Jump to content

[SOLVED] Sessions stop when using $_SERVER['HTTP_HOST']

iarp

By iarp
in PHP Coding Help

 Share

Recommended Posts

iarp Regular Member

iarp

Posted
Posted

Hey,

 

I think for some reason my named session stops working because i started using $_SERVER['HTTP_HOST'] in some of my pages

 

My server is setup as such

 

/

/iarp

/iarp/index.php

/iarp/includes/ (contains header, footer, session... etc.)

/iarp/cp/

/iarp/cp/admin/

/iarp/cp/admin/edit_page.php

 

In order for edit_page.php to each anything in '/iarp/includes/' i needed to add $_SERVER['HTTP_HOST'] so that it would add the starting URL. But now the page doesn't work at all, like sessions are no longer set on that page that i'm using $_SERVER['HTTP_HOST'].

 

At this time i've only used it on the header, i also changed the header to suit it.

edit_page.php

<?php

$page_title = 'Edit Page';
$header = '<script language="javascript" type="text/javascript" src="../includes/tinymce/jscripts/tiny_mce/tiny_mce.js"></script>
<script language="javascript" type="text/javascript">
tinyMCE.init({
	// General options
	mode : "textareas",
	skin : "o2k7",
	theme : "advanced",
	plugins : "safari,pagebreak,style,layer,table,save,advhr,advimage,advlink,emotions,iespell,inlinepopups,insertdatetime,preview,media,searchreplace,print,contextmenu,paste,directionality,fullscreen,noneditable,visualchars,nonbreaking,xhtmlxtras,template",

	// Theme options
	theme_advanced_buttons1 : "save,newdocument,|,bold,italic,underline,strikethrough,|,justifyleft,justifycenter,justifyright,justifyfull,styleselect,formatselect,fontselect,fontsizeselect",
	theme_advanced_buttons2 : "cut,copy,paste,pastetext,pasteword,|,search,replace,|,bullist,numlist,|,outdent,indent,blockquote,|,undo,redo,|,link,unlink,anchor,image,cleanup,help,code,|,insertdate,inserttime,preview,|,forecolor,backcolor",
	theme_advanced_buttons3 : "tablecontrols,|,hr,removeformat,visualaid,|,sub,sup,|,charmap,emotions,iespell,media,advhr,|,print,|,ltr,rtl,|,fullscreen",
	theme_advanced_buttons4 : "insertlayer,moveforward,movebackward,absolute,|,styleprops,|,cite,abbr,acronym,del,ins,attribs,|,visualchars,nonbreaking,template,pagebreak",
	theme_advanced_toolbar_location : "top",
	theme_advanced_toolbar_align : "left",
	theme_advanced_statusbar_location : "bottom",
	theme_advanced_resizing : true,

	// Drop lists for link/image/media/template dialogs
	template_external_list_url : "../includes/tinymce/examples/lists/template_list.js",
	external_link_list_url : "../includes/tinymce/examples/lists/link_list.js",
	external_image_list_url : "../includes/tinymce/examples/lists/image_list.js",
	media_external_list_url : "../includes/tinymce/examples/lists/media_list.js",});
</script>';

require_once ('http://' . $_SERVER['HTTP_HOST'] . '/includes/header.php');

if ($_SESSION['userlevel'] >= "9"){ //checks if the user is an admin, if not it skips everything below and forwards them to the login page.

//check for a valid id via GET or POST.
if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) {
$id = $_GET['id'];
} elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id']))) {
$id = $_POST['id'];
} else {
echo '<h1 id="mainhead">Page Error</h1><p class="error"> This page has been access in error. </p><p><br /><br /></p>';
include ('./includes/footer.php');
exit();
}


if (isset($_POST['submitted'])) {
$errors = array();

if (empty($_POST['page_name'])) {
	$errors[] = 'You forgot to enter the page name.';
} else {
	$pn = escape_data($_POST['page_name']);
}

if (empty($_POST['content'])) {
	$errors[] = 'You forgot to enter the content!.';
} else {
	$con = escape_data($_POST['content']);
}

$le = date("M/d/y",time());
$e = $first_name;

if (empty($errors)) {
	$query = "SELECT id FROM " . TBL_CONTENT . " WHERE page_name='$pn' AND id != $id";
	$result = @mysql_query($query);
	if (mysql_num_rows($result) == 0) {
		$query = "UPDATE " . TBL_CONTENT . " SET page_name='$pn', content='$con', last_edited='$le', editor='$e' WHERE id=$id";
		$result = mysql_query($query); //run the query
		if (mysql_affected_rows() == 1) { // if it ran ok
			//print a message
			echo '<h1> Edit page</h1><p> the page has been edited.</p>';
		} else {// if it did not run ok
			echo '<h1> System error</h1> You didn\'t make any changes!';
			//echo'<p>' . mysql_error() . '<br /><br />Query: ' . $query . '</p>';
			include ('./includes/footer.php');
		}
	} else {// already registered.
		echo '<h1> Error </h1>';
	}

} else { //report the errors
	echo '<h1> Error</h1> <p class="error"> The following errors occured:<br />';
	foreach ($errors as $msg) { //print each error
		echo " - $msg<br />\n";
	}
	echo '</p><p>Plese try again.</p><p><br /></p>';
} // end of if(empty($errors)) if.
}//end of submit conditional.
//always show the form.

//retrieve the user's information.

$query = "SELECT page_name, content, editor FROM " . TBL_CONTENT . " WHERE id='$id'";
$result = mysql_query($query); //run the query

if (mysql_num_rows($result) == 1) { //vaild user id, show the form.

//get the user's information.
$row = mysql_fetch_array($result, MYSQL_NUM);

//create the form.
echo '<div style="text-align: center; font-weight: bold; font-size: 14px;">Edit page</div>
	<form action="edit_page.php" class="edit_page" method="post">
		<h3>Title</h3><input type="text" class="edit_name" name="page_name" size="15" maxlength="15" value="' . $row[0] . '" />
		<br /><br />
		<textarea name="content" class="edit_content">' . $row[1] . '</textarea><br />
		<p>Last Edited By: ' . $row['2'] . '</p>
		<input type="submit" name="submit" value="Submit" />
		<input type="hidden" name="submitted" value="TRUE" />
		<input type="hidden" name="id" value="' . $id . '" />
	</form>';
} else { // not a valid page id./
echo '<h1> Page error</h1><p class="error"> Page accessed in error.</p><p><br /><br /></p>';
}

require('http://' . $_SERVER['HTTP_HOST'] . '/includes/footer.php');

} else { //end the admin checking, if the are not an admin, the script below forwards them to the login page.
		// Start defining the URL.
		$url = 'http://' . $_SERVER['HTTP_HOST'];
		// Check for a trailing slash.
		if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
			$url = substr ($url, 0, -1); // Chop off the slash.
		}
		// Add the page.
		$url .= '/index.php';

		header("Location: $url");
		exit(); // Quit the script.

}
?>

 

header.php

<?php

ob_start();

session_name('iarp');
session_start();
require ('session.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<meta name="generator" content="EditPlus" />
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />

<?php echo $header; ?>

<script type="text/javascript" src="<?php echo "http://" . $_SERVER['HTTP_HOST']; ?>/includes/link.js"></script>
<script type="text/javascript" src="<?php echo "http://" . $_SERVER['HTTP_HOST']; ?>/includes/external.js"></script>
<script type="text/javascript" src="<?php echo "http://" . $_SERVER['HTTP_HOST']; ?>/includes/lytebox.js"></script>

<link rel="stylesheet" href="<?php echo "http://" . $_SERVER['HTTP_HOST']; ?>/includes/lytebox.css" type="text/css" media="screen" />
<link rel="stylesheet" href="<?php echo "http://" . $_SERVER['HTTP_HOST']; ?>/includes/style.css" type="text/css" />

</head>
<body>
<script type="text/javascript" src="<?php echo "http://" . $_SERVER['HTTP_HOST']; ?>/includes/vaildate.js"></script>

<div id="container">
<div id="header">
		<h1><a name="top"></a><img src="<?php echo "http://" . $_SERVER['HTTP_HOST']; ?>/images/home.gif" alt="" /></h1>
	<div id="navigation">
		<ul>
			<li><a href="/" title="To The Bridge Captain">Home</a></li>
			<li><a href="/?id=networking" title="Networking Solutions">Networking</a></li>
			<li><a href="/?id=projects" title="Current projects">Projects</a></li>
			<li><a href="/?id=solutions" title="Tech Solution's"> Solutions </a></li>
			<!-- 
			<li><a href="/?id=events" title="Event's going on... if any at all">Events</a></li>
			-->
			<li><a href="/?id=contact" title="To reach us">Contact Us</a></li>
			<li><a href="/blog/" title="My Blog">Blog</a></li>
			<?php if (isset($_SESSION['user_id'])) { echo '<li><a href="/?action=logout" title="Log Me Out">Logout</a></li>';} else { echo '<li><a href="/?id=login" title="Log Me In">Login</a></li>';} ?>
		</ul>
	</div>

</div>
<div id="content">

 

 

P.S:

I used this script for the longest time to redirect someone

			$url = 'http://' . $_SERVER['HTTP_HOST'];

		if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
			$url = substr ($url, 0, -1); // Chop off the slash.
		}

		$url .= '/index.php';

		header("Location: $url");

 

I'm now in FF3 and it no longer redirects... it just stays on the page showing nothing. What's changed?

br0ken Member

br0ken

Posted
Posted

If your redirect script doesn't work you need to comment out the header line and just echo the output to the screen to see what URL you're actually trying to redirect to.

 

I'm not sure why your session doesn't work anymore! Again, I would try echoing the  "http://".$_SERVER['HTTP_HOST']."includes/header.php" out to the screen to see exactly what URL your're trying to include.

 

Also, turn on errors and tell us exactly what error messages you're getting.

 

error_reporting(E_ALL ^ E_NOTICE);

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

In a learning/development/debugging environment, E_NOTICE should not be excluded from error reporting and on a live server it should not be turned off either because it prevents logging of information that helps detect and track down hacking attempts (just use display_errors = off to prevent error output on a live server.)

 

I am guessing that your lines that are like -

 

require_once ('http://' . $_SERVER['HTTP_HOST'] . '/includes/header.php');

 

were something like -

 

require_once ('/includes/header.php');

 

The second version causes the content of the header.php file to be included into the source code of the file doing the including. The first version causes php to make a separate http request to your web server. This causes a separate instance/child process of the web server to parse header.php and any session that is started in header.php won't exist outside of header.php. Basically, all the php code in header.php won't have any affect outside of header.php.

 

What problem are you having that caused you to change the way you are requiring/including the files?

iarp Regular Member

iarp

Posted
  • Author
Posted

/index.php

/includes/ (contains header, footer, session... etc.)

/cp/

/cp/admin/

/cp/admin/edit_page.php

 

In this fashion, i can't use . .. and just plain / to get includes & requires from /includes/ from the page /cp/admin/edit_page.php. And the only way i could see to fix this was to put in the $_SERVER....... so that it would go back to the domain root www.iarp.ca.

 

http://".$_SERVER['HTTP_HOST']."/includes/header.php

 

That echo's out http://www.iarp.ca/includes/header.php

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.