Jump to content


Photo

Session Not Working


  • Please log in to reply
18 replies to this topic

#1 dual_alliance

dual_alliance
  • Members
  • PipPipPip
  • Advanced Member
  • 140 posts
  • LocationNSW, Australia

Posted 07 August 2006 - 11:39 AM

I am having a problem with my session's l log in fine, then l go to click the link to admin2.php and it says l have to login again.

Process Login Script

<?php
	session_start();
	header("Cache-control: private"); 

// Get MySQL Database information
	
	include('db.php');

// Make variables from the form

	$Username = $_POST['userName'];
	$Password = $_POST['passWord'];

// Remove HTML (if any)
	
	$Username = strip_tags("$Username");
	$Password = strip_tags("$Password");

// Connect to server and select database.

	mysql_connect("$dbHost", "$dbUserName", "$dbPassWord")or die("Cannot connect to server!");
	mysql_select_db("$dbName")or die("Cannot select Database!");

// Does the user exist?

	$sql_user_check = "SELECT * FROM users WHERE username=\"$Username\" ";
	$result_name_check = mysql_query($sql_user_check);
	$usersfound = mysql_num_rows($result_name_check); 

// If the user doesn't exist, create error

	if ($usersfound < 1) {
	$error = "User $Username not found.";

// If the user does exist, continue with processing 

	}else{

// Check if the passwords match

    		$sql_pass_get = "SELECT * FROM users WHERE username=\"$Username\" ";
    		$user_info = mysql_fetch_array(mysql_query($sql_pass_get));
  		$encryptpass = $user_info['password']; 

// If it doesn't match, note that and end
  		if ($encryptpass != md5($Password)) {
  	   	$error = "Invalid password.  Try again.";

// If it does match, let in and pass on info to session variables
	
	}else{ 

        	$_SESSION['userid'] = $user_info['userid'];
      		$_SESSION['username'] = $user_info['username'];
      		$_SESSION['password'] = $user_info['password'];

    		}
	} 

		if (!$_SESSION['username']) {
  		
		echo "$error";
     	 
		}else{
	include('admin.php');

	}

?>

admin.php script

<?php
session_start();
header("Cache-control: private");
if (!$_SESSION['username']) {
    echo "You aren't logged in.";
    include("index.php");
    exit();
}else{
?>

<html>

<body>

<p>hello</p>

<p><a href ="admin2.php">Admin Panel</a></p>

</body>

</html>

<?php

}

?>

(Note: I have tried to get it to work by removing all the php code from this file however l still have the same problem)

admin2.php Script

<?php
session_start();
header("Cache-control: private");
if (!$_SESSION['username']) {
    echo "You aren't logged in.";
    include("index.php");
    exit();
}else{
?>

<html>

<body>

<p>testing!</p>

</body>

</html>

<?php
}
?>

Your help would be greatly appreciated

#2 king arthur

king arthur
  • Members
  • PipPipPip
  • Advanced Member
  • 335 posts
  • LocationUK HQ

Posted 07 August 2006 - 12:28 PM

Only thing I can think of is that by including admin.php in the login script you are calling session_start() twice but I don't know what effect that would actually have.
Sir Isaac Newton said "If I have seen farther, it is by standing on the shoulders of giants". But it is not recorded as to whether he said it before or after he was hit on the head by a falling apple.

#3 tvdhoff

tvdhoff
  • Members
  • PipPip
  • Member
  • 16 posts

Posted 07 August 2006 - 12:31 PM

Hi,

Try echoing those session variables you try to set:

echo "Username: " . $_SESSION["username"];

If it doesn't return the username you've set, then that's your problem.

BTW: you can make your code more compact by combining that username and password query:

$encryptpass = md5($Password);
$sql_user_check ="SELECT * FROM users WHERE username=\"$Username\" AND password=\"$encryptpass\"";

and then:

if ($usersfound == "1") {

....
[code]

If there's exactly one match then you've found the user that has both that username and password...

Good luck! [/code]


#4 tvdhoff

tvdhoff
  • Members
  • PipPip
  • Member
  • 16 posts

Posted 07 August 2006 - 12:32 PM

If you call session_start() multiple times, you'll only get a warning or even a notice.

The function checks if a session exists and if so continues that session or else makes a new one.

So no worries there..

#5 tvdhoff

tvdhoff
  • Members
  • PipPip
  • Member
  • 16 posts

Posted 07 August 2006 - 12:41 PM

Because one way or another, you're not logged in.

You either:

- made a typo in your variables and are requesting an empty variable
- set that session variable without putting data into it

Now, I don't see any typos in your code, so try echoing that variable as I suggested and see if it returns as expected.

#6 dual_alliance

dual_alliance
  • Members
  • PipPipPip
  • Advanced Member
  • 140 posts
  • LocationNSW, Australia

Posted 07 August 2006 - 12:55 PM

Hi,

Try echoing those session variables you try to set:

echo "Username: " . $_SESSION["username"];


Hi tvdhoff,

I tried this and the result was:

Username: dual_alliance

So it cant be the username :-[, and still when l click the link to admin2.php it makes me login again.

#7 Orio

Orio
  • Staff Alumni
  • Advanced Member
  • 2,491 posts

Posted 07 August 2006 - 01:05 PM

I can see that every time there's an error, you set $error with the msg. Instead of doing that, just echo the error and exit (use die("Error- Wrong user"))
This way, you will be able to see what went wrong.

Orio.
Think you're smarty?

(Gone until 20 to November)

#8 tvdhoff

tvdhoff
  • Members
  • PipPip
  • Member
  • 16 posts

Posted 07 August 2006 - 01:09 PM

If I run your code it runs as expected...

#9 king arthur

king arthur
  • Members
  • PipPipPip
  • Advanced Member
  • 335 posts
  • LocationUK HQ

Posted 07 August 2006 - 01:21 PM

Try putting a line "<?php dump_array($_SESSION); ?>" between the body tags in admin.php and the same again in admin2.php and see what it outputs.
Sir Isaac Newton said "If I have seen farther, it is by standing on the shoulders of giants". But it is not recorded as to whether he said it before or after he was hit on the head by a falling apple.

#10 dual_alliance

dual_alliance
  • Members
  • PipPipPip
  • Advanced Member
  • 140 posts
  • LocationNSW, Australia

Posted 07 August 2006 - 01:31 PM

I can see that every time there's an error, you set $error with the msg. Instead of doing that, just echo the error and exit (use die("Error- Wrong user"))
This way, you will be able to see what went wrong.

Orio.


Nothing changed.

Try putting a line "<?php dump_array($_SESSION); ?>" between the body tags in admin.php and the same again in admin2.php and see what it outputs.


It gives me an error lol.

Fatal error: Call to undefined function dump_array() in C:\wamp\www\member\admin\admin.php on line 15

#11 king arthur

king arthur
  • Members
  • PipPipPip
  • Advanced Member
  • 335 posts
  • LocationUK HQ

Posted 07 August 2006 - 01:48 PM

Sorry, try print_r($_SESSION) instead of the echo dump_array()!
Sir Isaac Newton said "If I have seen farther, it is by standing on the shoulders of giants". But it is not recorded as to whether he said it before or after he was hit on the head by a falling apple.

#12 dual_alliance

dual_alliance
  • Members
  • PipPipPip
  • Advanced Member
  • 140 posts
  • LocationNSW, Australia

Posted 07 August 2006 - 01:58 PM

Sorry, try print_r($_SESSION) instead of the echo dump_array()!


Hi king arthur,

I tried what you said, the result is as follows:

Array ( [userid] => 1 [username] => dual_alliance [password] => 0926274431b9d************ ) Username: dual_alliance

From what l can see everything looks fine their.  However l was unable to see what it looked like on admin2.php as whenever l try to access that page it makes me log in and the login script then displays admin.php.  I will see what happens if l change it to admin2.php and get back to you.

dual_alliance

Update: I changed the include file to admin2.php, made a link on admin2.php to link to admin.php and l it makes me login.  However l do get the arrary:

Array ( [userid] => 1 [username] => dual_alliance [password] => 0926274431b9d************ )

#13 Orio

Orio
  • Staff Alumni
  • Advanced Member
  • 2,491 posts

Posted 07 August 2006 - 02:01 PM

Try changing:
if (!$_SESSION['username']) {

To:
if (!isset($_SESSION['username'])){


The way you are check if $_SESSION['username'] is set is worng.
Make the change both in admin.php and admin2.php

Orio.
Think you're smarty?

(Gone until 20 to November)

#14 dual_alliance

dual_alliance
  • Members
  • PipPipPip
  • Advanced Member
  • 140 posts
  • LocationNSW, Australia

Posted 07 August 2006 - 02:20 PM

Hi Orio,

No luck, its still the same.  I have included links to some screen shots to show you what happens.

Once you login:

http://img283.images...0/admin1np0.jpg

Once you click the link:

http://img526.images...6/admin2lu8.jpg

dual_alliance

#15 dual_alliance

dual_alliance
  • Members
  • PipPipPip
  • Advanced Member
  • 140 posts
  • LocationNSW, Australia

Posted 07 August 2006 - 03:01 PM

I cant believe this!  I found a free PHP host and tried my code out and it worked :o, so why doesnt it work on my localhost because it should :/

#16 king arthur

king arthur
  • Members
  • PipPipPip
  • Advanced Member
  • 335 posts
  • LocationUK HQ

Posted 07 August 2006 - 03:34 PM

Ah you didn't say you were running it on localhost!!! Cookies and sessions seem to behave strangely when you run scripts on localhost, I would never rely on them working properly until you test them on a remote server.
Sir Isaac Newton said "If I have seen farther, it is by standing on the shoulders of giants". But it is not recorded as to whether he said it before or after he was hit on the head by a falling apple.

#17 dual_alliance

dual_alliance
  • Members
  • PipPipPip
  • Advanced Member
  • 140 posts
  • LocationNSW, Australia

Posted 07 August 2006 - 03:57 PM

Dam its so much easier/faster to test scripts on localhost rather then uploading them to a server.

#18 wildteen88

wildteen88
  • Staff Alumni
  • Advanced Member
  • 10,482 posts
  • LocationUK, Bournemouth

Posted 07 August 2006 - 04:02 PM

Cookies/Sessions should work on localhost. Just make sure your browser accepts cookies and that PHP the sessions settings are setup correctly,the defualt settings defined in php.ini are fine.

#19 dual_alliance

dual_alliance
  • Members
  • PipPipPip
  • Advanced Member
  • 140 posts
  • LocationNSW, Australia

Posted 07 August 2006 - 04:06 PM

Well l havent touched the php.ini file and l have cookies enabled so l have no idea why it doesnt work.  Oh well.

Also l would just like to say thankyou to all that helped me fix my problem




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users