Jump to content

Preserve Session variables

millercj

By millercj
in PHP Coding Help

 Share

Recommended Posts

millercj Member

millercj

Posted
Posted

I have a log in script which sets session variables. Once admitted, the user can click a link that opens a page in a new window...the session variables are not present in the new window and it kicks them from the system. Is there a way to preserve session variables to make this work?

 

This is my validation as of now:

<?php
session_start();
if (isset($_COOKIE["tunk_portal"]))
{ 
if($_COOKIE['tunk_portal']==$_SESSION['cookieverify'])
{
	if($_SESSION['loggedin'] == TRUE)
	{
		print '';		
	}
	else{header("Location:../index.php?sto");}//not logged in

}
else{header("Location:../index.php?sto");}//validationfailed
  
}
else{header("Location:../index.php?ce");} //nocookies 
?>

Link to comment
https://forums.phpfreaks.com/topic/116679-preserve-session-variables/
Share on other sites
millercj Member

millercj

Posted
  • Author
Posted

putting that in there made it work but, however created another problem. All of my responses on the client side (ex. Wrong un/pw, server errors, etc) are communicated by javascript with this code

 

function verify(){
var loco=location.href;
if(loco=="http://recorded-live.com/fitness/index.php?iunp")
{document.getElementById('error').innerHTML = "Invalid Username or Password";}

if(loco=="http://recorded-live.com/fitness/index.php?se")
{document.getElementById('error').innerHTML = "Internal Server Error";}

if(loco=="http://recorded-live.com/fitness/index.php?fns")
{document.getElementById('error').innerHTML = "Script failure - Contact Support";}

if(loco=="http://recorded-live.com/fitness/index.php?lo")
{document.getElementById('error').innerHTML = "You have been logged out";}

if(loco=="http://recorded-live.com/fitness/index.php?sto")
{document.getElementById('error').innerHTML = "Your credentials cannot be validated";}

if(loco=="http://recorded-live.com/fitness/index.php?ce")
{document.getElementById('error').innerHTML = "Your credentials cannot be validated";}

}

 

 

at 

<body onload="verify();">

 

 

adding 

<?php
session_start();
?>

 

has now suppressed that reporting...any ideas?

millercj Member

millercj

Posted
  • Author
Posted

Ok, here's the whole thing...index.php is the login page...action_login.php is the login script

 

 

index.php

<?php
session_start();
?> 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>TASD - Physical Fitness Database</title>
<link rel="stylesheet" type="text/css" href="http://recorded-live.com/fitness/main.css" />
<!--[if IE]>
<link rel="stylesheet" type="text/css" href="http://recorded-live.com/fitness/mainIE.css" />
<![endif]-->
<!--[if IE 6]>
<link rel="stylesheet" type="text/css" href="http://recorded-live.com/fitness/main6.css" />
<![endif]-->

<script type="text/javascript" src="scripts/char.js"></script>
</head>
<body onload="verify();">
   <div id="headbanner">
        <div id="flag">
        	<img class="title" src="images/title.png" alt="Tunkhannock Area Schools" />
            <p>National Fitness Testing Database</p>
            <div id="menuhouse">
            </div><!--menuhouse-->
	</div><!--flag-->
    </div><!--headbanner-->
<div id="wrapperlog"><div id="error"></div>
<form action="powerscripts/action_login.php" method="post" class="formation">
  <label for "UN">Username<input type="text" id="UN" name="UN" onkeydown="valid(this,'special');" onblur="valid(this,'special');" /></label>
  <label for "PW">Password<input type="password" id="PW" name="PW" /></label>
  <button type="submit" name="submit" value="submit">Login</button>
</form>
    </div><!--wrapper-->
    <div id="warning">You are using a browser which is not supported.<br/>Please use IE 7+ or Firefox.</div>
</body>
</html>

 

 

char.js

function verify(){
var loco=location.href;
if(loco=="http://recorded-live.com/fitness/index.php?iunp")
{document.getElementById('error').innerHTML = "Invalid Username or Password";}

if(loco=="http://recorded-live.com/fitness/index.php?se")
{document.getElementById('error').innerHTML = "Internal Server Error";}

if(loco=="http://recorded-live.com/fitness/index.php?fns")
{document.getElementById('error').innerHTML = "Script failure - Contact Support";}

if(loco=="http://recorded-live.com/fitness/index.php?lo")
{document.getElementById('error').innerHTML = "You have been logged out";}

if(loco=="http://recorded-live.com/fitness/index.php?sto")
{document.getElementById('error').innerHTML = "Your credentials cannot be validated";}

if(loco=="http://recorded-live.com/fitness/index.php?ce")
{document.getElementById('error').innerHTML = "Your credentials cannot be validated";}

}

 

action_login.php

<?php
require_once "../scripts/connect.php";
session_start();

if (isset ($_POST['submit']))
{
if (preg_match("/[^0-9a-z\_]/i", $_POST['UN']))
{
	echo "Illegal Characters In Username";
}
else
{
		$username = $_POST['UN'];
		$password = md5 ($_POST['PW']);

		$sql = "SELECT * FROM users WHERE username='$username' AND password='$password'";
		if ($r = mysql_query ($sql)) 
		{
			$row = mysql_fetch_array ($r);
			$num = mysql_num_rows ($r);
			if ($num > 0)
			{
				$_SESSION['users_id'] = $row['users_id'];
				$_SESSION['username'] = $row['username'];
				$_SESSION['loggedin'] = TRUE;
				$cookiename = 'tunk_portal';
				$cookievalue=rand(100000,999999);
				$_SESSION['cookieverify'] = $cookievalue;
				setcookie($cookiename,$cookievalue,time()+3600,"/");
				$today=date(r);
				mysql_query("UPDATE users SET login = '$today' WHERE username = '$username'") or die (mysql_error());
				header("Location:../active.php");
				exit;			
			}
			else{
						header("Location:../index.php?iunp");
				}
		}
		else{header("Location:../index.php?se");}

}

}
else{header("Location:../index.php?fns");}

?>

Lodius2000 Advanced Member

Lodius2000

Posted
Posted

im not too good with js but looking at this i dont see why it wouldnt work

 

i can say that

session_start() does have to be at the top of index.php, like we found out, it wont work at all without that there, but why that is not letting the js work is beyond me

 

seems funny to me but try

 

<?php
session_start();

print '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">';
print '<html xmlns="http://www.w3.org/1999/xhtml">';
print '<head>';
print '<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />';
print '<title>TASD - Physical Fitness Database</title>';
print '<link rel="stylesheet" type="text/css" href="http://recorded-live.com/fitness/main.css" />';
print '<!--[if IE]>';
print '<link rel="stylesheet" type="text/css" href="http://recorded-live.com/fitness/mainIE.css" />';
print '<![endif]-->';
print '<!--[if IE 6]>';
print '<link rel="stylesheet" type="text/css" href="http://recorded-live.com/fitness/main6.css" />';
print '<![endif]-->';

print '<script type="text/javascript" src="scripts/char.js"></script>';
print '</head>';
?>

 

i know, ugly

 

i really dont think that will make a differnce but its the only thing i can think of before i hit a wall on this one

 

and if that does work, i couldnt tell you why

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.