first session cant work

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
shwetha004
Forum Newbie
Posts: 12
Joined: Mon Aug 06, 2007 10:39 pm

first session cant work

Post by shwetha004 »

hi all,

i am trying to implement sessions in my application. after the user login, he will be taken to another page, and from there he can proceed to view some restricted content.however, whenever i login for the first time, it allows me to login( meaning i can view my second page), but i cant view the restricted content from there.

but when i logout and login for the second time,it works perfectly..i am baffled 8O

here is my code

page 1:login

Code: Select all

@session_start();
if (isset($_SESSION['username'])){

echo "Previous session exists<br>";?>

//display 2nd page if session already exists.
}else {

//if not display login form
}

page 2

Code: Select all

@session_start();
//perform mysql query to match username and password

if(successfull login){
$_SESSION['username'] = $id;
$_SESSION['category']='loanOfficer';

//display links to restricted pages.
<a href="page 3.php">Analysis Current Loans</a>

}else{
//redirect to login page
}

page 3

Code: Select all

@session_start();
if (isset($_SESSION['username'])){

//display restricted content
}else {
//display error message

}


any help will be greatly appreciated..thanks in advance :)
User avatar
Zoxive
Forum Regular
Posts: 974
Joined: Fri Apr 01, 2005 4:37 pm
Location: Bay City, Michigan

Post by Zoxive »

How are you "logging" out? what are you doing to the session['username'] ?

I ask this because your only checking if its SET.
shwetha004
Forum Newbie
Posts: 12
Joined: Mon Aug 06, 2007 10:39 pm

Post by shwetha004 »

hi,
here is the code for my logout:

Code: Select all

session_start();	
	unset($_SESSION['username']);
	session_destroy();
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

You may want to turn error reporting as there are some noticable errors in the syntax.
shwetha004
Forum Newbie
Posts: 12
Joined: Mon Aug 06, 2007 10:39 pm

Post by shwetha004 »

do you mean that i should turn error reporting to ON on my server?i've already done that..
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

The first thing you should do is see if sessions are working. Try this (something I have posted about here and on my blog):

Name this file session-test-page1.php:

Code: Select all

<?php 
//Session start 
session_start(); 

//Set session vars 
if (!isset($_SESSION['username']) && !isset($_SESSION['password'])) 
{ 
    $_SESSION['username'] = 'testusername'; 
    $_SESSION['password'] = 'testpassword'; 
        
        header('Location: session-test-page2.php'); 
        exit; 
} 
else 
{ 
    // Quick error checking 
        echo '<pre>'; var_dump($_SESSION); echo '</pre>'; 
        echo '<p>You user name is already set to ' . $_SESSION['username'] . '</p>'; 
    echo '<p>And your password is already set to ' . $_SESSION['password'] . '</p>'; 
} 

if (isset($_GET['clear'])) 
{ 
        // Unset all of the session variables. 
        $_SESSION = array(); 

        // If it's desired to kill the session, also delete the session cookie. 
        // Note: This will destroy the session, and not just the session data! 
        if (isset($_COOKIE[session_name()])) { 
            setcookie(session_name(), '', time()-42000, '/'); 
        } 

        // Finally, destroy the session. 
        session_destroy(); 
        
        echo '<p>Even though you see the information above, the session has already been terminated. 
        <a href="' . basename($_SERVER['SCRIPT_FILENAME']) . '">Refresh the page</a> and you will see nothing as the page sets the session vars again.</p>'; 
} 

echo '<p><a href="session-test-page2.php">Click here for page 2</a></p>'; 
echo '<p><a href="?clear=true">Click here to clear the session data</a></p>'; 
?>



Name this one session-test-page2.php:

Code: Select all

<?php 
//Session start 
session_start(); 

// Quick error checking 
echo '<pre>'; var_dump($_SESSION); echo '</pre>'; 

// Echo session vars 
echo '<p>You user name is ' . $_SESSION['username'] . '</p>'; 
echo '<p>And your password is ' . $_SESSION['password'] . '</p>'; 

echo '<a href="session-test-page1.php">Click here to go back to page 1</a>'; 
?>
Save them to your local server (or whatever server you are developing on) and call the first page - http://localhost/session-test-page1.php. It should redirect to session-test-page2.php automatically after it sets the session vars. Then follow the links that it gives you. Post back each screen so we can see what is happening.

If you find that sessions are indeed working the way you suspect, tryin morphing snippets from this code into what you need. See if that works at all.
shwetha004
Forum Newbie
Posts: 12
Joined: Mon Aug 06, 2007 10:39 pm

Post by shwetha004 »

hi everah,
thank you so much for your reply..

i have tried the code and here is my output.
when i call the session-test-page1.php, i get this output:

array(2) {
["username"]=>
&string(12) "testusername"
["password"]=>
&string(12) "testpassword"
}

You user name is testusername

And your password is testpassword
Click here to go back to page 1.

when i click on the link to go to page 1:
array(2) {
["username"]=>
&string(12) "testusername"
["password"]=>
&string(12) "testpassword"
}

You user name is already set to testusername

And your password is already set to testpassword

Click here for page 2

Click here to clear the session data


when i click on the link for page 2:
array(2) {
["username"]=>
&string(12) "testusername"
["password"]=>
&string(12) "testpassword"
}

You user name is testusername

And your password is testpassword
Click here to go back to page 1

and when i click on the link to clear session data:
array(2) {
["username"]=>
&string(12) "testusername"
["password"]=>
&string(12) "testpassword"
}

You user name is already set to testusername

And your password is already set to testpassword

Even though you see the information above, the session has already been terminated. Refresh the page and you will see nothing as the page sets the session vars again.

Click here for page 2

Click here to clear the session data


so it seems that my session is working..what i dont understand is,why only the first session is not working.. 8O

and im not sure whether this information is relevant,but im developing my project in two environments..first i develop in localhost, and upload it to a server after that. and i am getting the same error in both environments.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Can you post the actual code that is causing you problems? There may be more happening that we cannot see at the moment.

Please post only the relevant sections of the code, not all of it.
shwetha004
Forum Newbie
Posts: 12
Joined: Mon Aug 06, 2007 10:39 pm

Post by shwetha004 »

hi..

here is my code:

page 1-login page

Code: Select all

<?php
@session_start();

if (isset($_SESSION['username'])){

echo "Previous session exists<br>";?>

//this is the restricted page
<a href="../olaps/retrieveApp.php">Retrieve Loan Applications</a>
     
   
//display form for changing password
      

//link to logout
<a href="../olaps/logout.php" target="_self">LOGOUT</a><br>
	  <?php
 } else {//if session not set

//display login form again

echo "No previous session";
}
?>

2nd page-officer index

Code: Select all

@session_start();

$id =$_POST['staffID'];
$pwd=$_POST['staffPwd'];


$result=mysql_query("select * from loanOfficer where staffID='$id' AND password='$pwd'") or die(mysql_error());

//check that at least one row was returned
$rowCheck = mysql_num_rows($result);

if($rowCheck > 0){//got result from query
while($row = mysql_fetch_array($result)){

//successful login code 
$_SESSION['username'] = $id;
$_SESSION['category']='loanOfficer';

//display link to restricted page
echo '<a href="../olaps/retrieveApp.php">Analysis Current Loans</a>';
      

}


}else{//password didnt match

echo "password did not match.";

//display login form again


}

?>

page 3-retrieve app

Code: Select all

@session_start();
if (isset($_SESSION['username'])){

echo "User : ".$_SESSION['username']."<br>";
echo "Category : ". $_SESSION['category'];

//display restricted data


}else
{

echo "You are not authorised to view this page.Please login first.";
}
thank you :)
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Ok, two things.
  1. Get rid of the error suppression or you might never know if something is going on.
  2. Add error reporting and error displays to your code for a quick test

Code: Select all

<?php 
ini_set('error_reporting', E_ALL);
ini_set('display_errors', 1);
session_start(); 

if (isset($_SESSION['username'])) { 
  echo "Previous session exists<br>";
?> 

  //this is the restricted page 
  <a href="../olaps/retrieveApp.php">Retrieve Loan Applications</a> 
     
  //display form for changing password 
  //link to logout 
  <a href="../olaps/logout.php" target="_self">LOGOUT</a><br> 
<?php 
} else {//if session not set 
  //display login form again 
  echo "No previous session"; 
} 
?>

Code: Select all

<?php 
ini_set('error_reporting', E_ALL);
ini_set('display_errors', 1);
session_start(); 

$id =$_POST['staffID']; 
$pwd=$_POST['staffPwd']; 

$result=mysql_query("select * from loanOfficer where staffID='$id' AND password='$pwd'") or die(mysql_error()); 

//check that at least one row was returned 
$rowCheck = mysql_num_rows($result); 

if ($rowCheck > 0) {//got result from query 
  while($row = mysql_fetch_array($result)) { 

    //successful login code 
    $_SESSION['username'] = $id; 
    $_SESSION['category']='loanOfficer'; 

    //display link to restricted page 
    echo '<a href="../olaps/retrieveApp.php">Analysis Current Loans</a>'; 
  } 
}else{//password didnt match 
  echo "password did not match."; 
  //display login form again 
} 
?>

Code: Select all

<?php 
ini_set('error_reporting', E_ALL);
ini_set('display_errors', 1);
session_start(); 

if (isset($_SESSION['username'])) { 
  echo "User : ".$_SESSION['username']."<br>"; 
  echo "Category : ". $_SESSION['category']; 

  //display restricted data 
} else { 
  echo "You are not authorised to view this page.Please login first."; 
}
?>
Post Reply