
include("connect.php");
include("functions.php");
include("actions.php");

initiate();
 ?>

Hi,
I"m trying to make an external link to a web page. Them problem is that when my user clicks on the link they are taken to the destination web page, but they see an error "Your session has expired". At that point, they must either refresh the browser or exit out and click again in order to see the page.
My question is, how can I go around this problem in my code? If at all possible, I like to be able to add something to the URL so that this does not happen. Any help or guidance is appreciated.

I'm writing a shopping cart type of application for booking something. The cart will holds items as arrays in the session. The problem i'm i'm having is i can store 5 items in my cart and then once i try to store any more, it just won't. I'm not getting any php errors. I'm using the codeigniter framework, so it may be a codeigniter session storage problem. Hopefully you guys can look at it and can see if you spot any bad logic that i'm overlooking.

Code: [Select]
<?php
                 //generates random unique 32 character string
$booking_hash = random_string('unique');

//set items foreach night
foreach($room['date_rate'] as $date => $rate)
{
                        //produces random sha1 16 char length string
$sha1 = random_string('sha1', 16);

$session['items'][$sha1] = array(
'code'       => $room['code'],
'id'         => $room_id,
'title'      => $room['title'],
'date'       => date("n/j/Y",strtotime($date)),
'price'      => $rate,
'tax_one'    => money_format('%i',$room['tax_one'] * $rate),
'tax_two'    => money_format('%i',$room['tax_two'] * $rate),
'sales_tax'  => 0,
'guests'     => $num_guests,
'booking'    => $booking_hash,
'deposit'    => $deposit,
);
}


$existing_items = $this->session->userdata('items');

   if(!empty($existing_items))
  {
$session['items'] = $existing_items + $session['items'];
    }
 
$this->session->set_userdata($session);


?>
I just read some codeigniter session documentation. It says the cookie it's using can hold 4KB of data. I have no idea how much text 4KB can hold...

This is my first post here. G'day everyone. I'm having trouble with getting a session recognized from one page to another. I did a search and used the advice but I'm still having trouble.

I have a page called checklogin.php that processes the information submitted for a member to login, and redirect it to login_success.php if the login was successful.
The problem I have is when I test the session in the second page it tells me there is no session. Here's my code (I omitted the db connection code):

Code: [Select]
<?php
// username and password sent from form 
$myusername=$_POST['user']; 
$mypassword=$_POST['pass'];
?>

<?
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"

$_SESSION['myusername']=$myusername;
$_SESSION['mypassword']=$mypassword;
header("location:login_success.php");

}
else {
echo "Wrong Username or Password";
}
?>


after I am redirected to login_success.php:

Code: [Select]

<?php
session_start();
$_SESSION['myusername'];

if (isset($_SESSION['myusername']))
{
$loggedin = TRUE;
return $loggedin;
echo "logged in.";

}
else
echo "not logged in";
?>

It echoes "not logged in". I've struggled with this for days and I don't know what's wrong. Thanks in advance.

Hi Guys,        Here is the code, once logged in using known credentials it should display the content "welcome..." but it doesn't, instead it is showing "you are not authorized..." as if the session['username']); isn't being taken? 

<?php 	
ini_set('display_errors',1); 
 error_reporting(E_ALL);
		

		

include_once 'includes/db_connect.php';
include_once 'includes/functions.php';
 
sec_session_start();
?>
<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8">
        <title>Secure Login: Protected Page</title>
        <link rel="stylesheet" href="styles/main.css" />
    </head>
    <body>
        <?php if (login_check($mysqli) == true) : ?>
            <p>Welcome <?php echo htmlentities($_SESSION['username']); ?>!</p>
            <p>
                This is an example protected page.  To access this page, users
                must be logged in.  At some stage, we'll also check the role of
                the user, so pages will be able to determine the type of user
                authorised to access the page.
            </p>
            <p>Return to <a href="index.php">login page</a></p>
        <?php else : ?>
            <p>
                <span class="error">You are not authorized to access this page.</span> Please <a href="index.php">login or register</a>.
            </p>
        <?php endif; ?>
        
    </body>
</html>

I am using WAMP and have made sure the username and password is in the database correctly, how do i debug this?    the error reporting has been switched on but it doesn't help me    is the problem with: 

 <?php if (login_check($mysqli) == true) : ?>

I am trying to follow this guide: http://www.wikihow.c...n-PHP-and-MySQL   Please could i get some help on how to make the login "detect" the username from my MySQL database and display the username   Thanks   Attached Files  login_success.php.jpg   14.31KB   0 downloads