Page 1 of 1

[SOLVED] Session Variables

Posted: Tue Aug 24, 2004 8:25 pm
by AliasBDI
I am protecting some pages using session variables. When a user logs in it passes the $domain and $password. They get redirected to a folder which matches their domain. I'm trying to get the session check to work. But I'm not sure what to do.

In the login page there is this script:

Code: Select all

session_start();  // Start Session

$domain = $_POST['domain'];
$password = $_POST['password'];

$_SESSION['domain'] = $domain;
In the page where they land, is this script:

Code: Select all

<?php 
if(!isset($_SESSION['domain'])){ 
   echo("Need to log in first"); 
}else{ 
	$msg = "You could not be logged in! Either the domain name or password did not match.  Please try again!<br />";
	include 'loginAgain.php';
}
?>
No matter what I try, it never lets me in the page.

Posted: Tue Aug 24, 2004 8:28 pm
by feyd
is session_start() in the receiving script?

Hmmm.

Posted: Tue Aug 24, 2004 8:31 pm
by AliasBDI
I added that in and got this returned:

Code: Select all

Warning: session_start(): Cannot send session cookie - headers already sent by (output started at.....)

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at.....)

Posted: Tue Aug 24, 2004 8:35 pm
by tim
you cannot output any data before the session_start();

by that, any white spaces, html, anything.

the solution, place the session_start at the very top of the page, or use:

ob_start()

search php.net for info on it.

Posted: Tue Aug 24, 2004 8:36 pm
by feyd
do you have html before the <?php tags start? session_start() needs to be before ALL text output.. that includes any form of whitespace (outside of <?php tag blocks) and HTML or anything else that may gets sent to a user..

Yep

Posted: Tue Aug 24, 2004 8:38 pm
by AliasBDI
That fixed the warnings... thanks. Now how does it check the session. Here is what the whole pages has now:

Code: Select all

<?php session_start();
if(!isset($_SESSION['domain'])){ 
   echo("Need to log in first"); 
}else{ 
	$msg = "You could not be logged in! Either the username and password do not match or you have not been activated!  Please try again!<br />";
	include '../executions/loginAgain.php';
}
?>

Posted: Tue Aug 24, 2004 8:44 pm
by feyd
AliasBDI wrote:Now how does it check the session.
What exactly do you mean by that? Is it working now?

Ahhhhh...

Posted: Tue Aug 24, 2004 8:55 pm
by AliasBDI
Working fine. I just came to senses and realized that I was making it include the page in the wrong place! My bad. Thanks for your help.

Here is the end result page when done correctly:

Code: Select all

<?php session_start();
if(!isset($_SESSION['domain'])){ 
   include '../executions/loginAgain.php'; 
}else{ 
?>
<html>

	<head>
		<meta http-equiv="content-type" content="text/html;charset=iso-8859-1">
	    <link href="css/main.css" rel="stylesheet" media="all">
	</head><body><!--content page-->
</body></noframes>
</html><?php
}
?>