Page 1 of 1

[RESOLVED] Trying to write login script using session

Posted: Wed Jul 22, 2009 11:29 am
by islan
I am trying to write two php scripts to handle the login on a website. The first one ends like this:

Code: Select all

$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
 
//echo "Username: " . $_SESSION['username'];
 
header("location:login_success.php");
The beginning of login_success.php looks like this:

Code: Select all

<?
session_start();
if(!isset($_SESSION['username'])){
header("location:[Failed Relocation]");
}
 
echo "Username: " . $_SESSION['username'];
//session_destroy();
?>
Originally this code worked, but then I had a problem with a different username not replacing the first username used in $_SESSION. So I added session_destroy(); at the end of login_success.php, only after that $_SESSION['username'] always returned empty when I used echo. I commented out session_destroy(), as you can see, but ever since then, isset() has been returning false and I have been redirected to [Failed Location] every time.

Can anyone lend me some insight into what is going on?

PS: The version of PHP I'm using is 5.2.9

Re: [Help] Trying to write login script using session

Posted: Wed Jul 22, 2009 12:56 pm
by spider.nick
islan wrote:I am trying to write two php scripts to handle the login on a website. The first one ends like this:

Code: Select all

$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
 
//echo "Username: " . $_SESSION['username'];
 
header("location:login_success.php");
The beginning of login_success.php looks like this:

Code: Select all

<?
session_start();
if(!isset($_SESSION['username'])){
header("location:[Failed Relocation]");
}
 
echo "Username: " . $_SESSION['username'];
//session_destroy();
?>
Originally this code worked, but then I had a problem with a different username not replacing the first username used in $_SESSION. So I added session_destroy(); at the end of login_success.php, only after that $_SESSION['username'] always returned empty when I used echo. I commented out session_destroy(), as you can see, but ever since then, isset() has been returning false and I have been redirected to [Failed Location] every time.

Can anyone lend me some insight into what is going on?

PS: The version of PHP I'm using is 5.2.9
First of all, http://php.net/sessions

Secondly, do you have session_start() at the beginning of this page:

Code: Select all

$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
 
//echo "Username: " . $_SESSION['username'];
 
header("location:login_success.php");
Thirdly, please always use code=php when posting code.

Nick

Re: [Help] Trying to write login script using session

Posted: Wed Jul 22, 2009 1:28 pm
by islan
spider.nick wrote:
First of all, http://php.net/sessions

Secondly, do you have session_start() at the beginning of this page:

Code: Select all

$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
 
//echo "Username: " . $_SESSION['username'];
 
header("location:login_success.php");
Thirdly, please always use code=php when posting code.

Nick
Firstly: Yes, I've been there.

Secondly: The original code I was referencing told me to put session_start() in login_success.php, though I have no idea why. I have tried it both ways, however, and the result is the same: isset() returns false when it didn't used to.

Thirdly: I'll try to keep that in mind.

Re: [Help] Trying to write login script using session

Posted: Wed Jul 22, 2009 1:34 pm
by spider.nick
islan wrote:
spider.nick wrote:
First of all, http://php.net/sessions

Secondly, do you have session_start() at the beginning of this page:

Code: Select all

$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
 
//echo "Username: " . $_SESSION['username'];
 
header("location:login_success.php");
Thirdly, please always use code=php when posting code.

Nick
Firstly: Yes, I've been there.

Secondly: The original code I was referencing told me to put session_start() in login_success.php, though I have no idea why. I have tried it both ways, however, and the result is the same: isset() returns false when it didn't used to.

Thirdly: I'll try to keep that in mind.
In order for you to set anything in the session array, via $_SESSION, you must have session_start() at the top of your page. Add it to the top of both pages, if it is not already there, and then refresh your page. It should do the trick.

The important thing to note with sessions is that you have to set the session, via $_SESSION, and then reload the page. In your case, you are setting it and then using header(), which is the same as 'reloading' the page. So, there should not be any issue there. However, on your test echo of $_SESSION['username'], you should not be seeing anything.

Nick

Re: [Help] Trying to write login script using session

Posted: Wed Jul 22, 2009 1:42 pm
by islan
spider.nick wrote:However, on your test echo of $_SESSION['username'], you should not be seeing anything.

Nick
Really? Why not?

Re: [Help] Trying to write login script using session

Posted: Wed Jul 22, 2009 1:45 pm
by spider.nick
islan wrote:
spider.nick wrote:However, on your test echo of $_SESSION['username'], you should not be seeing anything.

Nick
Really? Why not?
Honestly, I have no idea. It is just one of those unwritten rules that you learn over the years of programming.

Nick

Re: [Help] Trying to write login script using session

Posted: Wed Jul 22, 2009 1:52 pm
by islan
spider.nick wrote: In order for you to set anything in the session array, via $_SESSION, you must have session_start() at the top of your page. Add it to the top of both pages, if it is not already there, and then refresh your page. It should do the trick.

Nick
Okay, that seems to work! I didn't try it with one on both pages before. Thanks.

It makes me wonder why it worked before, though... Oh well.

Re: [Help] Trying to write login script using session

Posted: Wed Jul 22, 2009 1:56 pm
by islan
Okay, with that fixed, I'm still left with my original problem before I got sidetracked by this one:

Whenever I try to login as a different user, $_SESSION['username'] still returns the person I logged in with first. In my first code, before declaring $_SESSION['username'] = $username, I call unset($_SESSION['username']). I also have a session_destroy() called when the user logs out.

Any advice there?

PS: Also, echo $_SESSION['username'] does actually seem to work. :?

Re: [Help] Trying to write login script using session

Posted: Wed Jul 22, 2009 1:56 pm
by spider.nick
islan wrote:
spider.nick wrote: In order for you to set anything in the session array, via $_SESSION, you must have session_start() at the top of your page. Add it to the top of both pages, if it is not already there, and then refresh your page. It should do the trick.

Nick
Okay, that seems to work! I didn't try it with one on both pages before. Thanks.

It makes me wonder why it worked before, though... Oh well.
Excellent.

Now, go to your first post, and hit 'edit'. Then, edit the title to read '[RESOLVED] [Help] Trying to write login script using session'. Oh, and [language=spanish]muchas gracias[/language]!

Then, start a new post for your new question.

Nick

Re: [Help] Trying to write login script using session

Posted: Wed Jul 22, 2009 1:57 pm
by islan
spider.nick wrote:
islan wrote:
spider.nick wrote: In order for you to set anything in the session array, via $_SESSION, you must have session_start() at the top of your page. Add it to the top of both pages, if it is not already there, and then refresh your page. It should do the trick.

Nick
Okay, that seems to work! I didn't try it with one on both pages before. Thanks.

It makes me wonder why it worked before, though... Oh well.
Excellent.

Now, go to your first post, and hit 'edit'. Then, edit the title to read '[RESOLVED] [Help] Trying to write login script using session'. Oh, and [language=spanish]muchas gracias[/language]!

Then, start a new post for your new question.

Nick
Alright, will do!