Session not working..... Please reply urgent

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
anjshr7
Forum Newbie
Posts: 19
Joined: Fri Jul 17, 2015 1:28 pm

Session not working..... Please reply urgent

Post by anjshr7 »

Secure login is not working....

Index.php

USE CODE TAGS WHEN POSTING CODE --requinix

Code: Select all

<?php
include('login.php'); // Includes Login Script
if(isset($_SESSION['login_user'])){
header("location: profile.php");
}
?><?php

include("config.php");


//current URL of the Page. cart_update.php redirects back to this URL
$current_url = urlencode($url="http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Shopping Cart</title>
<link href="style/style.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id="main">
<h1>PHP Login Session Example</h1>
<div id="login">
<h2>Login Form</h2>
<form action="" method="post">
<label>UserName :</label>
<input id="name" name="username" placeholder="username" type="text">
<label>Password :</label>
<input id="password" name="password" placeholder="**********" type="password">
<input name="submit" type="submit" value=" Login ">
<span><?php echo $error; ?></span>
</form>
</div>
</div>
<h1 align="center">Products </h1>

</body>
</html>

Login.php

Code: Select all

<?php

$error=''; // Variable To Store Error Message
if (isset($_POST['submit'])) {
if (empty($_POST['username']) || empty($_POST['password'])) {
$error = "Username or Password is invalid";
}
else
{
// Define $username and $password
$username=$_POST['username'];
$password=$_POST['password'];
$db_username = 'root';
$db_password = '';
$db_name = 'company';
$db_host = 'localhost';
// Establishing Connection with Server by passing server_name, user_id and password as a parameter
$mysqli = new mysqli($db_host, $db_username, $db_password,$db_name);

if ($mysqli->connect_error) {
    die('Error : ('. $mysqli->connect_errno .') '. $mysqli->connect_error);
}// To protect MySQL injection for Security purpose
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$mysqli->select_db("company");
// SQL query to fetch information of registerd users and finds user match.
$rows = $mysqli->query("SELECT * FROM login WHERE password='$password' AND username='$username'");
if ($rows == 1) {

$_SESSION['login_user']=$username; // Initializing Session
header("location: profile.php"); // Redirecting To Other Page
} else {
$error = "Username or Password is invalid";
}
}
}
?>

profile.php

Code: Select all

<?php
session_start();
include("config.php");


//current URL of the Page. cart_update.php redirects back to this URL
$current_url = urlencode($url="http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
?>
<!DOCTYPE html>
<html>
<head>
<title>Shopping Cart</title>
<link href="style/style.css" rel="stylesheet" type="text/css">

<link href="style/styles.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id="profile">
<b id="welcome">Welcome  <?php echo $login_session; ?></b>
<b id="logout"><a href="logout.php">Log Out</a></b>
</div>
<div>
<a href="add_product.php">Add Product</a>
</div>
<h1 align="center">Products </h1>


<!-- View Cart Box Start -->
<?php
if(isset($_SESSION["cart_products"]) && count($_SESSION["cart_products"])>0)
{
	echo '<div class="cart-view-table-front" id="view-cart">';
	echo '<h3>Your Shopping Cart</h3>';
	echo '<form method="post" action="cart_update.php">';
	echo '<table width="100%" cellpadding="6" cellspacing="0">';
	echo '<tbody>';

	$total =0;
	$b = 0;
	foreach ($_SESSION["cart_products"] as $cart_itm)
	{
		$product_name = $cart_itm["product_name"];
		$product_qty = $cart_itm["product_qty"];
		$product_price = $cart_itm["product_price"];
		$product_code = $cart_itm["product_code"];
		$product_color = $cart_itm["product_color"];
		$bg_color = ($b++%2==1) ? 'odd' : 'even'; //zebra stripe
		echo '<tr class="'.$bg_color.'">';
		echo '<td>Qty <input type="text" size="2" maxlength="2" name="product_qty['.$product_code.']" value="'.$product_qty.'" /></td>';
		echo '<td>'.$product_name.'</td>';
		echo '<td><input type="checkbox" name="remove_code[]" value="'.$product_code.'" /> Remove</td>';
		echo '</tr>';
		$subtotal = ($product_price * $product_qty);
		$total = ($total + $subtotal);
	}
	echo '<td colspan="4">';
	echo '<button type="submit">Update</button><a href="view_cart.php" class="button">Checkout</a>';
	echo '</td>';
	echo '</tbody>';
	echo '</table>';
	
	$current_url = urlencode($url="http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
	echo '<input type="hidden" name="return_url" value="'.$current_url.'" />';
	echo '</form>';
	echo '</div>';

}
?>
<!-- View Cart Box End -->


<!-- Products List Start -->
<div class="products">

 
<?php

/*
$username = "root";
$password = "";
$hostname = "localhost"; 
$mysqli = new mysqli($db_host, $db_username, $db_password,$db_name);						
if ($mysqli->connect_error) {
    die('Error : ('. $mysqli->connect_errno .') '. $mysqli->connect_error);
}

$mysqli->select_db("company") or die("Could not select company");

*/
$results = $mysqli->query("SELECT product_name, product_img_name, product_price, product_code, product_desc FROM products ORDER BY id ASC");

if($results){ 

$products_item = '<ul class="products">';
//fetch results set as object and output HTML
while($rows = $results->fetch_object())
{
	$products_item .= <<<EOT
	<li class="product">
	<form method="post" action="cart_update.php">
	<div class="product-content"><h3>{$rows->product_name}</h3>
	<div class="product-thumb"><img src="images/{$rows->product_img_name}"></div>
	<div class="product-desc">{$rows->product_desc}</div>
	<div class="product-info">
	Price {$currency}{$rows->product_price} 
	
	<fieldset>
	
	<label>
		<span>Color</span>
		<select name="product_color">
		<option value="Black">Black</option>
		<option value="Silver">Silver</option>
		</select>
	</label>
	
	<label>
		<span>Quantity</span>
		<input type="text" size="2" maxlength="2" name="product_qty" value="1" />
	</label>
	
	</fieldset>
	<input type="hidden" name="product_code" value="{$rows->product_code}" />
	<input type="hidden" name="type" value="add" />
	<input type="hidden" name="return_url" value="{$current_url}" />
	<div align="center"><button type="submit" class="add_to_cart">Add</button></div>
	</div></div>
	</form>
	</li>
EOT;
}
$products_item .= '</ul>';
echo $products_item;
}
else{
die('Error : ('. $mysqli->connect_errno .') '. $mysqli->connect_error);
 } 
?>   

</div> 
<!-- Products List End -->
</body>
</html>
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: Session not working..... Please reply urgent

Post by Celauran »

Secure login is not working....
You'll need to be a lot more specific than that.
me!
Forum Contributor
Posts: 133
Joined: Sat Nov 04, 2006 8:45 pm

Re: Session not working..... Please reply urgent

Post by me! »

More info on what you are getting or not getting would help...

Not entirely sure if this is called before you get to your log in page, but

Code: Select all

session_start()
needs to be called before you can use them. You can add another, it will give you a warning if you call it twice.
User avatar
Pazuzu156
Forum Contributor
Posts: 241
Joined: Sat Nov 20, 2010 9:00 pm
Location: GA, USA
Contact:

Re: Session not working..... Please reply urgent

Post by Pazuzu156 »

One thing I see that may or may not be how you have it, is when you call either config.php or login.php, which one is calling session_start() if any of them are?

If they aren't, then at least one should. I'd recommend a single PHP file that houses the configuration, i.e. the config.php, which should also call session_start() and just include config.php inside login.php, since you're calling both.

It's really difficult to place how you have your pages laid out, the code is very all over the place. :?
- Kaleb Klein
------------------------------------
Web Developer | Software Developer
https://kalebklein.com
PGP Key: https://keybase.io/pazuzu156
Post Reply