Session Variables

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
r_barlow
Forum Newbie
Posts: 17
Joined: Mon May 29, 2006 3:13 pm

Session Variables

Post by r_barlow »

I'm trying to create session variables to hold a username and password.

The following code generates the following error:

Code: Select all

$user = $HTTP_POST_VARS['user'];
$pass = $HTTP_POST_VARS['pass'];
	
session_start();
session_register("username");
$username = $user;

Warning: session_start() [function.session-start]: open(C:\PHP\sessiondata\sess_cd186036c4193d17424ca1fa77c80cd6, O_RDWR) failed: No such file or directory (2)

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent

Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0

Warning: Unknown: open(C:\PHP\sessiondata\sess_cd186036c4193d17424ca1fa77c80cd6, O_RDWR) failed: No such file or directory (2) in Unknown on line 0

Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (C:\PHP\sessiondata) in Unknown on line 0
printf
Forum Contributor
Posts: 173
Joined: Wed Jan 12, 2005 5:24 pm

Post by printf »

First make sure you have a directory created in your PHP directory called 'sessiondata' =>C:/PHP/sessiondata, the other errors are a result of the first error! Also you should use the newer SUPER GLOBALS $_SESSION, ... instead of using the older functions that don't act the same as the SUPER GLOBAL $_SESSION!

Code: Select all

session_start ();

// you should validate your $_POST data before adding it to the $_SESSION array

$_SESSION['username'] = $_POST['user']; 
$_SESSION['password'] = $_POST['pass'];
pif!
r_barlow
Forum Newbie
Posts: 17
Joined: Mon May 29, 2006 3:13 pm

Post by r_barlow »

Thanks, that works but now I have included code to connect to a mysql db in order to validate the login and I get this error on session_start()

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\dbconfig.php:6) in C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\processlogin.php on line 17

this is what dbconfig is:

Code: Select all

<?
	$dbhost = 'localhost';
	$dbuser = 'root';
	$dbpass = 'password';
	$dbname = 'userdb';
?>
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

It's been a heckuva a weak for header() issues...

That error is because there is output being sent to the browser before your call to the session_start() function. You can't do this (without some massaging of code somewhere else). Check your code and make sure that session_start() is called before anything is sent to the browser.
User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

Post by tecktalkcm0391 »

Also do this on every page just to keep the page clean of the header error.:

Code: Select all

<?php 
// Very first thing to call
ob_start();


// You normal Script  goes here for everypage


// Very last thing to call
ob_flush();
?>
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Not the best of advice to give, in my opinion. If you are doing something wrong in your code, PHP throws an error/notice to tell you that you are doing something wrong. Adding in the output buffering code for the sole purpose of quiteing the 'headers already sent' error is not handling the error to begin with.

My suggestion is write your code logically and properly. Test your code vigorously with error_reporting set to E_ALL and display_errors set to On (just make sure to change those setting in a production environment). Then, when you don't the error it is because you coded it correctly, not because you told PHP to be quiet.
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Post by alex.barylski »

Not the best of advice to give, in my opinion. If you are doing something wrong in your code, PHP throws an error/notice to tell you that you are doing something wrong. Adding in the output buffering code for the sole purpose of quiteing the 'headers already sent' error is not handling the error to begin with.
I second that advice :)
chakhar86
Forum Commoner
Posts: 45
Joined: Mon Jun 05, 2006 1:36 am
Contact:

Post by chakhar86 »

why you don't use cookies instead, in my experience it won't caused you headers problem but less secure
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Cookies are bound by the same header problems as header. The thing to remember in this case is that it is important to take what PHP is telling you seriously. If you are getting errors, fix the code.
Post Reply