Session lost after redirection

[nati]

Hello all!

 

I have a problem with loosing session data after redirection.

I have login.php page with a form on it which passes data on logincheck.php page. On logincheck.php data are checked and if they are correct, I redirect to sess.php and pass username. On sess.php I start session and register variable for username wich should be used on other pages and I redirect to index.php. And username is blank after that.........

 

This is briefly, but I can also give my code, if needed.

 

Anyone has idea what is wrong?

 

 

Tnx in advance,

Natasa

[dezkit]

Post some code

[thebadbad]

Remember to run session_start() at the top of each page using sessions.

[nati]

login.php

 

<?php

if ($loguser != '')

  {session_destroy();}

?>

<!DOCTYPE html ...</head>

<body onLoad="forma.korisnickoime.focus();">

<div id="container">

<?php include 'header.php';?>

...

<form name="forma" action="logincheck.php" method = "post">

...

</form><br><br><br><br>

<?php include 'footer.html';?>

</body></html>

 

logincheck.php

 

<!DOCTYPE ...</head>

<body onLoad="forma.korisnickoime.focus();">

<?php include 'veza.php';?>

<div id="container">

<?php include 'header.php';?>

...

<?php

$user=addslashes(trim($HTTP_POST_VARS['korisnickoime']));

$pass=addslashes(trim($HTTP_POST_VARS['lozinka']));

if(empty($user) or empty($pass))

{$nijeuneto = 1;}

else

  {$nijeuneto = 0;}

$pass_kodovan = md5($pass); 

$query = "select ime, prezime

          from  registrovani_korisnici

          where  username = '$user'

          and    password = '$pass_kodovan'";         

$result = mysql_query($query);

$broj_redova = mysql_num_rows($result);

if ($broj_redova == 1 and $nijeuneto == 0)

  {

  $redirect="sess.php?ime=$user";

  printf("<script language=\"JavaScript1.2\"> window.location = \"%s\" </script>",$redirect);

  exit;

  }     

?>

...

<form name="forma" action="logincheck.php" method="post">

...

</form>

<?php include 'footer.html';?>

</body></html>

 

sess.php

 

<?php

  $logovan = $_GET['ime'];

  if ($logovan != '')

  {

  session_start();

  session_register("loguser");

  $loguser = $logovan;

  header('Location: index.php');

  } 

?>

 

That's it. 

[nati]

Just to answer on thebadbad comment:

 

I did try that, but it always starts a new session...

[revraz]

For login.php, you need session_start() in order to use session_destroy()

 

Don't use session_register with session_start(), use $_SESSION array instead.

 

Let's see index.php

[nati]

Hey, it works now, I used $_SESSION and I put session_start() at the beggining of pages which use session and now my variable loguser is visible on every page.

 

But another problem appeared  .

 

When I log on (as user) and click on "Logout" link, I am redirected to login.php page, as I should be, but I still see in header username and link "Logout" instead of "Login" link. I need to click on Logout one more time to get Login link.

 

Here is code of my header.php page which is included on every page with some output.

 

<!DOCTYPE ... </head>

<body>

...

<?php

if ($loguser != '')   

  {include 'veza.php';

  $query = "select ime, prezime

            from  registrovani_korisnici

            where  username = '$loguser'"; 

  $result = mysql_query($query);

  $broj_redova = mysql_num_rows($result); 

  if ($broj_redova != 1)

    {die(mysql_error());}

  $row = mysql_fetch_array($result);     

  echo "<h3>".$row['ime']."&nbsp".$row['prezime']."&nbsp&nbsp&nbsp&nbsp&nbsp<a class='logout' href="."login.php".">Logout</a></h3>";}

else if (basename($_SERVER['SCRIPT_NAME'])=="login.php" or basename($_SERVER['SCRIPT_NAME'])=="registracija_provera.php" or basename($_SERVER['SCRIPT_NAME'])=="logincheck.php")

  {echo "<h3>Login</h3>";}

else

  {echo "<h3><a href="."login.php".">Login</a></h3>";}

?>

...

</body>

</html>

[waynew]

Please use code tags.

[revraz]

Make it easy on yourself.  Create a new page, logout.php, in it just use

 

<?PHP
session_start();
session_destroy();
header ("Location: index.php")
?>