Jump to content

Recommended Posts

My page I just made keeps logging me out after I refresh, but when I browse to another page I made, I do not get logged out. They are both base on the same code structure. Is there anything in my code below that would be the reason why I get logged out?

 

<?php
ob_start();
$path = "../../";
$title = "Change User Level";
$rank = "yes";
include ($path."main/include/cons/head.php");
if($session->logged_in){
  if($session->isAdmin()){
  
   $q = mysql_query("SELECT * FROM `users` ORDER BY `userlevel` DESC");
?>
<p class="header">Change User Level</p>
<p class="maintext">
<form id="us_lvl" name="us_lvl" method="post" action="">
  <table width="100%" border="0">
    <tr>
      <td width="7%">User List</td>
      <td width="13%"><label>
        <select name="user" id="user">
        <?php
	 while($row = mysql_fetch_array($q)){
	    $lvl = $row['userlevel'];
            $username = $row['username'];
   		    if ($lvl == ('9')){
	     $lvl = "Admin";
	    }else{
	     $lvl = "Member";
	    }
	 //$user_ is defined in head.php as logged in username.
	     if ($username !== ($user_)){
              echo '<option value="'.$username.'">'.$username.' ('.$lvl.')</option>';
	     }
         }
	?>
        </select>
      </label></td>
      <td width="14%"><label>
        <input type="radio" name="lvl" id="radio" value="9" checked>
      </label>
      Admin 
      <label>
      <input type="radio" name="lvl" id="radio2" value="1" />
      </label>
      Member</td>
      <td width="66%"><label>
        <input type="submit" name="ch_lvl" id="ch_lvl" value="Change Level" />
      </label></td>
    </tr>
  </table>
</form>
</p>
<?php
  }else{
  header('Location: '.$path.'index.php');
  }
}else{
header('Location: '.$path.'index.php');
}
include ($path."main/include/cons/foot.php");
?>

Link to comment
https://forums.phpfreaks.com/topic/114909-solved-session-destroy/
Share on other sites

it is in the include in head.php, that should not be the problem though, because one of my other pages that work fine, are structured like this one.

 

example:

<?php
ob_start();
$path = "../../";
$title = "Ban\UnBan Users";
$rank = "yes";
include ($path."main/include/cons/head.php");
if($session->logged_in){
  if($session->isAdmin()){

  $ban = mysql_query("SELECT `username` FROM `users` WHERE `ban` = '0' and `userlevel` = '1'");
  $un = mysql_query("SELECT `username` FROM `users` WHERE `ban` = '1'");
  if (isset($_POST['ban'])){
    if (isset($_POST['user'])){
  $user = $_POST['user'];
  mysql_query("UPDATE `users` SET `ban`='1' WHERE `username`='$user'")or die(mysql_error());
  $_SESSION['message'] = $user." has been banned";
  header('Location: ban_us.php');
}
  }
  if (isset($_POST['un_ban'])){
    if (isset($_POST['ban_user'])){
  $banuser = $_POST['ban_user'];
  mysql_query("UPDATE `users` SET `ban`='0' WHERE `username`='$banuser'")or die(mysql_error());
  $_SESSION['message'] = $banuser." has been unbanned";
  header('Location: ban_us.php');
}
  }
?>  
<p class="header">Ban\UnBan Users</p>
<p class="maintext">
<?php echo $_SESSION['message']; ?>
<br />
<form id="ban" name="ban" method="post" action="">
  <table width="100%" border="0">
    <tr>
      <td width="7%">UnBanned</td>
      <td width="13%"><label>
        <select name="user" id="user">
        <?php
	 while($row = mysql_fetch_array($ban)){
           echo '<option value="'.$row['username'].'">'.$row['username'].'</option>';
         }
	?>
        </select>
      </label></td>
      <td width="80%"><label>
        <input type="submit" name="ban" id="ban" value="Ban User" />
      </label></td>
    </tr>
  </table>
</form>
<br />

<form id="unban" name="unban" method="post" action="">
  <table width="100%" border="0">
    <tr>
      <td width="7%">Banned</td>
      <td width="13%"><label>
        <select name="ban_user" id="ban_user">
        <?php
	 while($row = mysql_fetch_array($un)){
           echo '<option value="'.$row['username'].'">'.$row['username'].'</option>';
         }
	?>
        </select>
      </label></td>
      <td width="80%"><label>
        <input type="submit" name="un_ban" id="un_ban" value="unBan User" />
      </label></td>
    </tr>
  </table>
</form>
</p>
<?php
  }else{
  header('Location: '.$path.'index.php');
  }
}else{
header('Location: '.$path.'index.php');
}
include ($path."main/include/cons/foot.php");
?>

 

This page works great

well I did var dump, and I get this:

 

  array(4) { ["url"]=>  &string(27) "/admin_area/usmg/us_lvl.php" ["message"]=>  &string(27) "sidspicer has been unbanned" ["username"]=>  &string(11) "JamesLittle" ["userid"]=>  &string(32) "1a96f86861577f8f2d4737df5dd0faee" }

 

everything looks to be intact

I am pretty sure
When it comes to programming, I am pretty sure is not close enough. You must be 100% sure by checking exactly if what you expect is occurring (computers only do what they are told by their programming.)

 

Are you debugging this on a system where php error_reporting is set to E_ALL and display_errors are set to On so that php will help you?

 

If it is only that single page that does not work, I suspect that you might be having a header problem and sessions are not actually starting, so when you refresh that page, a new session is attempted each time. Full php error reporting would tell you this. Another possibility is reusing a variable name (or register globals are on and they are overwriting a same name variable.)

 

Since your $session class is determining the logged in condition, it would take seeing that code for anyone to be able to help with why it might not be keeping you logged in.

lol I am sorry about my choice of words, when I say something like that, I am sure that they are all intact. Thank you for your response. I am not getting any errors.

 

Also it is not just when I refresh it is when I browse to any page that requires a login. I will look harder.

I believe I might have already suggested a reason why -

(or register globals are on and they are overwriting a same name variable.)

Are register_globals turned on? You are using a $username variable and have a session variable by that same name.

If your code was reusing $username, than changing one of the variable names is okay. However, if register_globals are on, I recommend turning them off. By having them on, you could be inadvertently creating code that only works because of register_globals and it will stop (requiring you to go back and fix it) on any server where register_globals have been properly turned off or under php6, where register_globals have been completely removed.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.