Page 1 of 1
Session problems [solved. thanks volka]
Posted: Fri May 18, 2007 11:59 am
by toby_c500
Hi,
I am trying to test if sessions are working. The var $loginid does not echo in 'sessiontest.php'.
Do I have to $_GET?
or $_SESSION
The error I am getting is says the var $loginid has not been defined. So why is the data not coming across? I thought the session_start() saw to that (<?php session_start(); ?> is above the html tag on both pages).
login.php
Code: Select all
<?php
require ("main.inc");
error_reporting(E_ALL);
ini_set('display_errors', true);
dbconnect();
mysql_select_db("jobs4alltrades");
$loginid = $_POST['loginid'];
$password = $_POST['password'];
if ($loginid && $password){
$result = mysql_query("SELECT * FROM members WHERE loginid ='".$loginid."' AND password = '".$password."'");
if(!$result){
echo "Sorry, there has been a problem loging you in. Please try later.";
exit;
}
if (mysql_num_rows($result) >0){
session_register($loginid);
echo "<h1>Welcome $loginid</h1>";
?>
<br><a href="sessiontest.php">click here</a>
<?php
exit;
}
else{
echo "<h1>Sorry</h1><br>There is no match on our records. Please try again or register as a new user.<br><br>";
}
}
?>
sessiontest.php
Code: Select all
<?php
error_reporting(E_ALL);
ini_set('display_errors', true);
echo $loginid;
?>
Thanks for your help
Posted: Fri May 18, 2007 12:13 pm
by volka
session_register is deprecated, use $_SESSION instead.
You also need to call session_start() for each php instance (i.e. for each http request) that needs access to the session data.
Two questions:
Is your server configured to let php handle .inc file? If not anybody can see the code of main.inc. main.inc.php usually is a better choice.
Does dbconnect() return something? Please post the function's code.
Posted: Fri May 18, 2007 2:50 pm
by toby_c500
Thanks for the advice re: inc files. Does inc.php do the same thing then? I will replace that now.
also, the $_SESSION array. What needs to go in the ()? is it similar to a $_POST? I have tried putting var's into the () and in mention using a string only. I've also tried without the $.
I have 'session_start()' before each html tag on the page.
This is the main.inc file:
Code: Select all
<?php
function dbconnect(){
$link = mysql_connect('localhost', 'root', 'root');
}
?>
Thanks for helping volka.
Posted: Fri May 18, 2007 3:06 pm
by volka
toby_c500 wrote:Thanks for the advice re: inc files. Does inc.php do the same thing then? I will replace that now.
php doesn't care about the name of a file that is included/required. But the webserver does. And if someone enters
http://serv.er/main.inc instead of
http://serv.er/login.php the webserver doesn't know how to handle file and will send the
source code as text/plain or text/html to browser.
toby_c500 wrote:also, the $_SESSION array. What needs to go in the ()? is it similar to a $_POST? I have tried putting var's into the () and in mention using a string only. I've also tried without the $.
It's just an array that happens to be filled with the session data on session_start and to be saved when the script stops or session_write_close is called. Apart from that it's quite a normal array.
toby_c500 wrote:I have 'session_start()' before each html tag on the page.
So you didn't tell us the whole story about sessiontest.php ? Why?
try
Code: Select all
<?php //main.inc.php
function dbconnect() {
$link = mysql_connect('localhost', 'root', 'root');
if ( !$link ) {
die(mysql_error());
}
return $link;
}
?>
Code: Select all
<?php // login.php
require 'main.inc.php';
error_reporting(E_ALL);
ini_set('display_errors', true);
if ( isset($_POST['loginid'], $_POST['password']) ) {
$link = dbconnect();
mysql_select_db("jobs4alltrades", $link) or die(mysql_error());
$loginid = mysql_real_escape_string($_POST['loginid'], $link) or die(mysql_error());
$password = mysql_real_escape_string($_POST['password'], $link) or die(mysql_error());
$query = "SELECT
loginid
FROM
members
WHERE
`loginid`='$loginid'
AND `password`='$password'
";
$result = mysql_query($query, $link) or die(mysql_error());
if (mysql_num_rows($result) >0) {
session_start();
$_SESSION['loginid'] = $_POST['loginid'];
echo '<h1>Welcome ', $_POST['loginid'], "</h1>\n",
'<br><a href="sessiontest.php">click here</a>';
exit;
}
else{
echo "<h1>Sorry</h1><p>There is no match on our records. Please try again or register as a new user.</p>\n";
echo '<div>Debug: ', htmlentities($query), "</div>\n";
}
}
?>
Code: Select all
<?php // sessiontest.php
error_reporting(E_ALL);
ini_set('display_errors', true);
session_start();
echo '<pre>_COOKIE: '; var_export($_COOKIE); echo '</pre>';
echo '<pre>_SESSION: '; var_export($_SESSION); echo '</pre>';
if ( isset($_SESSION['loginid']) ) {
echo 'loginid: ', $_SESSION['loginid'], "<br />\n";
}
else {
echo '<div>no loginid stored</div>';
}
?>
(tested by php -l syntac check only)
Re: Session problems
Posted: Fri May 18, 2007 5:48 pm
by toby_c500
toby_c500 wrote: I thought the session_start() saw to that (<?php session_start(); ?> is above the html tag on both pages).
Yeah, I mentioned that in the first mail. Sorry for the confusion.
Thanks for the tips. I will try them in the morning. I'm grateful for all the help you are giving me Volka.
Cheers
Toby
Posted: Sat May 19, 2007 9:47 am
by toby_c500
Thanks so much Volka for your help. That has worked very well.
I tried just:
echo $_SESSION['loginid'];
and it didn't work. I take it you need to use the if (isset) statement first?
I will be using the loginid later in my scripts to call all the users data and send it to another user for there records via email. So I will be using a mysql_num_rows (or similar) to call the data back.
Thank you SO much for your help. Without people like you this community wouldn't exist. So thanks. I hope one day I can return the favor to someone else.