[SOLVED] Session issues URGENT HELP NEEDED!

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
melindaSA
Forum Commoner
Posts: 99
Joined: Thu Oct 02, 2003 7:34 am

[SOLVED] Session issues URGENT HELP NEEDED!

Post by melindaSA »

I have searced this forum, as well as read all the session information in the manual, and I still cannot get this to work right??

I have an application that is logging a user in with username, password and level. Depending on their level, the database is queried for specific information.

My login page:

Code: Select all

<?php
$target=$_SERVER["PHP_SELF"];
include("common.php");
if (isset($_SESSION['level'])) {
                if (isset($_POST['logout'])){
                        session_destroy;
                }else{
                   echo"
                        <form name=form1 method=post action=assets/logout.php>
                                <table border=0 cellspacing=0 cellpadding=0 class=content>
                                        <tr>
                                                <td >
                                                <input name=logout type=hidden value=logout>

                                                <input name=submit type=image src=logout.gif  border=0 >
                                                </td>
                                        </tr>
                                </table>
                        </form>";
                }
        } 
if (!isset($_SESSION['level'])) {
        if (isset($username)){
                $query = "SELECT level FROM users WHERE username='$username' AND password='$password'" or die("Wrong Password"); 
                $sql_results = mysql_query($query,$connection);
                        while ($row = mysql_fetch_array($sql_results)) {
                                $level = $row['level'];
                                        session_register("level");
                        }
        }
        if (isset($_SESSION['level'])) {
                   echo"
                        <form name=form1 method=post action=assets/logout.php>
                                <table border=0 cellspacing=0 cellpadding=0 class=content>
                                        <tr>
                                                <td >
                                                <input name=logout type=hidden value=logout>

                                                <input name=submit type=image src=logout.gif  border=0 >
                                                </td>
                                        </tr>
                                </table>
                        </form>";
        }else{
                echo"
                        <form name=form1 method=post action=../page1_login.php>
                                <table border=0 cellspacing=0 cellpadding=0 class=content>
                                        <tr>
                                                <td>username:</td>
                                        </tr>
                                        <tr>
                                                <td><input type=text name=username class=form></td>
                                        </tr>
                                        <tr>
                                                <td>password:</td>
                                        </tr>
                                        <tr>
                                                <td><input type=text name=password class=form></td>
                                        </tr>
                                        <tr>
                                                <td align=right><input type=hidden value=1 name=reload>
                                                <input name=submit type=image src=go.gif  border=0 ></td>
                                        </tr>                                
                                </table>
                        </form>";
        }
} 
?>
If successful, directs to page1_login.php:

Code: Select all

<?php
<?php
session_start();
include("assets/login.php");
require_once('../../HRjobs/positions_inc_fns.php');

echo "<table width="800"><tr ><td><center>
<font face="Arial Narrow" size="2">
<a href="page1_feb04.php">February 2004</a>&nbsp; |&nbsp;
<a href="page1_mar04.php">March 2004</a>&nbsp; |&nbsp;
<a href="page1_apr04.php">April 2004</a>&nbsp; |&nbsp;
<a href="page1_may04.php">May 2004</a>&nbsp; |&nbsp;
<a href="page1_jun04.php">June 2004</a>&nbsp; |&nbsp;
<a href="page1_jul04.php">July 2004</a>&nbsp; |&nbsp;
<a href="page1_aug04.php">August 2004</a>&nbsp; |&nbsp;
<a href="page1_sep04.php">September 2004</a>&nbsp; |&nbsp;
<a href="page1_oct04.php">October 2004</a>&nbsp; |&nbsp;
<a href="page1_nov04.php">November 2004</a>&nbsp; |&nbsp;
<a href="page1_dec04.php">December 2004</a></center></font></td></tr></table><br><br>";

echo "<table>";

//$conn = db_connect();
function poslist($title){
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==2)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID IN (39,28,38,37,58)");
                        }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==3)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID IN (29,17,58)");
                       }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==4)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID (18,58)");
                        }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==5)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID (32,58)");
                     }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==6)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID='15'");
                      }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==7)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID='20'");
                      }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==8)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID IN (2,7,54,55,56,57,58)");
                      }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==9)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID IN (3,10,40,58)");
                       }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==10)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID IN (11,58,14)");
                       }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==11)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID IN (25,4,54,55,56,57,58)");
                       }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==12)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID IN (26,41,58,42)");
          }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==13)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID='27'");
                       }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==14)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID='43'");
                       }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==15)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID IN (8,58)");
                       }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==16)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID IN (19,58)");
                 }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==17)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID IN (44,45)");
                       }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==18)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID IN (46,58,54)");
                       }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==19)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID IN (30,58)");
                       }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==20)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID IN (24,31,58)");
                       }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==21)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID IN (47,5,6,54,55,56,57,58)");
                       }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==22)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID IN (23,58)");
                       }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==23)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID IN (48,58,49)");
                       }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==24)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID IN (22,33,34,35,36,58)");
                       }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==25)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID IN (21,50,51,52,54,55,56,57,58)");
                       }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==26)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID='9'");
                       }
        if ((isset($_SESSION['level'])) && ($_SESSION['level']==27)) {
        $sql = mysql_query("SELECT distinct title, depID FROM positions WHERE depID IN (53,16,54,55,56,57,58)");
             }
    echo "<select name="title">";
    while(list($title, $depID)=mysql_fetch_array($sql)){
        $title = stripslashes($title);
        echo "<option value="$title"";
echo ">$title";
    }
    echo "</option></select>";

}
// The Form:

echo "<form method="post" action="page1.php" select name="title">";
echo "<font face="Arial" size="2">Select Open Position: </font>";
poslist($title);
echo "<input type="Submit" Value="Select">
</form>";
echo "<br><br><font color="#006699" face="Arial" size="2"><b>Results will only show current applications for Job Title selected.<br>
If you would like to see all applications, please select month above.<br>
If dropdown is empty, there are no current positions in your category!</b></center></font>";

//end added
?>


?>
The drop down works fine but when the user selects

Code: Select all

<?php<a href="page1_feb04.php">February 2004</a>&nbsp; |&nbsp;

?>
one of these pages, they get the login screen again. I am using session_start(); on these pages. but if browser is refreshed on page1_login.php the page1_feb04.php works just fine. Here is the page1_feb04.php page:

Code: Select all

<?php
<?php
session_start();
include("assets/login.php");
require_once('../../HRjobs/positions_inc_fns.php');
//Start Login Validation
if ((isset($_SESSION['level'])) && ($_SESSION['level']==2)) {
       $query = "SELECT * FROM application WHERE position_type IN (39,28,38,37,58) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                        }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==3)) {
       $query = "SELECT * from application WHERE position_type IN (29,17,58) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                        }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==4)) {
       $query = "SELECT * from application WHERE position_type IN (18,58) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                        }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==5)) {
        $query = "SELECT * from application WHERE position_type IN (32,58) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                     }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==6)) {
        $query = "SELECT * from application WHERE position_type='15' AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==7)) {
        $query = "SELECT * from application WHERE position_type='20' AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==8)) {
        $query = "SELECT * from application WHERE position_type IN (2,7,54,55,56,57,58) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==9)) {
        $query = "SELECT * from application WHERE position_type IN (6,10,40,58) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==10)) {
        $query = "SELECT * from application WHERE position_type IN (11,58,14) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==11)) {
        $query = "SELECT * from application WHERE position_type IN (25,4,54,55,56,57,58) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==12)) {
        $query = "SELECT * from application WHERE position_type IN (41,58,42) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==13)) {
        $query = "SELECT * from application WHERE position_type='27' AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==14)) {
        $query = "SELECT * from application WHERE position_type='43' AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==15)) {
        $query = "SELECT * from application WHERE position_type IN (8,58) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==16)) {
        $query = "SELECT * from application WHERE position_type IN (9,58) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==17)) {
        $query = "SELECT * from application WHERE position_type IN (44,45) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==18)) {
        $query = "SELECT * from application WHERE position_type IN (46,58,54) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==19)) {
        $query = "SELECT * from application WHERE position_type IN (30,58) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==20)) {
        $query = "SELECT * from application WHERE position_type IN (24,31,58) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==21)) {
        $query = "SELECT * from application WHERE position_type IN (5,6,54,55,56,57,58) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==22)) {
        $query = "SELECT * from application WHERE position_type IN (23,58) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==23)) {
        $query = "SELECT * from application WHERE position_type IN (48,58,49) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==24)) {
        $query = "SELECT * from application WHERE position_type IN (22,33,34,35,36,58) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==25)) {
        $query = "SELECT * from application WHERE position_type IN (21,50,51,52,54,55,56,57,58) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==26)) {
        $query = "SELECT * from application WHERE position_type='9' AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
if ((isset($_SESSION['level'])) && ($_SESSION['level']==27)) {
        $query = "SELECT * from application WHERE position_type IN (53,16,54,55,56,57,58) AND date between '2004-02-01' and '2004-02-29' ORDER by position_apply, date DESC";
                       }
//End Login Validation

$result = mysql_query($query)
        or die (" ");

echo "<table width="800"><tr ><td><center><font face="Arial Narrow" size="2">
<a href="page1_login.php">Current Applications</a></font>&nbsp; |&nbsp;
<font face="Arial" size="2">
<b>February 2004</b></font>&nbsp; |&nbsp;
<font face="Arial Narrow" size="2">
<a href="page1_mar04.php">March 2004</a>&nbsp; |&nbsp;
<a href="page1_apr04.php">April 2004</a>&nbsp; |&nbsp;
<a href="page1_may04.php">May 2004</a>&nbsp; |&nbsp;
<a href="page1_jun04.php">June 2004</a>&nbsp; |&nbsp;
<a href="page1_jul04.php">July 2004</a>&nbsp; |&nbsp;
<a href="page1_aug04.php">August 2004</a>&nbsp; |&nbsp;
<a href="page1_sep04.php">September 2004</a>&nbsp; |&nbsp;
<a href="page1_oct04.php">October 2004</a>&nbsp; |&nbsp;
<a href="page1_nov04.php">November 2004</a>&nbsp; |&nbsp;
<a href="page1_dec04.php">December 2004</a></center></font></td></tr></table>";

echo "<table>";
echo "<tr bgcolor="#A6B1C6" align="left">";
echo "<td align="center" width="220"><font face="Verdana" size="1"><b>Applicant Name</b></font></td>";
echo "<td align="center"width="240"><font face="Verdana" size="1"><b>Position Applied</b></font></td>";
echo "<td align="center"width="100"><font face="Verdana" size="1"><b>Application</b></font></td>";
echo "<td align="center" width="100"><font face="Verdana" size="1"><b>Date</b></font></td>";
echo "<td align="center"width="100"><font face="Verdana" size="1"><b>Resume</b></font></td>";
echo "</tr><td height="20">&nbsp;</td>";

while ( $row = mysql_fetch_array($result))
{
   extract($row);

   echo "<tr>\n";
   $last_name=stripslashes($last_name);
   $first_name=stripslashes($first_name);
   echo "<td valign="top" width="220"><font face="Verdana" size="1">$first_name $last_name</font><br></td>";
   echo "<td valign="top" width="240"><font face="Verdana" size="1">$position_apply</font><br></td>";
   echo "<td align="center" valign="top" width="100"><font face="Verdana" size="1"><a href="../show_app.php?appID=$appID" target="_blank">view</a></font><br></td>";
   echo "<td align="center" valign="top" width="100"><font face="Verdana" size="1">$date</font><br></td>";
      if(file_exists("../resume/".$first_name.$last_name.".doc")){
      echo "<td valign="top" align="center" width="100"><font face="Verdana" size="1"><a href="../resume/".$first_name.$last_name.".doc">Yes</a></font><br></td>";
      } else {
      echo "<td valign="top" align="center" width="100"><font face="Verdana" size="1">No</font><br></td>";
      }
}
   echo "</tr></table>";
?>

?>
Why is this happening?? Is there a problem with my code??

PLEASE HELP!!!!
User avatar
Buddha443556
Forum Regular
Posts: 873
Joined: Fri Mar 19, 2004 1:51 pm

Post by Buddha443556 »

Just throwing this out there... haven't read a quarter of the code yet!

Sounds like a caching problem? Did you have any no cache headers?
User avatar
markl999
DevNet Resident
Posts: 1972
Joined: Thu Oct 16, 2003 5:49 pm
Location: Manchester (UK)

Post by markl999 »

Not sure what the problem is exactly, but you shouldn't mix $_SESSION with session_* functions (apart from session_start()/session_destroy()) so change session_register("level"); to $_SESSION['level'] = $level; (or just $_SESSION['level'] = $row['level'] and skip a step ;))

Also, do you have register_globals On or Off, strange things can happen depending on this.
melindaSA
Forum Commoner
Posts: 99
Joined: Thu Oct 02, 2003 7:34 am

Post by melindaSA »

I do not have any cache headers.
How do I check if the register_globals are on or off??
User avatar
markl999
DevNet Resident
Posts: 1972
Joined: Thu Oct 16, 2003 5:49 pm
Location: Manchester (UK)

Post by markl999 »

Code: Select all

<?php
phpinfo();
?>
..will show you if register_globals is On or Off (just search down that page)
melindaSA
Forum Commoner
Posts: 99
Joined: Thu Oct 02, 2003 7:34 am

Post by melindaSA »

register_globals are on?

I also made the $_SESSION['level'] = $row['level'] change.

Still same problem...
User avatar
markl999
DevNet Resident
Posts: 1972
Joined: Thu Oct 16, 2003 5:49 pm
Location: Manchester (UK)

Post by markl999 »

Just out of interest, do sessions in general work for you or just not in this application?
Eg does the following work ok? (the count should go up everytime you refresh)

Code: Select all

<?php
error_reporting(E_ALL);
session_start();
if(empty($_SESSION['count'])){
  $_SESSION['count'] = 1;
}
echo ++$_SESSION['count'];
?>
melindaSA
Forum Commoner
Posts: 99
Joined: Thu Oct 02, 2003 7:34 am

Post by melindaSA »

This is thefirst time I am using sessions! The $_SESSION['count'] works fine...
User avatar
markl999
DevNet Resident
Posts: 1972
Joined: Thu Oct 16, 2003 5:49 pm
Location: Manchester (UK)

Post by markl999 »

Just noticed that you don't have a session_start() at the top of your login page ... or is that in common.php ? If not you need to add it.
melindaSA
Forum Commoner
Posts: 99
Joined: Thu Oct 02, 2003 7:34 am

Post by melindaSA »

That was it, thank you soo much. I can't believe I missed that!
Post Reply