|
PHP - Session Not Initialising Or Destroying When Initialised
hi,
im a php noob trying to echo session variable based on what the user name is but neither is the session initialising nor is it destroying as i can go from index to home page by typing it in the browser with out the user input can any one help me with this(pardon my english) my code is as follows(if im missing something please tutor me on that too as that wud b helpful becoz web resources on sessions r not helpful)
code in home.php:
<?php
include '1.1.php';
include '1.php';
ob_start();
session_start();
$_SESSION['uname']=$s1||$b1;
?>
<!DOCTYPE html>
<html>
<head>
<title>fetch-array</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
</script>
<link href="css/hello.css" rel="stylesheet">
<script type="text/javascript" src="tinymce/tinymce.min.js"></script>
<script>
tinymce.init({
selector: "textarea#elm1",
theme: "modern",
width: 500,
height: 150,
plugins: [
"advlist autolink link image lists charmap print preview hr anchor pagebreak spellchecker",
"searchreplace wordcount visualblocks visualchars code media insertdatetime media nonbreaking",
"save table contextmenu directionality emoticons template paste textcolor"
],
content_css: "css/content.css",
toolbar: "insertfile undo redo | styleselect | bold italic | alignleft aligncenter alignright alignjustify | outdent indent | link image | print preview media fullpage | forecolor backcolor emoticons",
style_formats: [
{title: 'Bold text', inline: 'b'},
{title: 'Red text', inline: 'span', styles: {color: '#ff0000'}},
{title: 'Red header', block: 'h1', styles: {color: '#ff0000'}},
{title: 'Example 1', inline: 'span', classes: 'example1'},
{title: 'Example 2', inline: 'span', classes: 'example2'},
{title: 'Table styles'},
{title: 'Table row 1', selector: 'tr', classes: 'tablerow1'}
]
});
</script>
</head>
<body>
<header> <div align="left"><a href="session_stop.php">logout</a></div></header>
<br>
<div id="container">
<div class="Container-left">
<?php echo $_SESSION['uname'];?>
</div>
note that it isn't also echoing any session variable too then here is my session stop page:
<?php
session_start();
session_unset();
session_destroy();
if(session_destroy()==1){
setcookie('', NULL, time()-100,'/');
header('location:index.php');}
were am i going wrong???
Similar TutorialsWorking making an jquery ajax/php chat system It thought to myself wouldnt it be cool to have commands for admins? Any way I was thinking how the kick command would work. If I keep a list of all the session ID's in a table how can I get PHP to kill a session based on a certain session ID? Say for example some users session ID was 3evirkjonfg5dr4s5b783nvvf0 how can I use that to instantly kill a session so the user is logged out? Hi, I am facing problems in destroying the session variables in my logout file .I have used session_id() in my php files for ex $sid = session_id().Now when I click on logout I naviagte to my index file but the session variable $sid still remain.I have chkd it.I have kept session_start() function in a file and I am including that file in every php by require_once function.The file is palced in Includes folder..is it causing the problem?? please help me out Also can I use session_start() more than once in a single php file? My logout file is : <?php session_start(); session_destroy(); header("location:index.php"); exit(); ?> Here is my code that sets the cookie for a year: //set a cookie for a year setcookie('user', $username, time()+31536000); My code that unsets it: <?php unset($_COOKIE['user']); header("LOCATION:index.php"); ?> Why doesn't it log the user out? In the following code, Code: [Select] // Register Globals if (ini_get('register_globals')) { ini_set('session.use_cookies', 'On'); ini_set('session.use_trans_sid', 'Off'); session_set_cookie_params(0, '/'); session_start(); $globals = array($_REQUEST, $_SESSION, $_SERVER, $_FILES); foreach ($globals as $global) { foreach(array_keys($global) as $key) { unset($$key); } } } the above destroys all globals if register_globals is on, as I understand it. However, if it does destroy all globals, can a web form continue to work? How do you allow form fields and other stuff to be used in a script even if you kill all the globals up front? Many thanks I am having trouble resolving an error. Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/s519970/public_html/header.php:27) in /home/s519970/public_html/admin/login.php on line 2 What I can gather is I can't use "header (Location: 'admin.php')" after i've used session_start(). I have tried to replace the header (Location: 'admin.php') with this: echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; I've been trying to read up on solutions but haven't been able to get it sorted. If anyone can offer some advice that would be greatly appreciated as im new to php. Code: [Select] <?php session_start(); if(isset($_SESSION['user'])) echo "<script>document.location.href='admin.php'</script>"; echo "<script>'Content-type: application/octet-stream'</script>"; ?> <div id="loginform"> <form action="dologin.php" method="post"> <table> <tr> <td><span>Username:</span></td> <td><input type="text" name="username" /></td> </tr> <tr> <td><span>Password:</span></td> <td><input type="password" name="password" /></td> </tr> <tr> <td colspan="2" align="right"><input type="submit" name="login" value="Login" /></td> </tr> </table> </form> </div> I have tried using require_once('yourpage.php'); before my <head></head> tags in the header document where I've specified the html information but this doesn't seem to work. I've been advised to use ob_start("ob_gzhandler"); but I am not sure how to implement this. Any advice is greatly appreciated! in this page http://maximaart.com/newscp/ i have this problem Code: [Select] Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/maximasy/public_html/newscp/index.php:1) in /home/maximasy/public_html/newscp/index.php on line 2 my source code is <?php session_start(); include_once("config.php"); include_once("functions.php"); $errorMessage = ''; if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) { if ($_POST['txtUserId'] === "$user" && $_POST['txtPassword'] === "$pass") { // the user id and password match, $_SESSION['basic_is_logged_in'] = true; require("main.php"); exit;?> I am trying to create an index page which contains registration and login field the problem that i get is on successful login a warning is displayed session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\xampp\htdocs\Eventz.com\index.php:116) in C:\xampp\htdocs\Eventz.com\index.php on line 235 This is the login part of my index.php this tag is inside an html table below the login form I also have a registration form and its php code above the login form Code: [Select] <?php if (isset($_REQUEST['pass'])) { $id=$_POST['id']; $pass=$_POST['pass']; $conn =mysql_connect("localhost","root",""); if (!$conn) { die('Could not connect: ' . mysql_error()); } /* checking connection....success! */ $e=mysql_select_db('test', $conn); if(!$e) { die(''.mysql_error()); } else { echo 'database selected successfully'; } if (isset($_REQUEST['id']) || (isset($_REQUEST['pass']))) { if($_REQUEST['id'] == "" || $_REQUEST['pass']=="") { echo "login fields cannot be empty"; } else { $sql=mysql_query("Select email,password from login where email='$id' AND password='$pass'"); $count=mysql_num_rows($sql); if($count==1) /* $count checks if username and password are in same row */ { session_start(); $_SESSION['id']=$id; echo "</br>Login Successful</br>"; } else { echo "</br>invalid</br>"; echo "please try to login again</br>"; } } } } ?> Any help or suggestion would be appreciated hi everyone. i'm wondering what the best way is to create a session variable and pass it to an iframe. i need to do something along these lines, but it doesn't seem to pass the ID. Any hints on how i should accomplish this? Code: [Select] session_start(); $_SESSION['ID']=$_GET['ID']; // id from previous page $ID=session_id(); <iframe src="iframepage.php?ID=<?php echo $ID; ?>" style="width:680px; height:200px;" noresize="noresize" frameborder="0" border="0" scrolling="Yes" allowtransparency="true" /> </iframe> I'm making a simple login system with MySQL and PHP (very simple, I'm just starting with PHP). The MySQL portion is done, but I need to ensure only people who are logged in can see certain content. To check if people are logged in, my website checks that they have the $_SESSION['user'] variable set. If it is set, then it lets them continue through the website, if not, it tells them to login. Is that enough security, or can people simply inject a session cookie into their browser to spoof that they are logged in? My idea was to generate a session key cookie when they login (just a random string of letters and numbers) and store that in the database, then on every page, check to make sure their session key is the same thing that's in the database. Is this necessary? It seems expensive. Just curious how other people feel about this. I am working on an application where a lot of info is pulled from MySQL and needed on multiple pages.
Would it make more sense to...
1. Pull all data ONCE and store it in SESSION variables to use on other pages
2. Pull the data from the database on each new page that needs it
I assume the preferred method is #1, but maybe there is some downside to using SESSION variables "too much"?
Side question that's kind of related: As far as URLs, is it preferable to have data stored in them (i.e. domain.com/somepage.php?somedata=something&otherdata=thisdata) or use SESSION variables to store that data so the URLs can stay general/clean (i.e. domain.com/somepage.php)?
Both are probably loaded questions but any possible insight would be appreciated.
Thanks!
Greg
Edited by galvin, 04 November 2014 - 10:30 AM. Evening! I've been iffing and ahhing over this and well im not too sure, hence the post. Code: [Select] // Redirects if there is no session id selected and echos the error on the previous page if(!isset($_GET['get']) || ($_GET['getget'])){ header("Location: #.php?error"); } So it should simply check if get is set if it isnt then see if getget is set? If not redirect and show the error. Now ive tried it and even when get/getget is set it still redirects, probably something silly. Care to share anyone? Harry. I am building an app (PHP and MySQL)and I had been using a lot of GET calls to get info from URLs, but the more I thought about it, the more I didn't like the possibility of people being able to mess with the URLs. So I am in the process of changing everything to use SESSION variables to store data across pages, rather than GET. The way I see it, SESSION variables are completely behind the scenes so they seem to be the better option. Am I right, or is GET better than SESSION for some reason? I am having trouble calling the session var "email" from the landing page. Here is the code that I am using. I am not even sure the session "email" is starting or registering. Code: [Select] $referer = $_SERVER['HTTP_REFERER']; $email = $_POST['email']; $sql="SELECT * FROM users WHERE email='$email' "; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $email, table row count must be 1 row if($count==1){ // Session Register email session_start(); $_SESSION['email'] = $email; header("location:".$referer2." "); exit(); } Pls tell me what is wrong? <?PHP include("dba.php"); function hvataj ($trazi, $id) { $upit = mysql_query ('select * from administrator where member_id = '.$id.''); return ( $row = mysql_fetch_assoc ($upit) ) ? $row[$trazi] : mysql_error (); } ?> I have parse error here on this line when I want to echo it: <?PHP echo "<img src='images/korisnik_slike/".hvataj('slika',$_SESSION['member_id']."' />"; ?> How to add more data into $_SESSION? I have following code: Code: [Select] if(isset($_GET['poredi']) && $_GET['poredi'] == "upo"){ $idp = intval($_POST['idp']); $sql = "SELECT * FROM product WHERE product_id={$idp}"; $query=mysql_query($sql); if(mysql_num_rows($query)!=0){ $row=mysql_fetch_array($query); $_SESSION['poredi'] = $row['product_id']; } } On click it need to store more product_id, and after that i have to be able to do query with data (find all data with product_id)? Hi, I am trying to get the value of a session veriable and if the variable contains a certain word it will show an error message, else just continue as normal. if (isset($_POST['selectroom'])) {$_SESSION['room'] = $_POST['selectroom'];} if (!isset($_SESSION['room'])) $room = "RoomNameA"; else $room = $_SESSION['room']; Please Advise, - Stuart Why is my SESSION not getting set in the code below?! Code: [Select] <?php // Initialize a session. session_start(); // Initialize Logged-In Status. $_SESSION['loggedIn'] = FALSE; // Display Logged-In Status. echo '<p>$_SESSION[\'loggedIn\'] = ' . $_SESSION['loggedIn'] . '</p>'; exit(); When I run this I get... $_SESSION['loggedIn'] = Debbie Is there anyway to work out the age of a session, i.e the time that has elapsed since it was created? Cheers People please help me i beg you, been trying to do this same thing for the past 4hours (-) close to giving up on php and learning a new languages :S Well as I was updating my login/sign up because its old and it was not very safe. Now my session are not working, well they work when i set them but it wont destroy so you cant log out. I have tryed doing 100 ways but i get one error or another or it dont work out all. login page <?php session_start(); require_once "../config.php"; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Admin CP</title> <?php $flag=0; if(isset($_POST['Submit'])) { $con = database_connect(); $username = $_POST['username']; $password = $_POST['password']; clean($username); clean($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); mysql_close($con); $md5password= md5($password); database_connect(); $sql="select * from $membertables WHERE username='$username' and password='$md5password' and (userlevel='1' or userlevel='2') "; $res=mysql_query($sql); if(!$res) { die('error in database'); } $row=mysql_fetch_array($res); if(mysql_num_rows($res)>0) { $_SESSION['logged_in'] ="loggedin"; $_SESSION['userid']=$row['uid']; $_SESSION['username']=$row['username']; $_SESSION['userlevel']=$row['userlevel']; session_write_close(); header('location:welcome.php'); } else { $_SESSION['logged_in'] = "notloggedin"; $flag=1; } } ?> <script language="javascript"> function valid() { if(document.frm1.txtuname.value=="") { alert('Enter User-ID'); document.frm1.txtuname.focus(); return false; } if(document.frm1.txtpass.value=="") { alert('Enter Password'); document.frm1.txtpass.focus(); return false; } } </script> <!-- CSS --> <link href="style/css/transdmin.css" rel="stylesheet" type="text/css" media="screen" /> <!--[if IE 6]><link rel="stylesheet" type="text/css" media="screen" href="style/css/ie6.css" /><![endif]--> <!--[if IE 7]><link rel="stylesheet" type="text/css" media="screen" href="style/css/ie7.css" /><![endif]--> <!-- JavaScripts--> <script type="text/javascript" src="style/js/jquery.js"></script> <script type="text/javascript" src="style/js/jNice.js"></script> </head> <body> <div id="wrapper"> <!-- h1 tag stays for the logo, you can use the a tag for linking the index page --> <h1><a href="#"><span>Transdmin Light</span></a></h1> <!-- You can name the links with lowercase, they will be transformed to uppercase by CSS, we prefered to name them with uppercase to have the same effect with disabled stylesheet --> <ul id="mainNav"> <li></li> <!-- Use the "active" class for the active menu item --> <li></li> <li></li> <li class="logout"></li> </ul> <!-- // #end mainNav --> <div id="containerHolder"> <div id="container"><!-- // #sidebar --> <!-- h2 stays for breadcrumbs --> <h2>Login »</h2> <div id="main"> <form action="index.php" method="post" name="frm1" id="frm1" onSubmit="return valid();"> <table width="100%" border="0" cellpadding="0" cellspacing="0""> <tr> <td align="left"><table border="0" cellpadding="5" cellspacing="1" width="576"> <tbody> <tr> <td colspan="2" align="center"><br /> Please enter your User Name and password below.<br /></td> </tr> <?php if($flag==1) { ?> <tr> <td width="333" align="center" style="background-color: #F00; text-decoration: underline; color: #FF0;" ><p>Enter Valid User-Name or Password </p></td> </tr> <?php } ?> <tr> <td align="right" >User Name:</td> <td width="344"><input style="background-color: rgb(221, 234, 248);" class="form_text" id="username" name="username" /> <script language="JavaScript" type="text/javascript">document.getElementById('txtuname').focus(); </script></td> </tr> <tr> <td align="right">Password:</td> <td><input class="form_text" id="password" name="password" type="password" /></td> </tr> <tr> <td> </td> <td> <input class="buttons" value="sign me in" name="Submit" type="submit" id="Submit" /> </td> </tr> <tr> <td style="height: 30px;"> </td> <td> </td> </tr> </table> </td> </tr> </tbody> </table> </form> </div> <!-- // #main --> <div class="clear"></div> </div> <!-- // #container --> </div> <!-- // #containerHolder --> <p id="footer"><?php echo $footer ?></p> </div> <!-- // #wrapper --> </body> </html> <?php session_start(); if($_SESSION['logged_in']="loggedin"); else{ header('location:index.php'); } ?> sign out page <?php session_start(); session_unset(); session_destroy(); header('location:index.php'); ?> Hello I keep having this issue with sessions. I have an login feature on my website that uses sessions. When i do like this: 1. Login 2. close browser 3. open browser again 4. try to log in It fails, actually nothing happens, so I manually need to go to logout.php to reset and then I can log in again. Why is this happening and how do i solve it? |
|||||||