sergej11 Posted July 1, 2008 Share Posted July 1, 2008 Hi, Everything work fine, but my site has been hacked and I restore all content from backup, but I didn’t backup my php.ini and .htaccess files and ask my hosting support to upload default files, because I didn’t make any changes in it. After that, my sessions don’t work properly For example: TEST_page1.php ==================================================== <?php session_start(); ini_set('display_errors',1); error_reporting(E_ALL); ?> <html> <body> <form name="1" action="includes/TEST_page.inc.php" method="POST"> <input type="text" name="username" id="username"><br> <input type="text" name="password" id="password"><br> <input type="hidden" name="startpage" id="startpage" value="index"> <input type="submit" name="submit" value="submit"> </form> <? if (isset($_REQUEST['error'])) echo $_REQUEST['error']; ?> </body> </html> ==================================================== includes/TEST_page.inc.php ==================================================== <?php session_start(); if ($_REQUEST['username'] && $_REQUEST['username'] != "" && $_REQUEST['password'] && $_REQUEST['password'] != ""){ $_SESSION['username'] = $_REQUEST['username']; $_SESSION['password'] = $_REQUEST['password']; $_SESSION['startpage'] = $_REQUEST['startpage']; header("location:../TEST_page2.php"); exit(); } else{ header("location:../TEST_page1.php?error=empty"); exit(); } ==================================================== TEST_page2.php ==================================================== <?php session_start(); ini_set('display_errors',1); error_reporting(E_ALL); if (isset($_SESSION['username']) || isset($_SESSION['password']) || isset($_SESSION['startpage'])) echo $_SESSION['username']."<br>".$_SESSION['password']."<br>".$_SESSION['startpage']; else echo "No Session variables."; ?> ==================================================== PHP Version 4.4.8 register_globals = Off I think, that the problem in php.ini or .htaccess files, but don’t know where exactly, because this code work fine before hack and on the my other hosting to. Could anyone help me with this? Sorry for bad english, Thanks Link to comment https://forums.phpfreaks.com/topic/112731-lost-session-variables-after-submit-form/ Share on other sites More sharing options...
dannyb785 Posted July 1, 2008 Share Posted July 1, 2008 are you losing them only after a submit? Or is it never saving them to begin with? I'd say do a little test and see if they're staying through each page, and not just being lost on the submit page Link to comment https://forums.phpfreaks.com/topic/112731-lost-session-variables-after-submit-form/#findComment-578918 Share on other sites More sharing options...
sergej11 Posted July 1, 2008 Author Share Posted July 1, 2008 TEST_page3.php ========================================== <?php session_start(); ini_set('display_errors',1); error_reporting(E_ALL); $username = "john1212"; $password = "pass1234"; $startpage = "index"; $_SESSION['username'] = $username; $_SESSION['password'] = $password; $_SESSION['startpage'] = $startpage; header("location:../TEST_page2.php"); exit(); ?> ========================================== If I load this page - everything is fine - all session vars are displayed. and one more thing - register_globals = Off , but ini_get('register_globals') - return nothing. Link to comment https://forums.phpfreaks.com/topic/112731-lost-session-variables-after-submit-form/#findComment-578923 Share on other sites More sharing options...
dannyb785 Posted July 1, 2008 Share Posted July 1, 2008 What's testpage.inc.php? If it is outputting anything, then that's why... session_start() needs to be executed before any output is made. And your headers won't work either. Link to comment https://forums.phpfreaks.com/topic/112731-lost-session-variables-after-submit-form/#findComment-578936 Share on other sites More sharing options...
sergej11 Posted July 1, 2008 Author Share Posted July 1, 2008 includes/TEST_page.inc.php - didn't output nothing, just process POST info from TEST_page1.php Link to comment https://forums.phpfreaks.com/topic/112731-lost-session-variables-after-submit-form/#findComment-578947 Share on other sites More sharing options...
dannyb785 Posted July 1, 2008 Share Posted July 1, 2008 can you show us its code? Link to comment https://forums.phpfreaks.com/topic/112731-lost-session-variables-after-submit-form/#findComment-578950 Share on other sites More sharing options...
sergej11 Posted July 1, 2008 Author Share Posted July 1, 2008 yes, it is in my original post, between TEST_page1.php and TEST_page2.php Link to comment https://forums.phpfreaks.com/topic/112731-lost-session-variables-after-submit-form/#findComment-578956 Share on other sites More sharing options...
dannyb785 Posted July 1, 2008 Share Posted July 1, 2008 oh lol oops. I was confused by the way your post was setup. I need to reread Link to comment https://forums.phpfreaks.com/topic/112731-lost-session-variables-after-submit-form/#findComment-578971 Share on other sites More sharing options...
sergej11 Posted July 1, 2008 Author Share Posted July 1, 2008 there is one more thing: if I put TEST_page3.php in the same folder with TEST_page1 and TEST_page2 and header("location:TEST_page2.php"); then - everything is fine, session var doesn't lost but if I put TEST_page3.php in the /includes/ folder and header("location:../TEST_page2.php"); then vars get lost, even if header("location:http://www.domain.com/TEST_page2.php"); Link to comment https://forums.phpfreaks.com/topic/112731-lost-session-variables-after-submit-form/#findComment-578989 Share on other sites More sharing options...
sergej11 Posted July 1, 2008 Author Share Posted July 1, 2008 here is my .htaccess file, may be something wrong here? =================================================== # -FrontPage- IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti* <Limit GET POST> #The next line modified by DenyIP order allow,deny #The next line modified by DenyIP #deny from all allow from all </Limit> <Limit PUT DELETE> order deny,allow deny from all </Limit> AuthName domain.com AuthUserFile /home2/user/public_html/_vti_pvt/service.pwd AuthGroupFile /home2/user/public_html/_vti_pvt/service.grp <Files 403.shtml> order allow,deny allow from all </Files> deny from 62.146.91.0/24 deny from 67.202.31.0/24 Link to comment https://forums.phpfreaks.com/topic/112731-lost-session-variables-after-submit-form/#findComment-578996 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.