Page 1 of 2

Problem Passing Session Variables.

Posted: Mon Sep 09, 2002 6:42 pm
by waskelton4
I just found this fourm today and did search it but wasn't able to find and apply anything to help me. (hope i didn't miss anything)

anyway...

I'm working on a user login script and have it working but without sessions. I want to implement sessions so the user can stay authenticated through the entire application (yet to be developed).

so far I've got a form that registers the user, and a form to login. The login form calls my logging.php script and if the data is entered correctly, logging.php displays a link to proceed to the app. when the link is clicked, the appmenu.php page loads and nothing is print to the page.. i've tried many ways to output the variable but nothing seems to work. my code is below.. also.. i'm using php 4.0.6 (i'm not the admin).

logging.php

Code: Select all

else ($storedPassword == $chkPassword)
{
	session_start();
	
	$HTTP_SESSION_VARSї'userID'] = $userID;
	
	echo "Congratulations, you are logged in! <a HREF='appmenu.php'>Proceed</a> <br>";
	echo $HTTP_SESSION_VARS&#1111;'userID']; //testing output
	
	mysql_close($dbConnect);
	
&#125;

the second echo statement prints out the correct userID.

appmenu.php

Code: Select all

<?
echo $HTTP_REQUEST_VARS&#1111;'userID']; 


?>

It seems i've tried many many different things here in appmenu.php..
i'm starting to think that php isn't set up correctly for what i'm trying to do.

any help is greatly appreciated..

Thanks

Will

Posted: Mon Sep 09, 2002 7:43 pm
by volka
It depends on the php-version.
change appmenu.php to
(PHP < 4.1.0)

Code: Select all

&lt;?php 
session_start();
echo $HTTP_SESSION_VARS&#1111;'userID']; 
?&gt;
(PHP >= 4.1.0)

Code: Select all

&lt;?php 
session_start();
echo $_SESSION&#1111;'userID']; 
?&gt;
please read XCII. Session handling functions. Search "--disable-session", "track_vars" and "register_globals".
Use (i.e.) <?php phpinfo(); ?> to check your version and settings.

Posted: Tue Sep 10, 2002 4:16 am
by sjunghare
Refer the Session Example :

http://www.trios.org/php/sessions/

Or Go to PHP: Session handling functions - Manual

http://www.php.net/manual/en/ref.session.php

Have Nice Time !!!
________________________________

Security is fundamental need of software !

Posted: Tue Sep 10, 2002 5:07 am
by Takuma
Ot you could always try http://www.phpbuilder.com

Posted: Tue Sep 10, 2002 8:36 am
by waskelton4
thanks for the replies...

however...
i've read most of the stuff on phpbuilder and been through the manual.

The code i posted above was what i was currently trying but have also tried both examples given and it still isn't being output to my screen.

this is why i'm beginning to think that my admin folk don't have the server set up correctly for using PHP sessions.

I also noticed that on the PHPComplete.com page the PHPSESSID value was passed in the url. should i be using that value anywhere in my script?


thanks for the help!!

Will

appmenu.php was changed to

Code: Select all

<?php  
session_start(); 
echo $HTTP_SESSION_VARS&#1111;'userID'];  
?>
and still didn't work.

Posted: Tue Sep 10, 2002 8:38 am
by twigletmac
In logging.php try putting the session_start() bit at the very top of the file instead of in the if statement.

Mac

Posted: Tue Sep 10, 2002 8:57 am
by waskelton4
Tried that too TwigletMac..

it's not working like that either.. here is my entire code for logging.php..

Code: Select all

<?
session_start();
$dbhost = "*****";
$dbuser = "*****";
$dbpass = "*****";
$db = "*****";
$adminemail = "**********";	
 


$txtUsername = $HTTP_POST_VARS&#1111;'txtUsername'];
$chkPassword = md5($HTTP_POST_VARS&#1111;'txtPassword']);

switch ($action)&#123;
	case login:
		login_user();
		die();
	case logout:
		
		die("You are now Logged Out of the System. Thank You.");
&#125;

function login_user()&#123;
global $dbhost;
global $dbuser;
global $dbpass;
global $db;
global $txtUsername;
global $chkPassword;

$dbConnect = mysql_connect($dbhost, $dbuser, $dbpass) or die ("Could not connect to Database Server.");

mysql_select_db($db) or die("Could not connect to Database.");


$SQL = "SELECT autoRecNum, chPassword FROM tblUsers WHERE chUsername = '$txtUsername'";


$result = mysql_query($SQL) or die("Query Failed upon fetching UserName.");
$row = mysql_fetch_array($result);
$userID = $row&#1111;0];
$storedPassword = $row&#1111;1];


if (!isset($userID))
&#123;
	echo "<center> You have entered an invalid Username. <br>Please press the back button and try again<br>";
	echo "or if you need to register, <a href=input.php>Click Here</a></center>";
&#125;
elseif ($storedPassword != $chkPassword)
&#123;
	echo "<center> You have entered an invalid Password. Please press the back button and try again<br>";
	echo "or if you need to register, <a href=input.php>Click Here</a></center>";
	
	
&#125;
elseif ($storedPassword == $chkPassword)
&#123;
	
	
	$HTTP_SESSION_VARS&#1111;'userID'] = $userID;
	
	echo "Congratulations, you are logged in! <a HREF='appmenu.php'>Proceed</a> <br>";
	echo $HTTP_SESSION_VARS&#1111;'userID'];
	
	mysql_close($dbConnect);
	
&#125;
else
&#123;
echo "Holy Cow.. Please call Will @ 42339";
&#125;
&#125;//end Function



?>
Is it maybe that i'm applying the session vars in a function??
thanks again..
ws

Posted: Tue Sep 10, 2002 9:00 am
by twigletmac
$HTTP_SESSION_VARS is not an autoglobal. You have to declare it global in the function in order to use the data:

Code: Select all

function login_user(){ 
    global $HTTP_SESSION_VARS;
Mac

Posted: Tue Sep 10, 2002 9:08 am
by waskelton4
wow.. I thought that was gonna be it...

but it still didn't work...

i even tried returning the value out of the function and storing it in $HTTP_SESSION_VARS[]


no good either..

do you suggest that i mention this to the server admin?
also, i got an e-mail from him this morning saying that he was gonna ask about upgrading our PHP version...


any other ideas?

Posted: Tue Sep 10, 2002 9:28 am
by twigletmac
But it looked like such an easy solution...

Have you tried passing session variables on a couple of little test pages? Something like:

page1

Code: Select all

&lt;?php
session_start();
$HTTP_SESSION_VARS&#1111;'test'] = 1;
$HTTP_SESSION_VARS&#1111;'test2'] = 'foo';
?&gt;
page2

Code: Select all

&lt;?php
session_start();
echo '&lt;pre&gt;';
print_r($HTTP_SESSION_VARS);
echo '&lt;/pre&gt;';
?&gt;
I know it's very simplistic but it would show whether sessions work at all. Also as an alternative for page1 try:

Code: Select all

&lt;?php
session_start();
session_register('test');
session_register('test2');

$test = 1;
$test2 = 'foo';
?&gt;
Mac

Posted: Tue Sep 10, 2002 9:37 am
by waskelton4
output was...

Array
(
)

Posted: Tue Sep 10, 2002 9:43 am
by waskelton4
whoa!

output for the second example is..


Array
(
[test] => 1
[test2] => foo
)

Posted: Tue Sep 10, 2002 9:46 am
by twigletmac
Yippee :) . Just use session_register() then until you can convince your guys to upgrade to a more recent version of PHP.

Mac

Posted: Tue Sep 10, 2002 9:50 am
by waskelton4
ok.. so it looks like my method needs to be changed until our php version is updated.. correct?

also.. to clarify what just happened....

Code: Select all

<?php 
session_start(); 
session_register('test'); 
session_register('test2'); 

$test = 1; 
$test2 = 'foo'; 
?>
this code creates two variables $test and $test2 and puts them in an array called $HTTP_SESSION_VARS....


correct?

Posted: Tue Sep 10, 2002 9:51 am
by waskelton4
Thanks a ton Mac!!!