sessions problem

[sean14592]

Hi, I have a session problem, I have a login and a page that I only want to be viewable if logged in.

 

Login_process.php - Session Part

if (($fieldcheck1 == 1) || ($fieldcheck2 = 1))
{

	session_start();
	session_register("login"); //set a variable for use later
	$_SESSION['username'] = $_POST['username'];
	$_SESSION['main_username'] = $_POST['username'];
	$id = session_id(); //let's grab the session ID for those who don't have cookies
	$url = "Location: login_done.php?sid=" . $id;
	header($url);
	//header("Location: log_done.php");
	mysql_close($connect);
	Die();

}

 

 

Cpanel.php

<?php
session_start ();
include("../include/config.php");
include("../include/header.php");


if (! session_is_registered ("login") ) //if your variable isn't there, then the session must not be
{
session_unset (); //so lets destroy whatever session there was and bring them to login page
session_destroy ();
echo ("You need to login to access this page!");

}
else //otherwise, they can see the page
{

 

 

Once I have logged in, I then go to cpanel.php and get this:

You need to login to access this page!

 

I don't understand because I am logged in?

 

 

Cheers

Sean Preston

[Rowno]

Well first of all the session_start() should be at the top of the page.

Second, why don't you use a session variable to find if someone's logged in?

Like this:

session_start();
if (($fieldcheck1 == 1) || ($fieldcheck2 = 1))
{
	$_SESSION['loggedin'] = 1; //set a variable for use later
	$_SESSION['username'] = $_POST['username'];
	$_SESSION['main_username'] = $_POST['username'];
	$id = session_id(); //let's grab the session ID for those who don't have cookies
	$url = "Location: login_done.php?sid=" . $id;
	header($url);
	//header("Location: log_done.php");
	mysql_close($connect);
	Die();

}

 

And then use an if statement to check if they're logged in like this:

session_start ();
include("../include/config.php");
include("../include/header.php");


if ($_SESSION['loggedin'] != "1") //if your variable isn't there, then the session must not be
{
session_destroy();
echo ("You need to login to access this page!");

}
else //otherwise, they can see the page
{

 

And you only need session_destroy() because it completly destroys the session.

[haku]

if (! session_is_registered ("login") ) //if your variable isn't there, then the session must not be

 

session_is_registered("login") is returning false, so its entering into the 'if' statement instead of the 'else' statement.

 

And that is your problem.

[sean14592]

Hi, ummm, Its still thinking im not logged in. Here is the full login_process.php page.

 

http://rafb.net/p/13Kq9A60.html

[sean14592]

Please someone, I really need help with this.

 

Cheers

Sean Preston

[BlueSkyIS]

($fieldcheck2 = 1) will always be TRUE

[morph07]

check these variables you used:

 

$session_register("login")

$session_is_registered ("login")

 

my question: is this the same variable you referring? i think you just mistyped it..

 

[Rowno]

Have you even tried the code I gave you?

[sean14592]

Have you even tried the code I gave you?

 

Hi, yes, I'm using your code at the moment.

Sadly still not working, Im gonna checkout other posts now.

Cheers

Sean

[sean14592]

OMG, I have been trying to fix this for 2/3 days now, Here is the full code for both pages (cpanel.php & login_process.php).

 

 

login_process.php

http://rafb.net/p/aJa3JZ93.html

 

cpanel.php

http://rafb.net/p/yX2heL23.html

 

 

Please, Please somebody help me.

Cheers

Sean

[haku]

Neither of those pages seems to exit.