Page 1 of 1
Help with sessions(Unanswered, guys help me)
Posted: Tue Jun 28, 2005 5:27 pm
by raghavan20
<?
//authentication level 2: session
$query = "select SessionId from SessionDetails_tbl where UserName = '".$_COOKIE["userName"]."' order by Time desc";
$result = mysql_query($query);
$sessId = mysql_result($result, 0, "SessionId");
echo $_SESSION["query"];
echo "Stored session Id:".$sessId;
echo "Current session Id:".session_id();
if ($sessId != session_id()) {
?>
<script language="javascript">
alert ("Sorry for the inconvenience. Please login again!!!");
window.location = "authentication.php";
</script>
<?
}
?>
I dont know why the current session id doesnot display rather its blank and this prohibits the user access to pages.
Can you tell me how can I retrieve current session id or find out the problem with the code?
Posted: Tue Jun 28, 2005 7:44 pm
by djot
Did you start sessions already with session_start(); ?
Posted: Tue Jun 28, 2005 11:23 pm
by raghavan20
Yes, I start a new session when the user gets authenticated in another page and I want to access the sessionId in all other pages and compare it with the sessionId stored in db.
<?
if ($_POST["subAuthentication"] == "Sign In"){
$userValid = 0;
$error = "<center>";
$userName = $_POST["txtUserName"];
$query = "select Password from UserAccounts_tbl where UserName = '".htmlentities($_POST["txtUserName"])."' AND Password = '".$_POST["encryptedPass"]."' ";
$result = mysql_query($query);
if (mysql_num_rows($result) != 0) {
setcookie("userName", $userName, time() + (60*60*24*30));
if ($_POST["chStorePassword"]){
$pass = $_POST["txtPassword"];
//initiate new session and store sessionid in SessionDetails_tbl
session_start();
$sessionId = session_id();
$query = "insert into SessionDetails_tbl(SessionId, UserName, IpAddress) values('$sessionId', '$userName','{$_SERVER["REMOTE_ADDR"]}' )";
mysql_query($query);
$_SESSION["query"] = $query;
//set the cookie for password and user of local computer and also whether check box is checked
setcookie("computerUser", $userName, time() + (60*60*24*30));
setcookie("password", $pass, time() + (60*60*24*30));//will expire in 30 days
setcookie("checked", "true", time() + (60*60*24*30));
}
else{
setcookie("checked", "", time() + (60*60*24*30));//will expire in 30 days
setcookie("computerUser", "", time() + (60*60*24*30));
//setcookie("password", "", time() + (60*60*24*30));
}
?>
<script language="javascript">
window.location = "index.php";
</script>
<?
} else {
$error .= "Invalid username or password!!!";
}
$error .= "</center>";
}
?>