Help with sessions(Unanswered, guys help me)

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

Help with sessions(Unanswered, guys help me)

Post by raghavan20 »

<?
//authentication level 2: session

$query = "select SessionId from SessionDetails_tbl where UserName = '".$_COOKIE["userName"]."' order by Time desc";
$result = mysql_query($query);
$sessId = mysql_result($result, 0, "SessionId");
echo $_SESSION["query"];
echo "Stored session Id:".$sessId;
echo "Current session Id:".session_id();
if ($sessId != session_id()) {
?>
<script language="javascript">
alert ("Sorry for the inconvenience. Please login again!!!");
window.location = "authentication.php";
</script>
<?
}
?>
I dont know why the current session id doesnot display rather its blank and this prohibits the user access to pages.

Can you tell me how can I retrieve current session id or find out the problem with the code?
Last edited by raghavan20 on Thu Jun 30, 2005 11:54 pm, edited 1 time in total.
djot
Forum Contributor
Posts: 313
Joined: Wed Jan 14, 2004 10:21 am
Location: planet earth
Contact:

Post by djot »

Did you start sessions already with session_start(); ?
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

Post by raghavan20 »

Yes, I start a new session when the user gets authenticated in another page and I want to access the sessionId in all other pages and compare it with the sessionId stored in db.
<?
if ($_POST["subAuthentication"] == "Sign In"){
$userValid = 0;
$error = "<center>";
$userName = $_POST["txtUserName"];
$query = "select Password from UserAccounts_tbl where UserName = '".htmlentities($_POST["txtUserName"])."' AND Password = '".$_POST["encryptedPass"]."' ";
$result = mysql_query($query);

if (mysql_num_rows($result) != 0) {
setcookie("userName", $userName, time() + (60*60*24*30));
if ($_POST["chStorePassword"]){
$pass = $_POST["txtPassword"];
//initiate new session and store sessionid in SessionDetails_tbl
session_start();
$sessionId = session_id();
$query = "insert into SessionDetails_tbl(SessionId, UserName, IpAddress) values('$sessionId', '$userName','{$_SERVER["REMOTE_ADDR"]}' )";
mysql_query($query);
$_SESSION["query"] = $query;
//set the cookie for password and user of local computer and also whether check box is checked
setcookie("computerUser", $userName, time() + (60*60*24*30));
setcookie("password", $pass, time() + (60*60*24*30));//will expire in 30 days
setcookie("checked", "true", time() + (60*60*24*30));
}
else{
setcookie("checked", "", time() + (60*60*24*30));//will expire in 30 days
setcookie("computerUser", "", time() + (60*60*24*30));
//setcookie("password", "", time() + (60*60*24*30));
}
?>
<script language="javascript">
window.location = "index.php";
</script>
<?
} else {
$error .= "Invalid username or password!!!";
}

$error .= "</center>";
}

?>
Post Reply