SESSION variables

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
TwinkiE_HunteR-G
Forum Newbie
Posts: 14
Joined: Tue Sep 17, 2002 8:44 am

SESSION variables

Post by TwinkiE_HunteR-G »

Ok, Im still trying to larn how to work with sessions and I have run into a few problems.

First off, I have session.autostart turned on and IM using HTTP_SESSION_VARS, but I dont think Im using them right, apparently.

I am trying to write a log-on script for my website, where users can register and log-on to use some of the features.

I have two different scripts, the first is the actual page where they register/log-on, the other has the log-on form.

This is the one with the log-on form.

Code: Select all

<?php
	global $HTTP_SESSION_VARS;
	if ($HTTP_SESSION_VARSї'logged_in'] == true)
	{
		echo "<b>".$HTTP_SESSION_VARSї'user_name']."</b>";
		echo "<form action='users.php?logout=lo' method='post'>";
		input("submit","submit", "Logout");
		echo "</form>";
	}
	else
	{
?>
<form action="users.php?ver_login=vl" method="post">
<?php input("text","user_name", "Username", 20, 20); ?>
<br>
<?php input("password","user_pass", "", 20, 20); ?>
<br>
<?php
	input("submit","submit", "Login");
	input("reset","reset", "Reset");
	}
?>
?>
The input(...)'s are functions that output input elements with set variables, but that is neither here nor there.

This is where it actually sets the user to being logged in after the various tests in users.php...

Code: Select all

{
	$query = "SELECT user_name, user_id from users where LCASE(user_name)='";
	$query .= strtolower($user_name)."'";
	$result = mysql_query($query);
	if ($result)
	{
		global $HTTP_SESSION_VARS;
		$row = mysql_fetch_assoc($result);
		$HTTP_SESSION_VARSї'user_name'] = $rowї'user_name'];
		$HTTP_SESSION_VARSї'user_id'] = $rowї'user_id'];
		$HTTP_SESSION_VARSї'logged_in'] = true;
		echo "<div class='title'>Logged In</div>\n";
		echo "Thank You for Logging In.\n";
	}
}
Now, up where it had the inputs to log-in, it should replace the inputs with just yoru user_name is your logged in. It doesnt. Am i not using HTTP_SESSION_VARS correctly? I dont get any errors, it gives me the Thank you for logging in message, but nothing on the other script.

Its probably just something very minor that I overlooked, but I read through the manual quite a few times and don't really see anything wrong.

Any help is greatly appreciated.

-TwinkiE
User avatar
Zeceer
Forum Contributor
Posts: 136
Joined: Fri Aug 02, 2002 5:10 am
Location: Norway

Post by Zeceer »

Where are session_start();. Can be I'm stupid and this ain't your whole script... but session_start(); are required to start or continue a session.

How and where are your sessions registered? Could be something wrong there.

Use this to register session (As i believe you know :-)):
session_register("brukernavn");
I've had some problems with session my self for a couple of days ago. Maybe you should take a look at it.

viewtopic.php?t=3534
TwinkiE_HunteR-G
Forum Newbie
Posts: 14
Joined: Tue Sep 17, 2002 8:44 am

Post by TwinkiE_HunteR-G »

I was uner the impression that if you had session.autostart set to on in your php.ini you did not need a session_start...
I could be wrong and I will try it, but that is what I got from the manual...

Thanks for the reply, ill give it a shot
-Twinkie
User avatar
AVATAr
Forum Regular
Posts: 524
Joined: Tue Jul 16, 2002 4:19 pm
Location: Uruguay -- Montevideo
Contact:

portable code

Post by AVATAr »

Just a comment,

try using session_start(), with this you make your code more portable (if your server is not configure with session.autostart set to on?)

just a tip :)
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

Which version of PHP are you using Twinkie?

Mac
TwinkiE_HunteR-G
Forum Newbie
Posts: 14
Joined: Tue Sep 17, 2002 8:44 am

Post by TwinkiE_HunteR-G »

I am using PHP 4.2.3

This is what I tried to fix it..

I made a small file startup.inc

Code: Select all

<?php
	session_start();
	session_register('logged_in');
	session_register('user_name');
	session_register('user_id');
?>
And that is called at the top of every page.

this is what I have for logging in:

Code: Select all

<?php
// MySQL Calls here

	global $HTTP_SESSION_VARS;
	$row = mysql_fetch_assoc($result);
	$HTTP_SESSION_VARSї'user_name'] = $rowї'user_name'];
	$HTTP_SESSION_VARSї'user_id'] = $rowї'user_id'];
	$HTTP_SESSION_VARSї'logged_in'] = true;
	echo "<div class='title'>Logged In</div>\n";
	echo "Thank You for Logging In.\n";
?>
And this for logging out...

Code: Select all

<?php
	global $HTTP_SESSION_VARS;
	$HTTP_SESSION_VARSї'user_name'] = "Guest";
	$HTTP_SESSION_VARSї'user_id'] = 0;
	$HTTP_SESSION_VARSї'logged_in'] = false;
	session_destroy();
	echo "<div class='title'>Logged Out</div>\n";
	echo "You have logged out.\n";
?>
And in the form to log in, it just checks with a if ($HTTP_SESSION_VARS['logged_in']). I think Im on the right track, but it still doesn't work.

Thanks for the help guys, I really appreciate it.

-TwinkiE
SuperHuman
Forum Newbie
Posts: 10
Joined: Wed Oct 16, 2002 10:00 pm

Post by SuperHuman »

First, never use a comparison operator to check against boolean true or false. ->
if ( $variable ) gives you truth
if ( !$variable ) gives you false
if ( $variable == true ) gives you bad coding practice and possible errors
if ( $variable == false ) gives you more bad coding practices and possible errors

Second, you are mixing different session syntaxes which is not recommended and not compatible between the 2 syntaxes -> see the caution here -> http://www.php.net/manual/en/function.s ... gister.php...

Third, you are using a newer version of PHP, so this -> $HTTP_SESSION_VARS can be changed to this -> $_SESSION. Also, no need to globalize it as it is now a super global, available to your script and within functions.

If you must use the old syntax for some reason or another, add this line of code ->

if ( phpversion() < '4.1' ) {
$_SESSION = $HTTP_SESSION_VARS;
}

--------------------------------------------------------
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

SuperHuman wrote:if ( $variable == true ) gives you bad coding practice and possible errors
if ( $variable == false ) gives you more bad coding practices and possible
in addition: there is also a === operator and comparing

Code: Select all

if ($var === TRUE)
if ($var !== TRUE)
can be reasonable (or sometimes a must)
SuperHuman
Forum Newbie
Posts: 10
Joined: Wed Oct 16, 2002 10:00 pm

Post by SuperHuman »

Yes, the === will work with the booleans as that comparison matches on match and identical in type, not just match......... :)

Sorry about not pointing that out....
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

Ok, change your startup file to just contain

Code: Select all

&lt;?php 
   session_start(); 
?&gt;
because session_register() and $_SESSION do not play nicely together. Then for logging in:

Code: Select all

&lt;?php 
// MySQL Calls here 
$row = mysql_fetch_assoc($result); 
$_SESSION&#1111;'user_name'] = $row&#1111;'user_name']; 
$_SESSION&#1111;'user_id'] = $row&#1111;'user_id']; 
$_SESSION&#1111;'logged_in'] = true; 
   echo '&lt;div class="title"&gt;Logged In&lt;/div&gt;'."\n"; 
   echo 'Thank You for Logging In.'."\n"; 
?&gt;
and for logging out:

Code: Select all

&lt;?php 
$_SESSION&#1111;'user_name'] = 'Guest'; 
$_SESSION&#1111;'user_id'] = 0; 
$_SESSION&#1111;'logged_in'] = false; 
session_destroy(); 
echo '&lt;div class="title"&gt;Logged Out&lt;/div&gt;'."\n"; 
echo 'You have logged out.'."\n"; 
?&gt;
Mac
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

twigletmac wrote:$_SESSION['user_name'] = 'Guest';
$_SESSION['user_id'] = 0;
$_SESSION['logged_in'] = false;
session_destroy();
did you experience troubles with session_destroy or why are you annihilating the session that way? ;)
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

:oops: thought I'd deleted that, that'll teach me to use the preview button.

Mac
TwinkiE_HunteR-G
Forum Newbie
Posts: 14
Joined: Tue Sep 17, 2002 8:44 am

Post by TwinkiE_HunteR-G »

Ok, thanks for the replies and help, an sorry for taking so long with the thank yous.

Well, it works on my own machine, Win98 running PWS and PHP 4.2.3.
But my host has a problem apparently. It is using 4.0.6 and Im not sure what type of http server or OS. Its hosted at coolfreepages.com, if anyone might know.

But Ive tried a few things, Ive tried

Code: Select all

if (phpversion() &lt; '4.1')
    $_SESSION = $HTTP_SESSION_VARS;
Ive tried

Code: Select all

if (phpversion() &lt; '4.1')
{
global $HTTP_SESSION_VARS;
$HTTP_SESSION_VARS&#1111;'un'] = 'this';
}
else
{
$_SESSION&#1111;'un'] = 'this';
}
and so far nothing seems to work on the server.
All of the above works fine on my work box, but not on my host.

Any ideas?
I really appreciate all the help you guys have given me, and Im sorry for dragging up this old post again.
- TwinkiE
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

For PHP 4.0.6 you can't use $_SESSION you have to use $HTTP_SESSION_VARS instead but this doesn't always work so you may need to turn register_globals on on your development machine and have a read of this tutorial:
http://www.phpcomplete.com/content.php?id=14

The other thing to do is to get a host with a newer version of PHP...

Mac
Post Reply