Jump to content

Session help

dropfaith

By dropfaith
in PHP Coding Help

 Share

Recommended Posts

dropfaith Advanced Member

dropfaith

Posted
Posted

http://www.lawrenceguide.org/user/index.php is the site im working on you can login with

username: admin

password: twisted

 

once logged in try to add an article or something and you will see the issue as it displays the login form and the form to add an article the only way to solve this issue is logging out then back into the site then i dont have any issues..

 

any idea on what this could be?

 

id post code but its like a 17 page complete member system with user profiles so it would be way to much code to read through i just want ideas on what could be causing this

Link to comment
https://forums.phpfreaks.com/topic/125590-session-help/
Share on other sites
dropfaith Advanced Member

dropfaith

Posted
  • Author
Posted

index.php

<html>
<head>	
<style>
td {border:1px solid #000}
td.editdel {width:90px}
td.titled {width:400px}
</style>	
	<?php include("../template/meta.html"); ?>	
</head>
<body>
	<div class="contain">
<!-- start Header -->	
		<div class="header"></div>
<!-- End Header Start TopNav -->

		<div id="listmenu">
			<?php include("../template/topnav.html"); ?>
		</div>
		<div class="clear"></div>
<!-- End Top Nav Start left Side Nav -->	

		<div class="nav" style="border:none !important;>
<?php 

require_once "header.php"; 
//content
include "login.php";
// more content


?>

		</div>
<!-- End left Side Nav Start Ad Content Right Side-->	

		<div class="ad">
			<?php include("../template/ads.html"); ?>
		</div>		
<!--End Ad Right Side Start Center Main Conent -->
		<div class="content">

<table>



<?php
    $u = $_SESSION['username'];
    $uid = $_SESSION['loginid'];

$query = "SELECT * FROM story WHERE loginid = '$uid'";
$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
// if records present
if (mysql_num_rows($result) > 0)
{
// iterate through resultset
// print article titles
while($row = mysql_fetch_object($result))
{
?><caption>Storys</caption>
<tr>
<td class="titled"><? echo $row->Title; ?></td>
<td class="editdel"><a href="delete.php?Id=<? echo $row->Id; ?>">Delete</a></td>
</tr>
<?
}
}
// if no records present
// display message
else
{
?>

<?
}
// close database connection
mysql_close($connection);
?>


</table>


<table>



<?php
include("header.php");
    $u = $_SESSION['username'];
    $uid = $_SESSION['loginid'];

$query = "SELECT * FROM Events WHERE loginid = '$uid'";
$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
// if records present
if (mysql_num_rows($result) > 0)
{
// iterate through resultset
// print article titles
while($row = mysql_fetch_object($result))
{
?><caption>Events</caption>
<tr>
<td class="titled"><? echo $row->Title; ?></td>

<td class="editdel"><a href="deleteevent.php?Id=<? echo $row->Id; ?>">Delete</a></td>
</tr>
<?
}
}
// if no records present
// display message
else
{
?>

<?
}
// close database connection
mysql_close($connection);
?>


</table>

login.php

<?php
if (!isLoggedIn())
{
    // user is not logged in.
    if (isset($_POST['cmdlogin']))
    {
        // retrieve the username and password sent from login form & check the login.
        if (checkLogin($_POST['username'], $_POST['password']))
        {
            show_userbox();
        } else
        {
            echo "Incorrect Login information !";
            show_loginform();
        }
    } else
    {
        // User is not logged in and has not pressed the login button
        // so we show him the loginform
        show_loginform();
    }

} else
{
    // The user is already loggedin, so we show the userbox.
    show_userbox();
}
?>

then all the login form is in this file called display functions

<?php

#### Display Functions ####

function show_userbox()
{
    // retrieve the session information
    $u = $_SESSION['username'];
    $uid = $_SESSION['loginid'];
    // display the user box
    echo "<div id='userbox'>
  


<ul>
                <li><a href='./changepassword.php'>Change Password</a></li>
                <li><a href='./addstory.php'>Add Story</a></li>
                <li><a href='./addevent.php'>Add Event</a></li>
                <li><a href='./addride.php'>Add Ride</a></li>
                <li><a href='./addservice.php'>Add Service</a></li>
                <li><a href='./addlink.php'>Add Link</a></li>
	<li><a href=\"#\" class=\"button\" onclick=\"javascript:showElement('v-menu')\">Business Index</a>
		<ul id=\"v-menu\" class=\"v-menu\" style=\"display:none;\">
			<li><a href=\"addrestaurant.php\"> Add Restaurant </a></li>

		</ul>
	</li>

                <li><a href='./logout.php'>Logout</a></li>

            </ul>
         </div>";
}

function show_changepassword_form(){
   
echo '<form action="./changepassword.php" method="post">
  <fieldset>
  <legend>Change Password</legend>
  <input type="hidden" value="'.$_SESSION['username'].'" name="username">
<table style="width:400px">
<tr>
<td>
      <label style="width:175px;text-align:left;" for="oldpassword">Current Password:</label>
</td>
<td>
   
      <input name="oldpassword" type="password" id="oldpassword" maxlength="15">
</td>
</tr>
<tr>
<td>
      <label style="width:175px;text-align:left;"for="password">New Password:</label>
</td>
<td>
      <input name="password" type="password" id="password" maxlength="15">
  </td>
</tr>
<tr>
<td>
      <label style="width:175px;text-align:left;"for="password2">Re-type new password:</label>
  </td>
<td>
      <input name="password2" type="password" id="password2" maxlength="15">
    </td></tr>
<tr>
<td colspan="2">
  
    <input name="reset" type="reset" value="Reset">
    <input name="change" type="submit" value="Reset Password">
  </td></tr></table>
  </fieldset>
</form>
';
}

function show_loginform($disabled = false)
{

    echo '<form name="login-form" id="login-form" method="post" action="./index.php">
  <fieldset>
  <legend>Please login</legend>
  <dl>
    <dt><label title="Username">Username: </label></dt>
    <dd><input tabindex="1" accesskey="u" name="username" type="text" maxlength="30" id="username" /></dd>
  </dl>
  
    <dt><label title="Password">Password: </label></dt>
    <dd><input tabindex="2" accesskey="p" name="password" type="password" maxlength="15" id="password" /></dd>
  </dl>
  <ul>
    <li><a href="./register.php" title="Register">Register</a></li>
    <li><a href="./lostpassword.php" title="Lost Password">Lost password?</a></li>
  </ul>
  <p><input tabindex="3" accesskey="l" type="submit" name="cmdlogin" value="Login" ';
    if ($disabled == true)
    {
        echo 'disabled="disabled"';
    }
    echo ' /></p></fieldset></form>';


}

function show_lostpassword_form(){
   
    echo '<form action="./lostpassword.php" method="post">
    <fieldset><legend>Reset Password</legend>
  
    <dt><label for="username">Username:</label></dt>
    <dd><input name="username" type="text" id="username" maxlength="30">
    </dd>
  </dl>
   
    <dt><label for="email">email:</label></dt>
    <dd><input name="email" type="text" id="email" maxlength="255">
    </dd>
  </dl>
  <p>
    <input name="reset" type="reset" value="Reset">
    <input name="lostpass" type="submit" value="Reset Password">
  </p>
  </fieldset>
</form>';
   
}

function show_registration_form(){
   
    echo '<form action="./register.php" method="post">
    <fieldset><legend>Register</legend>

<table>
<tr>
	<td>
    			<label for="username">Username:</label>
	</td>
    		<td>
		<input name="username" type="text" id="username" maxlength="30">
    		</td>
</tr>
        <tr>
	<td>
		<label for="password">Password:</label>
   		</td>
	<td>
		 <input name="password" type="password" id="password" maxlength="15">
     		</td>
</tr>
        <tr>
	<td>
		<label for="password2"> Repeat Password:</label>
   		</td>
	<td>
		<input name="password2" type="password" id="password2" maxlength="15">
    		</td>
</tr>
<tr>



	<td>
    			<label for="email">email:</label>
	</td>	
	<td>
    			<input name="email" type="text" id="email" maxlength="255">
    		</td>
</tr>
<tr>
	<td colspan="2">
    <input name="reset" type="reset" value="Reset">
    <input name="register" type="submit" value="Register">
  </td></tr></table>
  </fieldset>
</form>';
   
}
?>

 

 

this code below is one of the random forms to add a story

 

<html>
<head>	<SCRIPT TYPE="text/javascript">
<!--
function popup(mylink, windowname)
{
if (! window.focus)return true;
var href;
if (typeof(mylink) == 'string')
   href=mylink;
else
   href=mylink.href;
window.open(href, windowname, 'width=400,height=500,scrollbars=yes');
return false;
}
//-->
</SCRIPT>


	<?php include("../template/meta.html"); ?>	
</head>
<body>
	<div class="contain">
<!-- start Header -->	
		<div class="header"></div>
<!-- End Header Start TopNav -->

		<div id="listmenu">
			<?php include("../template/topnav.html"); ?>
		</div>
		<div class="clear"></div>
<!-- End Top Nav Start left Side Nav -->	

		<div class="nav">

			<?php 

require_once "header.php"; 
//content
include "login.php";
// more content


?>
		</div>
<!-- End left Side Nav Start Ad Conent Right Side-->	

		<div class="ad">
			<?php include("../template/ads.html"); ?>
		</div>		
<!--End Ad Right Side Start Center Main Conent -->
		<div class="content">






<!-- page header - snip -->



<?

// form not yet submitted

// display initial form

if (!isset($_POST['submit']))

{

?>


			<fieldset>
				<legend>Add Story</legend>
				<form action="<? echo $_SERVER['PHP_SELF']; ?>" method="POST">	

<?php
    $u = $_SESSION['username'];
    $uid = $_SESSION['loginid'];

$query = "SELECT * FROM login WHERE loginid = '$uid'";
$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
// if records present
if (mysql_num_rows($result) > 0)
{
// iterate through resultset
// print article titles
while($row = mysql_fetch_object($result))
{
?>
<input type=hidden name="Author" value="<? echo $row->username; ?>">
<input type=hidden name="loginid" value="<? echo $row->loginid; ?>">
<?
}
}
// if no records present
// display message
else
{
?>

<?
}
// close database connection
mysql_close($connection);
?>

						<p>
							<label>Title</label>
							<input type=text name="Title" size="28">
						</p>
<p><label>Genre</label>
<select name="Genre">
<?php


$query = "SELECT * FROM genre";
$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
// if records present
if (mysql_num_rows($result) > 0)
{
// iterate through resultset
// print article titles
while($row = mysql_fetch_object($result))
{
?>
<option value="<? echo $row->Genre; ?>"><? echo $row->Genre; ?>

<?
}
}
// if no records present
// display message
else
{
?>

<?
}
// close database connection
mysql_close($connection);
?></select><a style="font-weight:bold;" href="gpop.php" onClick="return popup(this, 'Events')" title="Opens in pop up">Add Type</a>


						<p>
							<label>Article</label></p>
<p>
							<textarea name="Article" cols="46" rows="15"></textarea>
						</p>

<input type="Submit" name="submit" value="Add">


				</form>
			</fieldset>

<?

}

else

{

   // includes

    include("../template/conf.php");

  



    // set up error list array

    $errorList = array();

    $count = 0;

    

    // validate text input fields
    $Title = mysql_escape_string($_POST['Title']);
    $Genre = mysql_escape_string($_POST['Genre']);

    $Article = str_replace("\n","<br />",$_POST['Article']);
    $Author = mysql_escape_string($_POST['Author']);
    $loginid  = mysql_escape_string($_POST['loginid']);


    


    

    // check for errors

    // if none found...

    if (sizeof($errorList) == 0)

    {

        // open database connection

        $connection = mysql_connect($host, $user, $pass) or die ("Unable to connect!");



        // select database

        mysql_select_db($db) or die ("Unable to select database!");



        // generate and execute query

        $query = "INSERT INTO story (Title, Genre, Article, Author, loginid) VALUES('$Title','$Genre','$Article','$Author','$loginid')";

        $result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());



        // print result

        echo "<font size=-1>Update successful.<a href=index.php>Go Home</a>.<br />
<a href=addstory.php>Add Another</font>";



        // close database connection

        mysql_close($connection);

    }

    else

    {

        // errors found

        // print as list

        echo "<font size=-1>The following errors were encountered: <br>";

        echo "<ul>";

        for ($x=0; $x<sizeof($errorList); $x++)

        {

            echo "<li>$errorList[$x]";

        }

        echo "</ul></font>";

    }

}

?>








		</div>
<!-- End Center Main Conent -->		
		<div class="clear"></div>	
<!-- footer -->
		<div class="footer">
				<?php include("../template/footer.html"); ?>
		</div>
<!--end footer --> 
	</div>
</body>
</html

 

Link to comment
https://forums.phpfreaks.com/topic/125590-session-help/#findComment-649346
Share on other sites
KevinM1 Advanced Member

KevinM1

Posted
Posted

You need to use session_start(). http://www.php.net/manual/en/function.session-start.php

 

Be sure to heed the first note from that linked page.  You must call session_start before ANY output is sent to the browser.  This includes any accidental whitespace.  So, for best results, session_start should be the first line of your script.

Link to comment
https://forums.phpfreaks.com/topic/125590-session-help/#findComment-649355
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.