Jump to content

session

adam291086

By adam291086
in PHP Coding Help

 Share

Recommended Posts

adam291086 Advanced Member

adam291086

Posted
Posted

This is really getting to me now, it's driving me mad

 

I have a login script that sets a session['username'] once logged in. when i check this session on other pages all works fine as the re direct doesn't kick in. But on one page all i am doing is 

<?php 
session_start();
// is the one accessing this page logged in or not?
echo $_session['username'];
if (!isset ($_SESSION['username'])) 
{
// not logged in, move to login page   
echo "<meta http-equiv=\"refresh\" content=\"0;url=http://www.bcyorkshire.co.uk/admin/login.php\">";
}
?>

i get nothing but the page redirecting. The session is definitely being set because i check it on other page and then navigate to the coding above. Any ideas?

 

 

Link to comment
Share on other sites
jonsjava Member

jonsjava

Posted
Posted

how do you call this page? have you verified that the page that calls this page has session_start()?

<?php 
session_start();
// is the one accessing this page logged in or not?
echo $_SESSION['username'];
if (!isset($_SESSION['username'])) 
{
// not logged in, move to login page   
echo "<meta http-equiv=\"refresh\" content=\"0;url=http://www.bcyorkshire.co.uk/admin/login.php\">";
}
?>

Link to comment
Share on other sites
dezkit Advanced Member

dezkit

Posted
Posted

oh, i think you need a "else" statement.

 

<?php 
session_start();
// is the one accessing this page logged in or not?
echo $_SESSION['username'];
if (!isset($_SESSION['username'])) 
{
// not logged in, move to login page   
echo "<meta http-equiv=\"refresh\" content=\"0;url=http://www.bcyorkshire.co.uk/admin/login.php\">";
} else {
echo "Not logged in.";
}
?>

Link to comment
Share on other sites
rhodesa Newbie

rhodesa

Posted
Posted

Also, try echoing session_id() on the pages and see if it changes for this page. There is a chance you are using a different php configuration for this file compared to the rest, and therefore it will cause it to have a completely different session.

Link to comment
Share on other sites
jonsjava Member

jonsjava

Posted
Posted

Ok, there are only 3 ways I can think of that would cause this to happen:

1: the referring page does not have session_start()

2: you have destroyed the session prior to hitting that page

3: the session variable is improperly named.  Until you can say for a fact that you have checked each of these, I'm not sure we can help. Saying that every page has it is just saying "I know I coded it in, so I'm not going to look".  We all miss things. Heck, I miss stuff while helping, and that's embarrassing, but it happens.

Link to comment
Share on other sites
rhodesa Newbie

rhodesa

Posted
Posted

Ok, there are only 3 ways I can think of that would cause this to happen:

1: the referring page does not have session_start()

2: you have destroyed the session prior to hitting that page

3: the session variable is improperly named.  Until you can say for a fact that you have checked each of these, I'm not sure we can help. Saying that every page has it is just saying "I know I coded it in, so I'm not going to look".  We all miss things. Heck, I miss stuff while helping, and that's embarrassing, but it happens.

 

-Navigating to a page WITHOUT session_start() between pages with them will not destroy the session.

-Did you try echoing the session_id()?

-Do you have full error reporting turned on?

Link to comment
Share on other sites
adam291086 Advanced Member

adam291086

Posted
  • Author
Posted

ok,

 

i have loaded up my login script and copied the session id straight into the page i am referring to it. Still nothing. I have tried echoing out the id but also get nothing. I have error_reporting(E_ALL); and still nothing.

 

It works fine on some pages but not this one

 

 

 

Link to comment
Share on other sites
adam291086 Advanced Member

adam291086

Posted
  • Author
Posted 
<?php
// we must never forget to start the session
session_start(); 
$errorMessage = '';
  $userId = $_POST['txtUserId'];
   $password = $_POST['txtPassword'];
   
   mysql_real_escape_string($userId);
   mysql_real_escape_string($password);
include '../database/config.php';
// check if the user id and password combination exist in database
$conn;   
$sql = "SELECT user_name
           FROM tbl_auth_user
           WHERE user_name = '$userId' 
                 AND user_password = PASSWORD('$password')";

   $result = mysql_query($sql) 
             or die('Query failed. ' . mysql_error()); 

   if (mysql_num_rows($result) == 1) {
      // the user id and password match, 
      // set the session

      $_SESSION['db_is_logged_in'] = true;



  // adds the username to session
     
   $row = mysql_fetch_assoc($result);
        $_SESSION['username'] = $row['user_name'];


      // after login we move to the main page
      header('Location: main.php');
      exit;
   } else {
      $errorMessage = 'Sorry, wrong user id / password';
   }

   include '../database/closedb.php';


if ($errorMessage != '') {
?>
<p align="center"><strong><font color="#990000"><?php echo $errorMessage; ?></font></strong></p>
<?php
}
?>

Link to comment
Share on other sites
BlueSkyIS Newbie

BlueSkyIS

Posted
Posted

not quite fine...

 

this:

 

  mysql_real_escape_string($userId);
  mysql_real_escape_string($password);

 

should be this:

 

$userID = mysql_real_escape_string($userId);
$password = mysql_real_escape_string($password);

 

and i'm not sure what this is supposed to be doing, but it's not doing anything:

 

$conn;

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

Your redirect is using both a hostname (www.) and it has a path (/admin/) if either of these are different from the page you started on and the session cookie domain and session cookie path settings are not set to allow the cookie to work for a different hostname or path, then your session won't carry over to the new page.

 

You would need to show us the url of the page you start on and you need to check the session cookie settings.

Link to comment
Share on other sites
BlueSkyIS Newbie

BlueSkyIS

Posted
Posted

assuming the settings are default, that wouldn't be the case. i've never seen it the way you've described, so i expect someone would have to intentionally hose the sessions, er, 'change the configuration' to make it act like that. in which case, "anything goes": your configuration is hosed.

Link to comment
Share on other sites
adam291086 Advanced Member

adam291086

Posted
  • Author
Posted

ok, i select the radio button of the event i want to edit/delete, the url of this page is http://www.bcyorkshire.co.uk/admin/event/adminevent.php

 

 

I then click on the button change selected which sends the event id to the modifyevent.php code, url will be http://www.bcyorkshire.co.uk/admin/event/modifyevent.php. In here the scripts finds out what the user wanted to do i.e edit or delete the event. If its edit then header("Location: http://bcyorkshire.co.uk/admin/rte/editeventsrte.php?event=$id"); if its delete just show deleted event on the screen

 

 

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.