Page 1 of 1

Problem processing Session variables

Posted: Tue Jun 23, 2009 3:15 pm
by mangologin
Hello ppl,
am an amateur to PHP scripting.so kindly point out the blunders!
I am trying to pass on a session variable,basically to welcome a user to his webpage.

The code goes like this :

Code: Select all

 
<html>
<title>Session test page</title>
<body>
<form action ="welcome.php" method="post"
<p>NAME <input type = "text" name="fname" maxlength = "50"/></p>
<p>PASSWORD <input type="password" name="password"/></p>
<p><input type="SUBMIT" name="fsubmit" value="submit"/></p>
</form>
<?php
session_start();
$_SESSION['username']=$_POST['fname'];
?>
</body>
</html>
 
Now , in the welcome.php

Code: Select all

 
<html>
<body>
<?php
session_start();
echo $_SESSION['username'];
?>
</body>
 

The problem is when I submit the form saying name and password , am unable to see any output after i submit the form,

Suppose

NAME : ABCDE
password : ******

then after hitting submit i shld get ABCDE in my webpage,which doesn't happen

Kindly help me out!

Re: Problem processing Session variables

Posted: Tue Jun 23, 2009 3:18 pm
by patrickmvi
The session needs to be set on the subsequent page after the POST has occurred. This code here:

Code: Select all

<?php
session_start();
$_SESSION['username']=$_POST['fname'];
?>
 
should occur at the top of your welcome.php page.

Re: Problem processing Session variables

Posted: Wed Jun 24, 2009 6:36 am
by mangologin
thanks!its' working!can u explain the funda behind this?

Re: Problem processing Session variables

Posted: Wed Jun 24, 2009 6:53 am
by patrickmvi
Your information needs to be POSTed to the server before you can store it in the session, the server cannot read from the client's browser dynamically.

Re: Problem processing Session variables

Posted: Wed Jun 24, 2009 7:46 am
by Eric!
Starting a session generates a little file (if using default settings) with a session id. The session data is then stuffed inside. When you move to a new page you have to tell the server where your session data is again by starting the session. If you move to a sub-domain however the server will try to generate a new session and you loose your data. However between pages on the same domain, it works great, just remember to tell it to start your session.

If you do need to jump to a different domain and keep your session data then put this before your start session:
ini_set("session.cookie_domain",substr($_SERVER[HTTP_HOST],3));

The second field you put your '.yourdomain.com' instead of the server variable shown above.

Also you should know that by default php will write sessions to /tmp which is open to the public. Some host sites use this default setting for writing sessions, however anyone can snoop that directory and steal the session data and hijack the users session. You can change that. Change your php.ini file and the value of the session.save_path from /tmp to something like /var/php/session and having that directory be readable and writable only by the user that you’ve used to run your server (i.e., the user apache).