Jump to content

$_SESSION problems


jfee1212

Recommended Posts

I have this code included in index.php (which is the only accessible file... it includes all of the other pages)

[code]<?php
session_start();

if(!$validation){
    die('You do not have the proper privileges to view this page');
}

$mysql_user = "XXXXX";
$mysql_password = "XXXXXX";
$mysql_server = "XXXXXX";
$mysql_db = "XXXXXX";

$connect = mysql_connect($mysql_server, $mysql_user, $mysql_password);

$select = mysql_select_db($mysql_db);

if($logout = true){
    
    $_SESSION['loginid'] = NULL;
}


if($_POST['login']){

    if($_POST['username'] && $_POST['password']){
        $username = stripslashes($_POST['username']);
        $password = stripslashes($_POST['password']);
        
        $userid = mysql_query("SELECT userid FROM users WHERE username='$username' AND password=PASSWORD('".$password."')");
        
        $valid = mysql_num_rows($userid);
        
        $login_userid = mysql_fetch_array($userid);
        if($valid==1){
            
            $userid = $userid[0];
            $_SESSION['loginid'] = $login_userid[0];
            
            
            
        }else{
            echo 'Incorrect login info';
        }
    
    }else{
        echo 'You did not fill in the fields';
    }
}




if(isset($_SESSION['loginid'])){
    $user_loginid = $_SESSION['loginid'];

    $login_get_realname = mysql_query("SELECT realname FROM users WHERE userid='$user_loginid'");
    $login_get_username = mysql_query("SELECT username FROM users WHERE userid='$user_loginid'");

    $user_realname = mysql_fetch_array($login_get_realname);
    $user_username = mysql_fetch_array($login_get_username);

    $user_realname = $user_realname[0];
    $user_username = $user_username[0];
    
        
    $user_logged_in = true;
    
    
    }

$home = "users";



?>[/code]

I use $user_logged_in on other pages to verify that the session is there and validated, however when i echo $_SESSION['loginid'] it returns null.

When you first log on, the "Welcome..." iinfo is displayed properly, but when you click on a link it loses the logged in status.

The link is [a href=\"http://www.jafsitedesign.com/collegeartstore\" target=\"_blank\"]http://www.jafsitedesign.com/collegeartstore[/a]

Thanks a bunch
Link to comment
Share on other sites

the problem is with :

[code]

if($logout = true){
    
    $_SESSION['loginid'] = NULL;
}
[/code]

you are setting $logout to true instead of comparing and therefore making the if statement true and setting $_SESSION['loginid'] = NULL... Did you mean to say:

[code]
if($logout == "true"){
    
    $_SESSION['loginid'] = NULL;
}
[/code]

[!--quoteo(post=387271:date=Jun 23 2006, 01:45 PM:name=jfee1212)--][div class=\'quotetop\']QUOTE(jfee1212 @ Jun 23 2006, 01:45 PM) [snapback]387271[/snapback][/div][div class=\'quotemain\'][!--quotec--]
I have this code included in index.php (which is the only accessible file... it includes all of the other pages)

[code]<?php
session_start();

if(!$validation){
    die('You do not have the proper privileges to view this page');
}

$mysql_user = "XXXXX";
$mysql_password = "XXXXXX";
$mysql_server = "XXXXXX";
$mysql_db = "XXXXXX";

$connect = mysql_connect($mysql_server, $mysql_user, $mysql_password);

$select = mysql_select_db($mysql_db);

if($logout = true){
    
    $_SESSION['loginid'] = NULL;
}
if($_POST['login']){

    if($_POST['username'] && $_POST['password']){
        $username = stripslashes($_POST['username']);
        $password = stripslashes($_POST['password']);
        
        $userid = mysql_query("SELECT userid FROM users WHERE username='$username' AND password=PASSWORD('".$password."')");
        
        $valid = mysql_num_rows($userid);
        
        $login_userid = mysql_fetch_array($userid);
        if($valid==1){
            
            $userid = $userid[0];
            $_SESSION['loginid'] = $login_userid[0];
            


            
            
        }else{
            echo 'Incorrect login info';
        }
    
    }else{
        echo 'You did not fill in the fields';
    }
}
if(isset($_SESSION['loginid'])){
    $user_loginid = $_SESSION['loginid'];

    $login_get_realname = mysql_query("SELECT realname FROM users WHERE userid='$user_loginid'");
    $login_get_username = mysql_query("SELECT username FROM users WHERE userid='$user_loginid'");

    $user_realname = mysql_fetch_array($login_get_realname);
    $user_username = mysql_fetch_array($login_get_username);

    $user_realname = $user_realname[0];
    $user_username = $user_username[0];
    
        
    $user_logged_in = true;
    
    
    }

$home = "users";
?>[/code]

I use $user_logged_in on other pages to verify that the session is there and validated, however when i echo $_SESSION['loginid'] it returns null.

When you first log on, the "Welcome..." iinfo is displayed properly, but when you click on a link it loses the logged in status.

The link is [a href=\"http://www.jafsitedesign.com/collegeartstore\" target=\"_blank\"]http://www.jafsitedesign.com/collegeartstore[/a]

Thanks a bunch
[/quote]
Link to comment
Share on other sites

It seems you are storing your "logged in" status variables locally and not writing to your database. If you want to maintain the "logged in" status while exploring different links within your site you will need to store that "logged in" variable in your database and not locally to your index.php

Cheers!
Link to comment
Share on other sites

@jworisek... THANK YOU SO MUCH

Its one of those things that you look back at and think "Man was I stupid".

@fractill... I believe you are referring to saving the login for a different session. withh the $_SESSION variable, it is stored locally to the server and is retrieved based upon the PHPSESSID cookie.
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.