simple session login issue

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
gimpact
Forum Commoner
Posts: 65
Joined: Tue Jun 16, 2009 11:08 pm

simple session login issue

Post by gimpact »

Hello,

I have this issue which looks simple to me but just cant get it right. I have this code in the login page. This code gets executed after all checks, when the user should be logged in.

Code: Select all

session_start();
                                $_SESSION['email'] = $email;
                                $_SESSION['name'] = $getAccount3['name'];
                                $_SESSION['public_name'] = $getAccount3['public_name'];
 
                                header("Location:http://www.domain.com?tag=index");
                                mysql_close($con);
                                die();
Now I have this code in my members page,

Code: Select all

session_start();
$tag= $_REQUEST['tag'];
if(ISSET($_SESSION['email'])){
        if($tag == 'index'){
            include ("index-home.php");
        }else{
            print "index error";
        }
    die();
}else{
  print "Not logged in";
  die();
}
I have no idea, why do i keep seeing Not logged in. any help will be appreciated.
Thank you,
User avatar
superdezign
DevNet Master
Posts: 4135
Joined: Sat Jan 20, 2007 11:06 pm

Re: simple session login issue

Post by superdezign »

I don't believe that die() and session_write_close() are the same.
Eric!
DevNet Resident
Posts: 1146
Joined: Sun Jun 14, 2009 3:13 pm

Re: simple session login issue

Post by Eric! »

lol. After you've logged in you have to have a way to log out too and kill the session with session_destroy().
gimpact
Forum Commoner
Posts: 65
Joined: Tue Jun 16, 2009 11:08 pm

Re: simple session login issue

Post by gimpact »

Eric! wrote:lol. After you've logged in you have to have a way to log out too and kill the session with session_destroy().
Yea, well, all that after I get to see my members page. With this I see nothing. as soon as I login, i am thrown out, as if I haven't logged in at all! :-)
User avatar
desperado
Forum Commoner
Posts: 46
Joined: Wed Dec 10, 2008 8:49 am

Re: simple session login issue

Post by desperado »

you are forcing a new session to start. try:

Code: Select all

[b][color=#800000]if (!isset($_SESSION)) {[/color]
[color=#800000]session_start();[/color]
[color=#800000]}[/color][/b]
 
$tag= $_REQUEST['tag'];
if(ISSET($_SESSION['email'])){
        if($tag == 'index'){
            include ("index-home.php");
        }else{
            print "index error";
        }
    die();
}else{
  print "Not logged in";
  die();
}
User avatar
superdezign
DevNet Master
Posts: 4135
Joined: Sat Jan 20, 2007 11:06 pm

Re: simple session login issue

Post by superdezign »

desperado wrote:you are forcing a new session to start.
That's not the way sessions work. session_start() only creates a new session if there is currently no session. Otherwise, it resumes the current session.

@gimpact: Did you try using session_write_close() yet? This saves the session data so that it will be available at the next page request. The data isn't saved until the script finishes or you tell the script to save. There are problems with saving sessions after using header() redirection, as this oftentimes stops your script from executing. Thus, the script doesn't finish and the data in your $_SESSION array is not saved.

Also, a less common problem is that the cookie was not created in time for your redirection. Sessions are based off of client-side cookies that save the client's session ID. If the session ID is not saved in the cookie, then your website will not recognize it until it is saved. A solution to this is giving your users a "Login successful" page to give the cookie time to be created. You can also send the session ID through the URL as the "SID" constant.
gimpact
Forum Commoner
Posts: 65
Joined: Tue Jun 16, 2009 11:08 pm

Re: simple session login issue

Post by gimpact »

Hi all, thanks for replying. This does not work

Code: Select all

session_start();
                               
$_SESSION['email'] = $email;
$_SESSION['name'] = $getAccount3['name'];
 $_SESSION['public_name'] = $getAccount3['public_name'];
  session_write_close();
  mysql_close($con);
 
  header("Location:http://domain.com?tag=index");
                                
  die();
I am confused as why this is happening. my hosting with bluehost uses php5
Eric!
DevNet Resident
Posts: 1146
Joined: Sun Jun 14, 2009 3:13 pm

Re: simple session login issue

Post by Eric! »

Are you expecting that code to tell you: "Not logged in"? Because that code will always log you in by setting $_SESSION['email'], even if $email is empty you will be automatically logged into the page you are redirecting to because isset($_SESSION['email']) will return true, which is the only condition you're checking.
User avatar
superdezign
DevNet Master
Posts: 4135
Joined: Sat Jan 20, 2007 11:06 pm

Re: simple session login issue

Post by superdezign »

.. Is isset() not case-sensitive? Most imperative programming languages are...
Eric!
DevNet Resident
Posts: 1146
Joined: Sun Jun 14, 2009 3:13 pm

Re: simple session login issue

Post by Eric! »

I was wondering about the ISSET in all caps too, but I think it works. But notice if all he does is this:

Code: Select all

session_start();
$_SESSION['email'] = $email;
header("Location:http://domain.com?tag=index");
 
His other peice of code would always show him as logged-in as long as $email is set to something, even a null. I think most browser forms return a NULL for blank fields.
User avatar
Mirge
Forum Contributor
Posts: 298
Joined: Thu Sep 03, 2009 11:39 pm

Re: simple session login issue

Post by Mirge »

superdezign wrote:.. Is isset() not case-sensitive? Most imperative programming languages are...
No, according to "Programming PHP", PHP functions are not case sensitive. Might be one of the few things that are.. are variables/constants?

Code: Select all

 
<?php
 
$foo = 1;
 
if(isSET($foo)) { print "\$foo is set.\n"; }
if(iSSEt($foo)) { print "\$foo is set.\n"; }
if(ISSET($foo)) { print "\$foo is set.\n"; }
 
?>
 
$ php -q test.php
$foo is set.
$foo is set.
$foo is set.
$
 
gimpact
Forum Commoner
Posts: 65
Joined: Tue Jun 16, 2009 11:08 pm

Re: simple session login issue

Post by gimpact »

Thank you for replying. Well, I had hell of a time figuring that out. I began checking from the login page, where I "echo" the session value and surprisingly it was working, so I did a echo in the member's index page and again, it was working. Then I did some searches and found that, what I actually need to do is, the check if the email is NULL or not.

Code: Select all

session_start();
if (isset($_SESSION['email']) || (!$_SESSION['email'] == '')){
    // session exist
Some times, I am really nuts!

Many of you said that, merely checking

Code: Select all

session_start();
if (isset($_session['email'])){
}else{
}
is not enough, but it dint come to my mind immediately, that I should check with null :-)
User avatar
Weiry
Forum Contributor
Posts: 323
Joined: Wed Sep 09, 2009 5:55 am
Location: Australia

Re: simple session login issue

Post by Weiry »

Rather than performing an isset() and whether the email value is NULL, you could just do an empty() check

Code: Select all

<?php
session_start();
if (!empty($_SESSION['email'])){
    print "session started";
    session_destroy();
}else{
    print "session not started";
    $_SESSION['email'] = "test@gmail.com";
}
?>
Post Reply