$_SESSION problems

[jfee1212]

I have this code included in index.php (which is the only accessible file... it includes all of the other pages)

[code]<?php
session_start();

if(!$validation){
    die('You do not have the proper privileges to view this page');
}

$mysql_user = "XXXXX";
$mysql_password = "XXXXXX";
$mysql_server = "XXXXXX";
$mysql_db = "XXXXXX";

$connect = mysql_connect($mysql_server, $mysql_user, $mysql_password);

$select = mysql_select_db($mysql_db);

if($logout = true){
    
    $_SESSION['loginid'] = NULL;
}


if($_POST['login']){

    if($_POST['username'] && $_POST['password']){
        $username = stripslashes($_POST['username']);
        $password = stripslashes($_POST['password']);
        
        $userid = mysql_query("SELECT userid FROM users WHERE username='$username' AND password=PASSWORD('".$password."')");
        
        $valid = mysql_num_rows($userid);
        
        $login_userid = mysql_fetch_array($userid);
        if($valid==1){
            
            $userid = $userid[0];
            $_SESSION['loginid'] = $login_userid[0];
            
            
            
        }else{
            echo 'Incorrect login info';
        }
    
    }else{
        echo 'You did not fill in the fields';
    }
}




if(isset($_SESSION['loginid'])){
    $user_loginid = $_SESSION['loginid'];

    $login_get_realname = mysql_query("SELECT realname FROM users WHERE userid='$user_loginid'");
    $login_get_username = mysql_query("SELECT username FROM users WHERE userid='$user_loginid'");

    $user_realname = mysql_fetch_array($login_get_realname);
    $user_username = mysql_fetch_array($login_get_username);

    $user_realname = $user_realname[0];
    $user_username = $user_username[0];
    
        
    $user_logged_in = true;
    
    
    }

$home = "users";



?>[/code]

I use $user_logged_in on other pages to verify that the session is there and validated, however when i echo $_SESSION['loginid'] it returns null.

When you first log on, the "Welcome..." iinfo is displayed properly, but when you click on a link it loses the logged in status.

The link is [a href=\"http://www.jafsitedesign.com/collegeartstore\" target=\"_blank\"]http://www.jafsitedesign.com/collegeartstore[/a]

Thanks a bunch

[jworisek]

the problem is with :

[code]

if($logout = true){
    
    $_SESSION['loginid'] = NULL;
}
[/code]

you are setting $logout to true instead of comparing and therefore making the if statement true and setting $_SESSION['loginid'] = NULL... Did you mean to say:

[code]
if($logout == "true"){
    
    $_SESSION['loginid'] = NULL;
}
[/code]

[!--quoteo(post=387271:date=Jun 23 2006, 01:45 PM:name=jfee1212)--][div class=\'quotetop\']QUOTE(jfee1212 @ Jun 23 2006, 01:45 PM) [snapback]387271[/snapback][/div][div class=\'quotemain\'][!--quotec--]
I have this code included in index.php (which is the only accessible file... it includes all of the other pages)

[code]<?php
session_start();

if(!$validation){
    die('You do not have the proper privileges to view this page');
}

$mysql_user = "XXXXX";
$mysql_password = "XXXXXX";
$mysql_server = "XXXXXX";
$mysql_db = "XXXXXX";

$connect = mysql_connect($mysql_server, $mysql_user, $mysql_password);

$select = mysql_select_db($mysql_db);

if($logout = true){
    
    $_SESSION['loginid'] = NULL;
}
if($_POST['login']){

    if($_POST['username'] && $_POST['password']){
        $username = stripslashes($_POST['username']);
        $password = stripslashes($_POST['password']);
        
        $userid = mysql_query("SELECT userid FROM users WHERE username='$username' AND password=PASSWORD('".$password."')");
        
        $valid = mysql_num_rows($userid);
        
        $login_userid = mysql_fetch_array($userid);
        if($valid==1){
            
            $userid = $userid[0];
            $_SESSION['loginid'] = $login_userid[0];
            


            
            
        }else{
            echo 'Incorrect login info';
        }
    
    }else{
        echo 'You did not fill in the fields';
    }
}
if(isset($_SESSION['loginid'])){
    $user_loginid = $_SESSION['loginid'];

    $login_get_realname = mysql_query("SELECT realname FROM users WHERE userid='$user_loginid'");
    $login_get_username = mysql_query("SELECT username FROM users WHERE userid='$user_loginid'");

    $user_realname = mysql_fetch_array($login_get_realname);
    $user_username = mysql_fetch_array($login_get_username);

    $user_realname = $user_realname[0];
    $user_username = $user_username[0];
    
        
    $user_logged_in = true;
    
    
    }

$home = "users";
?>[/code]

I use $user_logged_in on other pages to verify that the session is there and validated, however when i echo $_SESSION['loginid'] it returns null.

When you first log on, the "Welcome..." iinfo is displayed properly, but when you click on a link it loses the logged in status.

The link is [a href=\"http://www.jafsitedesign.com/collegeartstore\" target=\"_blank\"]http://www.jafsitedesign.com/collegeartstore[/a]

Thanks a bunch
[/quote]

[fractil]

It seems you are storing your "logged in" status variables locally and not writing to your database. If you want to maintain the "logged in" status while exploring different links within your site you will need to store that "logged in" variable in your database and not locally to your index.php

Cheers!

[jfee1212]

@jworisek... THANK YOU SO MUCH

Its one of those things that you look back at and think "Man was I stupid".

@fractill... I believe you are referring to saving the login for a different session. withh the $_SESSION variable, it is stored locally to the server and is retrieved based upon the PHPSESSID cookie.