Page 1 of 1
[SOLVED] Session Variables
Posted: Tue Aug 24, 2004 8:25 pm
by AliasBDI
I am protecting some pages using session variables. When a user logs in it passes the $domain and $password. They get redirected to a folder which matches their domain. I'm trying to get the session check to work. But I'm not sure what to do.
In the login page there is this script:
Code: Select all
session_start(); // Start Session
$domain = $_POST['domain'];
$password = $_POST['password'];
$_SESSION['domain'] = $domain;
In the page where they land, is this script:
Code: Select all
<?php
if(!isset($_SESSION['domain'])){
echo("Need to log in first");
}else{
$msg = "You could not be logged in! Either the domain name or password did not match. Please try again!<br />";
include 'loginAgain.php';
}
?>
No matter what I try, it never lets me in the page.
Posted: Tue Aug 24, 2004 8:28 pm
by feyd
is session_start() in the receiving script?
Hmmm.
Posted: Tue Aug 24, 2004 8:31 pm
by AliasBDI
I added that in and got this returned:
Code: Select all
Warning: session_start(): Cannot send session cookie - headers already sent by (output started at.....)
Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at.....)
Posted: Tue Aug 24, 2004 8:35 pm
by tim
you cannot output any data before the session_start();
by that, any white spaces, html, anything.
the solution, place the session_start at the very top of the page, or use:
ob_start()
search php.net for info on it.
Posted: Tue Aug 24, 2004 8:36 pm
by feyd
do you have html before the <?php tags start? session_start() needs to be before ALL text output.. that includes any form of whitespace (outside of <?php tag blocks) and HTML or anything else that may gets sent to a user..
Yep
Posted: Tue Aug 24, 2004 8:38 pm
by AliasBDI
That fixed the warnings... thanks. Now how does it check the session. Here is what the whole pages has now:
Code: Select all
<?php session_start();
if(!isset($_SESSION['domain'])){
echo("Need to log in first");
}else{
$msg = "You could not be logged in! Either the username and password do not match or you have not been activated! Please try again!<br />";
include '../executions/loginAgain.php';
}
?>
Posted: Tue Aug 24, 2004 8:44 pm
by feyd
AliasBDI wrote:Now how does it check the session.
What exactly do you mean by that? Is it working now?
Ahhhhh...
Posted: Tue Aug 24, 2004 8:55 pm
by AliasBDI
Working fine. I just came to senses and realized that I was making it include the page in the wrong place! My bad. Thanks for your help.
Here is the end result page when done correctly:
Code: Select all
<?php session_start();
if(!isset($_SESSION['domain'])){
include '../executions/loginAgain.php';
}else{
?>
<html>
<head>
<meta http-equiv="content-type" content="text/html;charset=iso-8859-1">
<link href="css/main.css" rel="stylesheet" media="all">
</head><body><!--content page-->
</body></noframes>
</html><?php
}
?>