Page 2 of 3
Posted: Sun May 27, 2007 3:33 pm
by superdezign
I didn't know that you could use multiple arguments in isset(). That'll shrink some of my checks significantly.
And $User_Name and $Password look extremely iffy. What are their values? Echo them. Sounds to me like they're null.
Posted: Sun May 27, 2007 3:34 pm
by franknu
well i have a member page where i start the session
like this
Code: Select all
<?php
session_start();
$_SESSION['User_Name'] = $_POST['User_Name'];
$_SESSION['Password'] = $_POST['Password'];
?>
<html>
<head>
<title>Member Session</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
<!--
.style1 {
color: #FFFFFF;
font-weight: bold;
}
-->
</style>
</head>
then i have a link which should carry the user name and password,
the user enter his/ her info if it match then i takes them to the member page the problem is that i have a like named update so when they click there, i t should take the session that i want to update but in order to update the password and user name has to match and that is the reason i need the session for but it is not carrien the password and user info on the session
Posted: Sun May 27, 2007 3:36 pm
by volka
meaning User_Name and Password are fields in a html form the user submits?
Posted: Sun May 27, 2007 3:45 pm
by franknu
yes
Posted: Sun May 27, 2007 3:47 pm
by superdezign
If so, you shouldn't assume that variables exist, ever, unless you defined them yourself. Anyone could type in your URL without submitting a form. Maybe you need to try checking !empty($_POST) or isset($_POST['User_Name']) before you go using the values.
Posted: Sun May 27, 2007 3:51 pm
by volka
Code: Select all
<?php
if ( !isset($_POST['User_Name'], $_POST['Password']) ) {
echo '<pre>POST: ', print_r($_POST, true), "</pre>\n";
echo '<pre>REQUEST: ', print_r($_REQUEST, true), "</pre>\n";
die('missing POST parameter User_Name or Password');
}
session_start();
$_SESSION['User_Name'] = $_POST['User_Name'];
$_SESSION['Password'] = $_POST['Password'];
?>
Posted: Sun May 27, 2007 3:53 pm
by franknu
oh, i have some code that check for user and password, but isnt the job of the session meaning after the user submit his password and user name then it carry it is every paget that i ask for it.
Posted: Sun May 27, 2007 3:56 pm
by volka
The contents of $_SESSION is carried, everything else isn't
Posted: Sun May 27, 2007 3:58 pm
by superdezign
franknu wrote:oh, i have some code that check for user and password, but isnt the job of the session meaning after the user submit his password and user name then it carry it is every paget that i ask for it.
Yeah, but ONLY if the information's already been submitted.
Posted: Sun May 27, 2007 4:04 pm
by franknu
yes, the information had already been submited meaning the password and user name has already been submited do i have to start the session at the page where the user enter his user name and password to be confirm because i stated the session at the member page
Posted: Sun May 27, 2007 4:05 pm
by volka
Yes.
Posted: Sun May 27, 2007 6:47 pm
by franknu
Ok i added that i also added the
<pre>_SESSION:<?php print_r($_SESSION); ?></pre> into the member page
and this is my display
SESSION:Array
(
[User_Name] => franklin
[Password] => franklin01
)
so the problem looks like it is not carrien the User_Name and Password into the next page
so please help
Posted: Sun May 27, 2007 7:03 pm
by superdezign
What? If the session array has the username and password, then it IS being sent from page to page, unless you're not calling session_start().
Posted: Mon May 28, 2007 4:59 am
by volka
Just for clarification. You have a form where the user enteres its credentials
Code: Select all
<form action="login.php" method="post">
<input name="username"
<input name="password"
a script that processes the login and starts a new session if the login is successful
Code: Select all
if ( login($_POST['username'], $_POST['password']) ) {
session_start();
session_regenerate_id();
$_SESSION = array('username'=>$_POST['username']);
}
and another script that uses the session data
Code: Select all
<?php
session_start();
if ( !isset($_SESSION['username'])) {
die('<html><head><meta http-equiv="refresh" content="5; URL=http://lala.la/login.php" /></head>
<body>you need to log-in first</body></html>');
}
?><html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<?php
$host = "localhost";
$username = "fgyfhg";
correct so far?
Posted: Mon May 28, 2007 9:34 am
by franknu
Ok i did some changes and i got a little improvement base on what u said. Yes the way u have it set up that is the logic i have.
but here is the change i made
Code: Select all
<?
if ( isset($_POST['User_Name']) && isset ( $_POST['Password']) ) {
session_start();
session_regenerate_id();
$_SESSION = array('User_Name'=>$_POST['User_Name']);
}
?>
also it is still not carrin the User_Name onto the next page
but is defenely and improvement
this line is displaying this..<pre>_SESSION:<?php print_r($_SESSION); ?></pre>
_SESSION:Array
(
[User_Name] => franklin
)
the problem is that i should also display the password and it is only displaying the user