Page 1 of 1

SESSION just don't want to work.

Posted: Tue Jun 15, 2004 5:00 am
by Zooter
Hi guys.

I did something last night, don't know what, but now I can't log in using sessions anymore.

What's happening now is that I store a users login details in session variables, checked the session ID, and when I navigate to the next page I can't get those session values anymore. And to top it off, I've got another session ID. It looks like each time I register a session I'm creating 2 sessions, one with session data in it, and another which is empty.

Can it be something with the php.ini? I know I worked in it, but can't remember what and if I've changed something.

Before last night everything worked fine.

IE6 + PHP 4.3.6 on Windows 2000 Pro

Posted: Tue Jun 15, 2004 7:50 am
by PAW Projects
First thing to do is check if you're calling [php_man]session_destroy[/php_man] somewhere.

Posted: Tue Jun 15, 2004 8:03 am
by Zooter
Nope, I haven't used it anywhere....

Posted: Tue Jun 15, 2004 11:41 am
by snpo123
if your testing your php scripts on a local server (ex http://yourip or http://127.0.0.1 or http://localhost) make sure that the local server you use is consistent with all your php pages. Sessons that are stored on http://127.0.0.1 wont work on http://localhost or http://yourip. If you have links in your scripts, make sure they all refer to the same server.

Posted: Tue Jun 15, 2004 1:42 pm
by Zooter
That is all correct. The thing is, everything worked fine yesterday still. could let a user log in, and give access to pages according to whether the user has logged in, and also the user's access level. Then I only messed around with the php.ini file, and can't remember if and what I changed ther, and now what happens is this. A user logs in, and then the login script creates a session variable for the username, password, etc. etc. A session file is also written to disk to keep the data. The script then says to go to the welcome page, and there another script checks for the session variables, but then they are all empty. Then suddenly there is another session file on the disk (created almost at the same time as the previous one) which contains nothing. And I looks to that one everytime I try to get values and stuff.

I've got this on my login page...

Code: Select all

<?php
// Convert to simple variables 
$_POST['username'] = $username; 
$_POST['password'] = $password; 
?>
The forms submits to a page that contains this.

Code: Select all

<?php
session_start();

// Conver to simple variables 
$username = $_POST['username']; 
$password = $_POST['password']; 

...

// check if the user info validates the db 
$sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'"); 
$login_check = mysql_num_rows($sql); 

if($login_check > 0){ 
    while($row = mysql_fetch_array($sql)){ 
    foreach( $row AS $key => $val ){ 
        $$key = stripslashes( $val ); 
    } 
        // Register some session variables! 
        session_register('first_name'); 
        $_SESSION['first_name'] = $firstname; 
        session_register('last_name'); 
        $_SESSION['last_name'] = $lastname; 
        session_register('email_address'); 
        $_SESSION['email_address'] = $email_address; 
        session_register('status'); 
        $_SESSION['status'] = $status; 
        session_register('logged_in'); 
        $_SESSION['logged_in'] = 1; 
         
        mysql_query("UPDATE users SET last_login=now() WHERE userid='$userid'"); 
		header("Location: http://localhost/ThuraPHP/Admin.php"); 
		
		
    } 
} else { 
    echo "You could not be logged in! Either the username and password do not match or you have not validated your membership!<br /> 
    Please try again!<br />"; 
	session_register('logged_in'); 
    $_SESSION['logged_in'] = 0; 
    header("Location: http://localhost/ThuraPHP/Login.php");
	
} 

?>
The page I navigate to, Admin.php, conatins this code at the top...

Code: Select all

<?php
session_start();

echo session_id();
echo print_r($_SESSION);
echo print_r($_POST);

?>
But all it displays there is this...

Code: Select all

a4c6246901161ffa3f6bb9a1d8b4f6d7Array ( ) 1Array ( ) 1
This isn't the same ID as the one which was given when I set the values, and as you can see, the session arrays are all empty.

And the weird thing is, I didn't change my code. Or I don't think so...
What happened?.... :(