Session problems [solved. thanks volka]

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
toby_c500
Forum Commoner
Posts: 50
Joined: Fri May 11, 2007 11:29 am
Location: Leeds, England

Session problems [solved. thanks volka]

Post by toby_c500 »

Hi,

I am trying to test if sessions are working. The var $loginid does not echo in 'sessiontest.php'.

Do I have to $_GET?
or $_SESSION

The error I am getting is says the var $loginid has not been defined. So why is the data not coming across? I thought the session_start() saw to that (<?php session_start(); ?> is above the html tag on both pages).

login.php

Code: Select all

<?php
require ("main.inc");


error_reporting(E_ALL);
ini_set('display_errors', true); 

dbconnect();
mysql_select_db("jobs4alltrades");

$loginid = $_POST['loginid'];
$password = $_POST['password'];



if ($loginid && $password){
	
	$result = mysql_query("SELECT * FROM members WHERE loginid ='".$loginid."' AND password = '".$password."'");

	if(!$result){
		echo "Sorry, there has been a problem loging you in. Please try later.";
		exit;
	}
	if (mysql_num_rows($result) >0){
   		session_register($loginid);
  		echo "<h1>Welcome $loginid</h1>";
  		?>
  		<br><a href="sessiontest.php">click here</a>
  		<?php
  		exit;
   }

else{
  echo "<h1>Sorry</h1><br>There is no match on our records. Please try again or register as a new user.<br><br>";	
  }
}
  	 	
?>
sessiontest.php

Code: Select all

<?php

error_reporting(E_ALL);
ini_set('display_errors', true);

echo $loginid;



?>
Thanks for your help
Last edited by toby_c500 on Sat May 19, 2007 9:35 am, edited 1 time in total.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

session_register is deprecated, use $_SESSION instead.
You also need to call session_start() for each php instance (i.e. for each http request) that needs access to the session data.

Two questions:
Is your server configured to let php handle .inc file? If not anybody can see the code of main.inc. main.inc.php usually is a better choice.
Does dbconnect() return something? Please post the function's code.
toby_c500
Forum Commoner
Posts: 50
Joined: Fri May 11, 2007 11:29 am
Location: Leeds, England

Post by toby_c500 »

Thanks for the advice re: inc files. Does inc.php do the same thing then? I will replace that now.

also, the $_SESSION array. What needs to go in the ()? is it similar to a $_POST? I have tried putting var's into the () and in mention using a string only. I've also tried without the $.

I have 'session_start()' before each html tag on the page.


This is the main.inc file:

Code: Select all

<?php

function dbconnect(){
	$link = mysql_connect('localhost', 'root', 'root');
}
?>
Thanks for helping volka.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

toby_c500 wrote:Thanks for the advice re: inc files. Does inc.php do the same thing then? I will replace that now.
php doesn't care about the name of a file that is included/required. But the webserver does. And if someone enters http://serv.er/main.inc instead of http://serv.er/login.php the webserver doesn't know how to handle file and will send the source code as text/plain or text/html to browser.
toby_c500 wrote:also, the $_SESSION array. What needs to go in the ()? is it similar to a $_POST? I have tried putting var's into the () and in mention using a string only. I've also tried without the $.
It's just an array that happens to be filled with the session data on session_start and to be saved when the script stops or session_write_close is called. Apart from that it's quite a normal array.
toby_c500 wrote:I have 'session_start()' before each html tag on the page.
So you didn't tell us the whole story about sessiontest.php ? Why?



try

Code: Select all

<?php //main.inc.php
function dbconnect() {
	$link = mysql_connect('localhost', 'root', 'root');
	if ( !$link ) {
		die(mysql_error());
	}
	return $link;
}
?>

Code: Select all

<?php // login.php
require 'main.inc.php';

error_reporting(E_ALL);
ini_set('display_errors', true);

if ( isset($_POST['loginid'], $_POST['password']) ) {
	$link = dbconnect();
	mysql_select_db("jobs4alltrades", $link) or die(mysql_error());

	$loginid = mysql_real_escape_string($_POST['loginid'], $link) or die(mysql_error());
	$password = mysql_real_escape_string($_POST['password'], $link) or die(mysql_error());
	
	$query = "SELECT 
			loginid
		FROM
			members
		WHERE
			`loginid`='$loginid'
			AND `password`='$password'
		";
	
	$result = mysql_query($query, $link) or die(mysql_error());
 	if (mysql_num_rows($result) >0) {
 		session_start();
 		$_SESSION['loginid'] = $_POST['loginid'];
		echo '<h1>Welcome ', $_POST['loginid'], "</h1>\n",
			'<br><a href="sessiontest.php">click here</a>';
		exit;
	}
	else{
		echo "<h1>Sorry</h1><p>There is no match on our records. Please try again or register as a new user.</p>\n";
		echo '<div>Debug: ', htmlentities($query), "</div>\n";
	}
}
?>

Code: Select all

<?php // sessiontest.php 
error_reporting(E_ALL);
ini_set('display_errors', true);
session_start();
echo '<pre>_COOKIE: '; var_export($_COOKIE); echo '</pre>';
echo '<pre>_SESSION: '; var_export($_SESSION); echo '</pre>';

if ( isset($_SESSION['loginid']) ) {
	echo 'loginid: ', $_SESSION['loginid'], "<br />\n";
}
else {
	echo '<div>no loginid stored</div>';
}
?>
(tested by php -l syntac check only)
toby_c500
Forum Commoner
Posts: 50
Joined: Fri May 11, 2007 11:29 am
Location: Leeds, England

Re: Session problems

Post by toby_c500 »

toby_c500 wrote: I thought the session_start() saw to that (<?php session_start(); ?> is above the html tag on both pages).
Yeah, I mentioned that in the first mail. Sorry for the confusion.

Thanks for the tips. I will try them in the morning. I'm grateful for all the help you are giving me Volka.

Cheers
Toby
toby_c500
Forum Commoner
Posts: 50
Joined: Fri May 11, 2007 11:29 am
Location: Leeds, England

Post by toby_c500 »

Thanks so much Volka for your help. That has worked very well.

I tried just:

echo $_SESSION['loginid'];

and it didn't work. I take it you need to use the if (isset) statement first?

I will be using the loginid later in my scripts to call all the users data and send it to another user for there records via email. So I will be using a mysql_num_rows (or similar) to call the data back.

Thank you SO much for your help. Without people like you this community wouldn't exist. So thanks. I hope one day I can return the favor to someone else.
Post Reply