Page 1 of 1

registering session variables

Posted: Wed Apr 14, 2004 11:01 am
by pixelwraith
hi!
im having trouble registering session variables on a particula
page
they register every where else
i can print them on the logincheck.php page and they register in another file that uses the same database

heres the reduced code

adminlogin.php

<table>
<?
if (isset($HTTP_SESSION_VARS['valid_user']))
{
?>
<tr><TD>'Hello Administrator, you are logged in.')
<a href="login/logout.php">Logout</a>
</td></tr>
<?
}
else
{
if (isset($HTTP_SESSION_VARS['wrongDetails']))
{
?>
Sorry, there were problems with logging you in.
</td></tr>
<?
unset($HTTP_SESSION_VARS['wrongDetails']);
}

?>
<FORM name = "Form1" method="post" action="login/logincheck.php">
<tr><td align = "right" valign = "center">Username:
&nbsp;<INPUT TYPE="text" NAME="username" maxlength="50" />
&nbsp;Password:
&nbsp;<INPUT TYPE="password" NAME="passwd" maxlength="50" size="8" />
&nbsp;<INPUT TYPE="SUBMIT" NAME="submit" VALUE="Login" />&nbsp;</td></tr>
</FORM>
<tr><td>
<?
}
if (isset($HTTP_POST_VARS['username']))
{
$username = $HTTP_POST_VARS['username'];
}
?>
</td></tr>
</table>



logincheck.php


<?php

session_start();

$HTTP_SESSION_VARS['direction'] = "../adminlogin.php";
$go = $HTTP_SESSION_VARS['direction'];
header("Location: $go");

if (isset($HTTP_POST_VARS['username']) && isset($HTTP_POST_VARS['passwd']))
{
$HTTP_SESSION_VARS['wrongDetails'] = "wrong details";
$username = $HTTP_POST_VARS['username'];
$passwdcheck = $HTTP_POST_VARS['passwd'];
//connect to server and select database
$conn = mysql_connect("localhost", "root");
mysql_select_db("alaea",$conn);

$sql = "select * from loginAccount where username = '$username' AND passwd = '$passwdcheck' ";
$result = mysql_query($sql,$conn) or die(mysql_error());

if (mysql_num_rows($result) == 1) {


$username = mysql_result($result, 0, 'username');
$accessLevel = mysql_result($result, 0, 'accessLevel');
$status = mysql_result($result, 0, 'status');

if ($status == 'enabled')
{
$HTTP_SESSION_VARS['valid_user'] ;
$HTTP_SESSION_VARS['valid_user'] = $username;
$HTTP_SESSION_VARS['username'] = $username;
$HTTP_SESSION_VARS['status'] = $status;
$HTTP_SESSION_VARS['accessLevel'] = $accessLevel;
}

}
}


mysql_close($conn);

?>

Posted: Wed Apr 14, 2004 11:04 am
by markl999
Does adminlogin.php have a session_start(); in it?

no session_start();

Posted: Wed Apr 14, 2004 11:24 am
by pixelwraith
no it doesnt...
heres all the code


<html>
<head>
<title>Jetsafe Admin Login</title>
</head>
<body>
<table width="700"><tr><td>
<center><b>Please log in to administer files.</b>
<a href="login/logout.php"><B>[&nbsp;Logout&nbsp;]</B></a></center></td></tr>
<?
//if user has successfully logged in: welcomes user with user name
//and states automatic logout period
if (isset($HTTP_SESSION_VARS['valid_user']))
{
?>
<tr><TD align = "right"><?print($HTTP_SESSION_VARS['valid_user'])?>

<strong><?print('Hello Administrator, you are logged in.')?>
</strong>
&nbsp;&nbsp;<a href="login/logout.php">
<B>[&nbsp;Logout&nbsp;]</B></a>
&nbsp;&nbsp;

</td></tr>
<?
}
else
{
if (isset($HTTP_SESSION_VARS['wrongDetails']))
{
if user tried and failed to log in - offers options to have password sent to them or30
see possibilities for failed login
?>
<tr><TD align = "middle">
Sorry, there were problems with logging you in.
</td></tr>
<?
unset($HTTP_SESSION_VARS['wrongDetails']);
}
//prints login bar for user
?>
<FORM name = "Form1" method="post" action="login/logincheck.php">
<tr><td align = "right" valign = "center">Username:
&nbsp;<INPUT TYPE="text" NAME="username" maxlength="50" />
&nbsp;Password:
&nbsp;<INPUT TYPE="password" NAME="passwd" maxlength="50" size="8" />
&nbsp;<INPUT TYPE="SUBMIT" NAME="submit" VALUE="Login" />&nbsp;</td></tr>
</FORM>
<tr><td><?
}
creates variable $username if user logged in
if (isset($HTTP_POST_VARS['username']))
{
$username = $HTTP_POST_VARS['username'];
}
?>
</td></tr>
<?php
//end of page information
?>
</table>

Posted: Wed Apr 14, 2004 11:25 am
by markl999
It needs to have it if you want to access session variables, so shove a session_start() at the top before the html output starts.

thanks!

Posted: Wed Apr 14, 2004 11:32 am
by pixelwraith
i tried it before but i dont think i placedit right at the top
im pretty sure i havent used it on the other pages!
thanks again :D

so?

Posted: Wed Apr 14, 2004 11:35 am
by pixelwraith
does this mean on every page i want to access session variables i have to use
session_start();
i cant see it anywhere in my coding except logincheck.php

Posted: Wed Apr 14, 2004 11:38 am
by markl999
Yep, have to have it on every page, unless you have session.auto_start =1 in your php.ini, which is unlikely.

ok

Posted: Wed Apr 14, 2004 11:46 am
by pixelwraith
ok thanks! wont be making that mistake again - was there for ages!!