require_once losing my SESSION?
Posted: Sat Jun 17, 2006 7:36 pm
arborint | Please use
arborint | Please use
Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
Hello everyone,
I have a problem with sessions and authentication. I am able to log into my account successfully, navigate to the account settings page from the initial user page, and it queries the database correctly and puts in the correct user information, but when I click "submit" (whether or not i modify any data), it takes me to the validate_account_update.php page, where it references the session variable correctly, sets some flag variables, and returns back to the account settings page after making the changes. The problem is, when PHP returns me to the account settings page AFTER THAT, the check_valid_user() function does not find a session present anymore (even though it existed and worked FINE on this page before I clicked submit), so it redirects me to the login page. Its the same page that calls the same necessities (such as session_start). Is it require_once that is erasing my session? It seems that if I leave the validate_account_update.php page and redirect back to ANYWHERE, the session gets destroyed (ie: not just when i set the header to account_settings.php). Any ideas?
By the way, $MAIN_URL_PREFIX is just the root path to my site where the files are contained. Also, I didnt use the global declarative before, this was just for testing and it still didnt work.
Here is some of the code below:Code: Select all
//====================================================
// beginning of account_update.php
//====================================================
<?
require_once('rss_fns.php');
session_start();
global $_SESSION;
$user = $_SESSION['valid_user'];
check_valid_user();
$user_result = get_user_info($user);
echo $_SESSION['sql'];
$row = mysql_fetch_array($user_result);
//$_SESSION['processed'] = true;
row_to_session_client($row);
$contact_name = $row['client_contact'];
$email = $row['client_email'];
//$user = $row['client_username'];
$company_name = $row['client_name'];
$addr1 = $row['client_addr1'];
$addr2 = $row['client_addr2'];
$city = $row['client_city'];
$state = $row['client_state'];
$zip = $row['client_zip'];
$phone = $row['client_phone'];
$fax = $row['client_fax'];
$title = $row['client_title'];
$website = $row['client_website'];
$referral = $row['client_referred_by'];
?>
<td width="500" height="100%" align="left" valign="top" class="box6">
<h1>Update Account Settings</h1>
<? if ($ps) echo "<h3 color='red'>Your password has been successfully updated.</h3>"; ?>
<font color="red">Note: Fields denoted with an * are required. </font><br>
<form name="signup_form" method="post" action="validate_account_update.php">
<? include ("basic_change_userform.php"); ?>
<input name="submit" type="submit" value="Update Account">
</p>
</form>
...
//====================================================
// check_valid_user() function
//====================================================
function check_valid_user()
{
global $_SESSION;
if (!isset($_SESSION['valid_user']))
{
// they are not logged in
$hdr = "$MAIN_URL_PREFIX" . "login.php?flg=4";
header("Location: $hdr");
exit;
}
}
//====================================================
// validate_account_update.php
//====================================================
<?
require_once('rss_fns.php');
session_start();
check_valid_user();
global $_SESSION;
$user = $_SESSION['valid_user'];
$f = false;
$hdr = "$MAIN_URL_PREFIX" . "account_settings.php";
if (missing_required_client_vars()) $f = true;
post_to_session_client();
$contact_name = $_POST['contact_name'];
$email = $_POST['email'];
$addr1 = $_POST['addr1'];
$addr2 = $_POST['addr2'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
$phone = $_POST['phone'];
$fax = $_POST['fax'];
$title = $_POST['title'];
$website = $_POST['website'];
$referral = $_POST['referral'];
//let page know that this form has been submitted
$_SESSION['processed'] = true;
// if missing required fields
if ($f){
header("Location: $hdr" ."?flg=1");
exit;
}
else{
$result = update_account($user);
$_SESSION['sql'] = $sql;
header("Location: $hdr" ."?flg=3");
exit;
}
header("Location: $hdr" ."?flg=2");
exit;
?>Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]