Jump to content


Photo

$_SESSION problems


  • Please log in to reply
3 replies to this topic

#1 jfee1212

jfee1212
  • Members
  • PipPip
  • Member
  • 14 posts

Posted 23 June 2006 - 06:45 PM

I have this code included in index.php (which is the only accessible file... it includes all of the other pages)

<?php
session_start();

if(!$validation){
    die('You do not have the proper privileges to view this page');
}

$mysql_user = "XXXXX";
$mysql_password = "XXXXXX";
$mysql_server = "XXXXXX";
$mysql_db = "XXXXXX";

$connect = mysql_connect($mysql_server, $mysql_user, $mysql_password);

$select = mysql_select_db($mysql_db);

if($logout = true){
    
    $_SESSION['loginid'] = NULL;
}


if($_POST['login']){

    if($_POST['username'] && $_POST['password']){
        $username = stripslashes($_POST['username']);
        $password = stripslashes($_POST['password']);
        
        $userid = mysql_query("SELECT userid FROM users WHERE username='$username' AND password=PASSWORD('".$password."')");
        
        $valid = mysql_num_rows($userid);
        
        $login_userid = mysql_fetch_array($userid);
        if($valid==1){
            
            $userid = $userid[0];
            $_SESSION['loginid'] = $login_userid[0];
            
            
            
        }else{
            echo 'Incorrect login info';
        }
    
    }else{ 
        echo 'You did not fill in the fields'; 
    }
}




if(isset($_SESSION['loginid'])){
    $user_loginid = $_SESSION['loginid'];

    $login_get_realname = mysql_query("SELECT realname FROM users WHERE userid='$user_loginid'");
    $login_get_username = mysql_query("SELECT username FROM users WHERE userid='$user_loginid'");

    $user_realname = mysql_fetch_array($login_get_realname);
    $user_username = mysql_fetch_array($login_get_username);

    $user_realname = $user_realname[0];
    $user_username = $user_username[0];
    
        
    $user_logged_in = true;
    
    
    }

$home = "users";



?>

I use $user_logged_in on other pages to verify that the session is there and validated, however when i echo $_SESSION['loginid'] it returns null.

When you first log on, the "Welcome..." iinfo is displayed properly, but when you click on a link it loses the logged in status.

The link is [a href=\"http://www.jafsitedesign.com/collegeartstore\" target=\"_blank\"]http://www.jafsitedesign.com/collegeartstore[/a]

Thanks a bunch

#2 jworisek

jworisek
  • Members
  • PipPipPip
  • Advanced Member
  • 112 posts

Posted 23 June 2006 - 06:55 PM

the problem is with :


if($logout = true){
    
    $_SESSION['loginid'] = NULL;
}

you are setting $logout to true instead of comparing and therefore making the if statement true and setting $_SESSION['loginid'] = NULL... Did you mean to say:

if($logout == "true"){
    
    $_SESSION['loginid'] = NULL;
}

[!--quoteo(post=387271:date=Jun 23 2006, 01:45 PM:name=jfee1212)--][div class=\'quotetop\']QUOTE(jfee1212 @ Jun 23 2006, 01:45 PM) View Post[/div][div class=\'quotemain\'][!--quotec--]
I have this code included in index.php (which is the only accessible file... it includes all of the other pages)

<?php
session_start();

if(!$validation){
    die('You do not have the proper privileges to view this page');
}

$mysql_user = "XXXXX";
$mysql_password = "XXXXXX";
$mysql_server = "XXXXXX";
$mysql_db = "XXXXXX";

$connect = mysql_connect($mysql_server, $mysql_user, $mysql_password);

$select = mysql_select_db($mysql_db);

if($logout = true){
    
    $_SESSION['loginid'] = NULL;
}
if($_POST['login']){

    if($_POST['username'] && $_POST['password']){
        $username = stripslashes($_POST['username']);
        $password = stripslashes($_POST['password']);
        
        $userid = mysql_query("SELECT userid FROM users WHERE username='$username' AND password=PASSWORD('".$password."')");
        
        $valid = mysql_num_rows($userid);
        
        $login_userid = mysql_fetch_array($userid);
        if($valid==1){
            
            $userid = $userid[0];
            $_SESSION['loginid'] = $login_userid[0];
            


            
            
        }else{
            echo 'Incorrect login info';
        }
    
    }else{ 
        echo 'You did not fill in the fields'; 
    }
}
if(isset($_SESSION['loginid'])){
    $user_loginid = $_SESSION['loginid'];

    $login_get_realname = mysql_query("SELECT realname FROM users WHERE userid='$user_loginid'");
    $login_get_username = mysql_query("SELECT username FROM users WHERE userid='$user_loginid'");

    $user_realname = mysql_fetch_array($login_get_realname);
    $user_username = mysql_fetch_array($login_get_username);

    $user_realname = $user_realname[0];
    $user_username = $user_username[0];
    
        
    $user_logged_in = true;
    
    
    }

$home = "users";
?>

I use $user_logged_in on other pages to verify that the session is there and validated, however when i echo $_SESSION['loginid'] it returns null.

When you first log on, the "Welcome..." iinfo is displayed properly, but when you click on a link it loses the logged in status.

The link is [a href=\"http://www.jafsitedesign.com/collegeartstore\" target=\"_blank\"]http://www.jafsitedesign.com/collegeartstore[/a]

Thanks a bunch
[/quote]

#3 fractil

fractil
  • Members
  • PipPip
  • Member
  • 10 posts

Posted 23 June 2006 - 08:16 PM

It seems you are storing your "logged in" status variables locally and not writing to your database. If you want to maintain the "logged in" status while exploring different links within your site you will need to store that "logged in" variable in your database and not locally to your index.php

Cheers!
"One of the main causes of the fall of the Roman Empire was that, lacking zero, they had no way to indicate successful termination of their C programs"

#4 jfee1212

jfee1212
  • Members
  • PipPip
  • Member
  • 14 posts

Posted 23 June 2006 - 08:42 PM

@jworisek... THANK YOU SO MUCH

Its one of those things that you look back at and think "Man was I stupid".

@fractill... I believe you are referring to saving the login for a different session. withh the $_SESSION variable, it is stored locally to the server and is retrieved based upon the PHPSESSID cookie.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users