Page 1 of 1

session variable is available and set but value is hidden

Posted: Wed Jul 03, 2002 8:55 pm
by Qizmo
Hi I have a strange problem that has recurred in different code yet I cannot find out where my code is buggy. Anyone have any ideas?

Basically....... my PHP scripts makes use of functions which are contained in other included/required php files.

In authenticating a user at login my login script uses some functions from a function library (included in the login script). A successful login entails one of those functions setting some session variables.

As the user logs in successfully in the login script I immediately include() next_page.php.

This next_page.php starts with include(functions_library2.php) which contains the declaration for the function myFunc() which it (next_page.php that is) promptly calls.

Now ... myFunc needs to access one of those session variable which was set at login.

I have verified that the session variables are visible to a printSessVars.php script I quickly coded for debugging purposes. Also next_page.php CAN DIRECTLY access the session variables created at login and echo their values......... so no worries my session is fine and working.

My problem ..... and I cannot work out why this is happening ...... is that the the session variable's value is not visible from WITHIN myFunc() as it should be, having been session_registered etc etc ....... I am having to resort to passing it as an argument to myFunc().......

Now, I thought that session variables (being to all intents and purposes 'global') would be accessible inside these library functions, surely they are available anywhere in current scope so long as session_start() has been called in the current scope/script etc etc

So I can echo the value of the session variable directly inside the included next_page.php but if it I try to echo its value from within myFunc() inside next_page.php ALTHOUGH myFunc() returns boolean true on checking whether session_is_registered('mysessionvariable') .... all the same it outputs no value .."_" .. nothing. This is mysterious because just before the function call, in next_page, I can access and echo the session var.


Does anyone have any idea what on earth is going on here?

thanks in advance ;-)

Qizmo

Posted: Wed Jul 03, 2002 10:01 pm
by llimllib
what does myFunc look like? have you been able to access $_SESSION from within another *function*?

Posted: Thu Jul 04, 2002 1:46 am
by twigletmac
Session variables are not automatically global within functions unless they are contained in the $_SESSION array (that is you are using PHP 4.1 or above) or you declare them global.

If you had a session variable called $my_sess_var you could access it in a function in the following ways:

PHP 4.1 and above

Code: Select all

function my_func()
{
     $var_to_use = $_SESSIONї'my_sess_var'];
     // bunch of code
}
PHP < 4.1

Code: Select all

function my_func()
&#123;
     global $HTTP_SESSION_VARS;
     $var_to_use = $HTTP_SESSION_VARS&#1111;'my_sess_var'];
     // bunch of code
&#125;
Mac

still getting same result

Posted: Thu Jul 04, 2002 8:50 am
by Qizmo
Hi,

thanks a lot for your help.

I tried what you suggested but I'm still getting the same result.

Here's my code. Please let me know what you think. Thanks



Code: Select all

function login($uname, $password)
// INSIDE library_fns.php
// check username and password from login FORM with db,  if yes, return true, else return false
&#123;
  session_start();
  $debug_in_progress = true;
 ..................
  // check if username is unique
  $result = mysql_query("select * from users_table where user_name='$uname' and password = password('$password')");
  if (!$result)     return false;
  
  if (mysql_num_rows($result)>0)
   &#123;
	// set up a few sess vars
        $userinfo = mysql_fetch_assoc($result);
        if ( $userinfo )
         &#123;
                                session_register("user_id");
                                session_register("username");
                                session_register("realname");
                                session_register("isadmin");
                                session_register("email");		

                                $user_id = $userinfo&#1111; "user_id" ];
                                // SYSTEM ID
                                $username = $userinfo&#1111; "username" ];	
                                // HANDLE
                                $realname = $userinfo&#1111; "name" ];	
                                // REAL NAME
                                $email = $userinfo&#1111; "email" ];
                                // EMAIL ADDRESS

               if($debug_in_progress == true)	
                &#123;
                 echo "in login user_id is: "; echo $user_id;
                 echo"<BR>";
                 echo "in login username is: "; echo $username;
                 echo"<BR>";
                 echo "in login realname is: "; echo $realname;
                 echo"<BR>";
                 echo "in login email is: "; echo $email; 
                &#125;			 
       &#125;
      return true;
    &#125; 
    // else ....   
    return false;
&#125;






function check_valid_user()
// see if somebody is logged in and notify them if not
&#123;
  session_start();
  //  global $user_id;
  $debug_in_progress = true;

 // can try ...........
 // global $HTTP_SESSION_VARS; 
 // $myuser_id = $HTTP_SESSION_VARS&#1111;'user_id']; 

 // or alternatively .....
 $myuser_id = $_SESSION&#1111;'user_id'];


 	if($debug_in_progress == true)	
	&#123;
	 echo "in check_valid_user() user_id is: ";  
                 echo $myuser_id;  echo"<BR>";
	&#125;


  if (session_is_registered("user_id"))
  &#123;
     echo "You are logged in as ...";
     echo $myuser_id;
     echo "<br>";
    return true;
  &#125;
  else
  &#123;
    // INSTEAD send them to the login page with a special message
    if ( ! session_is_registered("latest_message") ) 
    session_register("latest_message");
    $latest_message = "You are not logged in..<BR>Please log in first, then you may use the site''s services";	
     include( 'login.php' );
    // exit so that other scripts which call this function are halted.
    exit;
  &#125;  
&#125;




1. function login returns TRUE, fantastic we get sent to the HOME PAGE.
2. at HOME PAGE, all relevant session variables are echo'd nicely
3. I use IE address bar drop down box to pull up the password_change_form.php URL
3. go to that page expecting checkValidUser function to be executed as part of the script for that page.
4. checkValidUser func would print user_id of logged in person but it does not print the value

NB function checkValidUser and function login are in teh same .php library file but obviously called from different pages.

5. I have done other tests which confirm that session variables do maintain their values across pages in my webspace
SO where am I loosing the session variable's values?

Any ideas? I'm starting to pull my hair out hehe

thanks,

Qizmo

Posted: Thu Jul 04, 2002 9:00 am
by twigletmac
A couple of suggestions:
  • Try calling session_start() at the top of your scripts instead of from within the function.
  • Don't use session_register() if you are using PHP 4.1 or above instead try:

    Code: Select all

    $_SESSION&#1111;'user_id'] = $user_id;
    $_SESSION&#1111;'username'] = $username;
    $_SESSION&#1111;'realname'] = $realname;
    etc
  • Check what's in the $_SESSION array at different points by using:

    Code: Select all

    echo '<pre>';
    print_r($_SESSION);
    echo '</pre>';
Mac

Success at last ! [Session variables]

Posted: Thu Jul 04, 2002 1:49 pm
by Qizmo
:D

Mac,

Your advice was spot on :-) It seems to be working fine now!!

Conclusion:
I guess different versions of PHP will have subtle differences in the way something is handled or in the syntax of a language construct or idiom. Perhaps there's a web resource somewhere that keeps a 'library of deprecations and differences comparisons' ..... between the different version's constructs' syntax etc.

Mac and llimllib, Thanks a lot for your guidance, I'm really grateful !

;-)

Qizmo