How do sessions work?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

St8ic
Forum Newbie
Posts: 16
Joined: Thu Dec 09, 2004 10:40 pm

How do sessions work?

Post by St8ic »

Before I start rambling, I'm running an OpenBSD web server using Apache and PHP 4.

All I want is a login system where the users type in any name they want and a pre-specified password in "index.php" and it takes them to "terminal.php" and uses their user name that they specified in that page. However, it shouldn't take them to the terminal.php if the password is wrong and they shouldn't be able to access terminal.php without logging in first. I figured that the easiest way to do this is with php sessions, but so far no dice.

When I hit login all I get is a blank page. Please excuse my messy and amature coding! I would *really* appreciate if someone would sift through it with me and tell me what I'm messing up on. Thanks!

Code: Select all

# -----LOGIN.PHP : WHERE INDEX GOES TO VALIDATE LOGIN
<html>
<title>Page Title</title>
<?php
if($_POST['pass'] == 'thepassword'){
session_start();
$key = "3hfdy";
session_register($key);
session_name = ($_POST['name']);
echo 'Login good, loading...';
header('Location:terminal.php');
}
else {
echo "INCORRECT LOGIN";
}
?>
</html>

Code: Select all

# -----TERMINAL.PHP : CHECKS FOR VALID LOGIN OR WON'T DISPLAY PAGE
<html>
<?php
session_start();
if($key != '3hfdy'){
echo 'LOGIN INVALID';
}
else { ?>
<head>
<title>Page Title</title>
</head>
<body>
Welcome, <?php echo (session_name); ?>
(and the real content goes here)
</body>
</html>
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

A few things:
I wouldn't use session_register as it is deprecated I believe. Use the $_SESSION superglobal . Then you can use it just like any other array value:

Code: Select all

session_start();
$_SESSION['foo'] = "bar";
echo $_SESSION['foo']; // outputs "bar"
$_SESSION['foo'] = "boofar";
echo $_SESSION['foo']; // outputs "boofar"
Also, always use full urls when redirecting with header()

Code: Select all

header('Location: http://www.yourdomain.com/page.php');
You could even make your own simple function to avoind having to type the whole url every time:

Code: Select all

function redirect($page)
{
    if(!headers_sent()){
        header('Location: http://www.yourdomain.com/' . $page);
        exit;
    }
    echo "headers were already sent, so we can not redirect... sorry";
}
Just some good practice to get used to... :D
St8ic
Forum Newbie
Posts: 16
Joined: Thu Dec 09, 2004 10:40 pm

Post by St8ic »

Thanks for the tips! It's greatly appreciated.

So aside from the header redirect problem, the code is fundamentally correct? I don't understand why it's not working!
St8ic
Forum Newbie
Posts: 16
Joined: Thu Dec 09, 2004 10:40 pm

Post by St8ic »

Sorry for making so many posts, but I think Ihave it figured out except for this one thing

Parse error: parse error, unexpected $ in /htdocs/site/terminal.php on line 35

Line 35 is blank. I read up on this on the internet and apparently this is due to a file corruption on upload. I'm uploading it via SSH using WinSCP (I tried the puTTY ftp-clone too) and I've tried deleting and re-creating the file. Nothing works.

Has anyone else had this problem?
toasty2
Forum Contributor
Posts: 361
Joined: Wed Aug 03, 2005 10:28 am
Location: Arkansas, USA

Post by toasty2 »

PHP commonly reports an error on a line before or after the line with the actual error. It happens to me all the time.
Just look near where it says the error is, nothing is perfect :D

I really doubt your files are corrupted on upload, it's very uncommon. And I've had my share of crappy internet connections :?
User avatar
jayshields
DevNet Resident
Posts: 1912
Joined: Mon Aug 22, 2005 12:11 pm
Location: Leeds/Manchester, England

Post by jayshields »

St8ic wrote:Sorry for making so many posts, but I think Ihave it figured out except for this one thing

Parse error: parse error, unexpected $ in /htdocs/site/terminal.php on line 35

Line 35 is blank. I read up on this on the internet and apparently this is due to a file corruption on upload. I'm uploading it via SSH using WinSCP (I tried the puTTY ftp-clone too) and I've tried deleting and re-creating the file. Nothing works.

Has anyone else had this problem?
Look for missing curly braces or missing semi-colons.
Dave2000
Forum Contributor
Posts: 126
Joined: Wed Jun 21, 2006 1:48 pm

Post by Dave2000 »

The Ninja Space Goat wrote:Also, always use full urls when redirecting with header()

Code: Select all

header('Location: http://www.yourdomain.com/page.php');
Can i ask why you should do this?

Shears :)
toasty2
Forum Contributor
Posts: 361
Joined: Wed Aug 03, 2005 10:28 am
Location: Arkansas, USA

Post by toasty2 »

It does a redirect, for example if you wish to send a user to another page. Now if you are asking about full url's, I never bother :P It works fine for me...
Last edited by toasty2 on Sun Sep 03, 2006 2:58 pm, edited 2 times in total.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Shears wrote:Can i ask why you should do this?
Full URI is the only value allowed by the standard. Relative URI's will not work in certain browsers.
toasty2
Forum Contributor
Posts: 361
Joined: Wed Aug 03, 2005 10:28 am
Location: Arkansas, USA

Post by toasty2 »

What certain browsers? I am curious.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Any browser that strictly implements the HTTP standard.
Dave2000
Forum Contributor
Posts: 126
Joined: Wed Jun 21, 2006 1:48 pm

Post by Dave2000 »

The Ninja Space Goat wrote:You could even make your own simple function to avoind having to type the whole url every time:

Code: Select all

function redirect($page)
{
    if(!headers_sent()){
        header('Location: http://www.yourdomain.com/' . $page);
        exit;
    }
    echo "headers were already sent, so we can not redirect... sorry";
}
Is it actually possible to do this? Or at least i haven't been able to get it to work. It seems that the $page variable is unable to be passed though/ to the function. Doing so seems to result in any dots getting "lost".

For example, calling... redirect(index.php) atempts to redirect to http://example.com/indexphp NOTE: the missing dot :?

How could i prevent this from happening?

Thank you

Shears :)
Dave2000
Forum Contributor
Posts: 126
Joined: Wed Jun 21, 2006 1:48 pm

Post by Dave2000 »

anyone? :?
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

You should test your scripts with error_reporting=E_ALL and either display_errors or keeping an eye on your webserver's error log.
You can set those values within the script if you must

Code: Select all

error_reporting(E_ALL); ini_set('display_errors', true);
function redirect($page)
{
	if(!headers_sent()){
		header('Location: http://www.yourdomain.com/' . $page);
	exit;
	}
	echo "headers were already sent, so we can not redirect... sorry";
}
but it's better to set them e.g. in the php.ini on your test webserver.


String literals have to be marked for php or they are considered constants. In this case as two constants concatenated by .

Code: Select all

redirect('index.php');
GM
Forum Contributor
Posts: 365
Joined: Wed Apr 26, 2006 4:19 am
Location: Italy

Post by GM »

You need to do:

Code: Select all

redirect("index.php");
Note the double quotes (also works with single quotes).

If you leave the quotes out, php sees an undefined constant called index and an undefined constant called php, and sees that they are concatenated with the full stop (period). Since you haven't defined constants index and php, the php engine decides to define them itself. Result is that you get "indexphp".

EDIT: Damnit. Beaten to it by volka
Post Reply