PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
//this is at the start of the page to know if the user is logged in or not
//check for session integrity
if(!isset($_SESSION))
{
session_start();
}
//see if the user is authenticated
if($_SESSION['authenticate']!="1")
{
//redirect to session expire page
//this is the form i put in the page
<form action ="uploadvideo.php" method ="post" enctype="multipart/form-data" onsubmit = " return validate_form();">
Upload form to be embedded here.
<br />
<input type="file" id= "uploadvideo" name="video" />
<input type ="submit" value ="UPLOAD" onclick="show_upload();" />
//check for session integrity
if(!isset($_SESSION))
{
session_start();
echo "Session was not set";
}
//see if the user is authenticated
if($_SESSION['authenticate']!="1")
{
session_regenerate_id();
session_destroy();
include_once("template_start.php");
echo '<FONT COLOR="#FF0000 "><center>
<b>Unauthorized login.. Please Login again</b>
</center></FONT>';
include_once("loginbody.php");
include_once("template_end.php");
exit();
}
include_once("template_start.php");
include_once("utilities.php");
include_once("vars.php");
$loginID = $_SESSION['LoginID'];
//create a unique file name
$unique_filename = generate_random_string(16,$loginID);
//get the original file base name to be stored in database as videoname
$videoname = basename($_FILES['video']['name']);//to be stored in mysql
//check for the file size and send back if not proper
if($_FILES['video']['size']>$g_file_size_limit)
{
echo "File size is more than 12MB cannot upload file<br />";
echo "<a href=\"videolist.php\">BACK</a>";
include_once("template_end.php");
exit();
}
echo "size of the file is ".$_FILES['video']['size'];
//have to move the uploaded file to temp folder for conversion
$temp_path =$g_temp_files_folder.$videoname;
//move the uploaded file to the location
if(!move_uploaded_file($_FILES['video']['tmp_name'],$temp_path))
{
echo "file could not be moved <br />";
echo "<a href=\"videolist.php\">BACK</a>";
include_once("template_end.php");
exit();
}
Now the problem is each time i try to upload a file it shows the session has expired. The settings for session in the ini file are as follows
session.auto_start Off
session.bug_compat_42 On
session.bug_compat_warn On
session.cache_expire 180
session.cache_limiter nocache
session.cookie_domain no value
session.cookie_httponly Off
session.cookie_lifetime 0
session.cookie_path /
session.cookie_secure Off
session.entropy_file no value
session.entropy_length 0
session.gc_divisor 100 100
session.gc_maxlifetime 1440
session.gc_probability 1
session.hash_bits_per_character 4
session.hash_function 0
session.name PHPSESSID
session.referer_check no value
session.save_handler files
session.save_path no value
session.serialize_handler php
session.use_cookies On
session.use_only_cookies Off
session.use_trans_sid 0
Thought its a time out problem but cant figure out where.. please help
//this is what i wrote for the authentication after the user logging is passed.
$_SESSION['authenticate']="1";
To add more.. I have left the page untouched for about 3 minutes and after that, tried to link to something else, even then the session fails. i think the timeout is set to 3 minutes. How do i change this?
Why do you have all of this session weirdness? Regenerate ID and then destroy? Just have session_start() in every page, no conditionals, no nothing. Then every page check if your session variable authenticated is 1, if not, then send yourself to the login page, which sets it to be 1, if valid authentication.
Your session handling is way overcomplicated, when there's no need for it to be. From http://php.net/session_start:
session_start() creates a session or resumes the current one based on the current session id that's being passed via a request, such as GET, POST, or a cookie.
Not sure if it'll fix your problem, but it'll certainly uncomplicate things a bit.
well thats all the part of the code when the user is not authenticated. Will uncomplicate it later. but i think i have solved it with a work around.
just for this page, i am trying to send everything in post and set the authenticate to 1 (of course only if i get the variables i need on a post). its a raw work around.
session.cookie_lifetime 1800
i have also tried this one.. no results yet