Losing session variables on include pages

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
LukeDouglas
Forum Newbie
Posts: 1
Joined: Sat Sep 04, 2004 1:47 pm
Location: Alabama

Losing session variables on include pages

Post by LukeDouglas »

feyd | Please use

Code: Select all

and

Code: Select all

tags where approriate when posting code. Read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]


This is really confusing!

I have created a password procedure that validates the users login and password, checks for the presence of a previous cookie and if one is present, it sets the session variables from what is stored in the cookies. If there is no cookie, then the login information is validated against a MySQL user table and if validation is true, it sets several session variables based on the user.

All of this works fine.

However, when I direct the user to the specific menu page based on his access level, it goes to the proper menu but I am having trouble keeping session variables active. The problem is I have an "include('validate.php')" statement to include the contents of a page which does the validation for access to the menu page. If I paste the contents of the "validate.php" page into the "menu_stat.php" page, it works fine. But if I try to include the validate.php page from the "menu_stat.php" page, it fails.

I have place session_start(); as the first line at the top of the "menu_stat.php" page and have checked with "echo" statements to ensure that session variables are active. But if I checked the session variables inside the included page "verify.php", the session variables are not active.

I tested placing the session_start(); at the top of the include page with no change.

The register_globals setting is "Off" for Local Value and "On" for Master Value.

The PHP version is 4.1.2. Yes, I know it's an older version but it's on a virtual hosting account with a hosting service so I can do anything about that.

Here is the session portion of the phpinfo.php page:

Code: Select all

session
Session Support enabled 

Directive Local Value Master Value 
session.auto_start
Off Off 
session.cache_expire
180 180 
session.cache_limiter
nocache nocache 
session.cookie_domain
no value no value 
session.cookie_lifetime
0 0 
session.cookie_path
/ / 
session.cookie_secure
Off Off 
session.entropy_file
no value no value 
session.entropy_length
0 0 
session.gc_maxlifetime
1440 1440 
session.gc_probability
1 1 
session.name
PHPSESSID PHPSESSID 
session.referer_check
no value no value 
session.save_handler
files files 
session.save_path
/tmp /tmp 
session.serialize_handler
php php 
session.use_cookies
On On
Here is the debugging echo statements:

Code: Select all

--------------MENU-STATS.PHP------------------
username=їLukeDouglas]
password=ї393a52216f5ab5e0c9418719a5d165bd]
schoolid=ї377]
schoolname=їHeadland High School]
systemname=їHenry County]
usertype=їS]
ACCESSTYPE=їS]

--------------VERIFY.PHP------------------
username=ї]
password=ї]
schoolid=ї]
schoolname=ї]
systemname=ї]
usertype=ї]
ACCESSTYPE=ї]
Here is the top of the MENU_STATS.PHP page:

Code: Select all

<?
session_start();
// page from which verify.php was called
$refpage = "menu-stats";
// access type for this page
$accesstype = "S";
/* for debugging purposes only */
echo "--------------MENU-STATS.PHP------------------<BR>";
echo "username=[" . $_SESSION['username'] . "]<BR>";
echo "password=[" . $_SESSION['password'] . "]<BR>";
echo "schoolid=[" . $_SESSION['schoolid'] . "]<BR>";
echo "schoolname=[" . $_SESSION['schoolname'] . "]<BR>";
echo "systemname=[" . $_SESSION['systemname'] . "]<BR>";
echo "usertype=[" . $_SESSION['usertype'] . "]<BR>";
echo "ACCESSTYPE=[" . $accesstype . "]<BR>";
echo '<form method="POST" action="">';
echo ' <p><input type="button" value="Button" name="B3"></p>';
echo '</form>';
include("http://www.entersports.com/admin/verify.php");
?>
Here is the top of the VERIFY.PHP page:

Code: Select all

<?
session_start(); // have tried with and without this line - no change
echo "--------------VERIFY.PHP------------------<BR>";
echo "username=[" . $_SESSION['username'] . "]<BR>";
echo "password=[" . $_SESSION['password'] . "]<BR>";
echo "schoolid=[" . $_SESSION['schoolid'] . "]<BR>";
echo "schoolname=[" . $_SESSION['schoolname'] . "]<BR>";
echo "systemname=[" . $_SESSION['systemname'] . "]<BR>";
echo "usertype=[" . $_SESSION['usertype'] . "]<BR>";
echo "ACCESSTYPE=[" . $accesstype . "]<BR>";
echo '<form method="POST" action="">';
echo ' <p><input type="button" value="Button" name="B3"></p>';
echo '</form>';
?>
Anybody have any idea how I can retrieve/retain session variables in the VERIFY.PHP page? I want to use this page via the "include()" statement on many, many pages.

Thanks.


feyd | Please use

Code: Select all

and

Code: Select all

tags where approriate when posting code. Read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]
timvw
DevNet Master
Posts: 4897
Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium

Post by timvw »

I see nowhere code where you actually store data IN the $_SESSION.


<?php
if (!isset($_SESSION)) session_start();
$_SESSION['name'] = 'mrfraise';
?>


<?php
if (!isset($_SESSION)) session_start();
if (isset($_SESION['name']) echo "Hello {$_SESSION['name']}";
?>
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Re: Losing session variables on include pages

Post by Weirdan »

LukeDouglas wrote: Anybody have any idea how I can retrieve/retain session variables in the VERIFY.PHP page? I want to use this page via the "include()" statement on many, many pages.
because you're including that page via http fopen wrapper. In this case your web-server performs http request to url you supplied and includes response into your 'first-level' page. You can include even http://www.google.com/ this way, but Google won't have access to your session variables ;)

use filesystem path instead (like this: /home/www/webserver/dir/page.php), and your session vars will be in place.
Post Reply