Session Not Working

[dual_alliance]

I am having a problem with my session's l log in fine, then l go to click the link to admin2.php and it says l have to login again.

[b]Process Login Script[/b]

[code=php:0]<?php
session_start();
header("Cache-control: private");

// Get MySQL Database information

include('db.php');

// Make variables from the form

$Username = $_POST['userName'];
$Password = $_POST['passWord'];

// Remove HTML (if any)

$Username = strip_tags("$Username");
$Password = strip_tags("$Password");

// Connect to server and select database.

mysql_connect("$dbHost", "$dbUserName", "$dbPassWord")or die("Cannot connect to server!");
mysql_select_db("$dbName")or die("Cannot select Database!");

// Does the user exist?

$sql_user_check = "SELECT * FROM users WHERE username=\"$Username\" ";
$result_name_check = mysql_query($sql_user_check);
$usersfound = mysql_num_rows($result_name_check);

// If the user doesn't exist, create error

if ($usersfound < 1) {
$error = "User $Username not found.";

// If the user does exist, continue with processing

}else{

// Check if the passwords match

    $sql_pass_get = "SELECT * FROM users WHERE username=\"$Username\" ";
    $user_info = mysql_fetch_array(mysql_query($sql_pass_get));
  $encryptpass = $user_info['password'];

// If it doesn't match, note that and end
  if ($encryptpass != md5($Password)) {
    $error = "Invalid password.  Try again.";

// If it does match, let in and pass on info to session variables

}else{

        $_SESSION['userid'] = $user_info['userid'];
      $_SESSION['username'] = $user_info['username'];
      $_SESSION['password'] = $user_info['password'];

    }
}

if (!$_SESSION['username']) {
 
echo "$error";
   
}else{
include('admin.php');

}

?>[/code]

[b]admin.php script[/b]

[code=php:0]<?php
session_start();
header("Cache-control: private");
if (!$_SESSION['username']) {
    echo "You aren't logged in.";
    include("index.php");
    exit();
}else{
?>

<html>

<body>

<p>hello</p>

<p><a href ="admin2.php">Admin Panel</a></p>

</body>

</html>

<?php

}

?>[/code]

[i](Note: I have tried to get it to work by removing all the php code from this file however l still have the same problem)[/i]

[b]admin2.php Script[/b]

[code=php:0]<?php
session_start();
header("Cache-control: private");
if (!$_SESSION['username']) {
    echo "You aren't logged in.";
    include("index.php");
    exit();
}else{
?>

<html>

<body>

<p>testing!</p>

</body>

</html>

<?php
}
?>[/code]

Your help would be greatly appreciated

[king arthur]

Only thing I can think of is that by including admin.php in the login script you are calling session_start() twice but I don't know what effect that would actually have.

[tvdhoff]

Hi,

Try echoing those session variables you try to set:

[code]
echo "Username: " . $_SESSION["username"];
[/code]

If it doesn't return the username you've set, then that's your problem.

BTW: you can make your code more compact by combining that username and password query:

[code]
$encryptpass = md5($Password);
$sql_user_check ="SELECT * FROM users WHERE username=\"$Username\" AND password=\"$encryptpass\"";

and then:

if ($usersfound == "1") {

....
[code]

If there's exactly one match then you've found the user that has both that username and password...

Good luck! [/code][/code]

[tvdhoff]

If you call session_start() multiple times, you'll only get a warning or even a notice.

The function checks if a session exists and if so continues that session or else makes a new one.

So no worries there..

[tvdhoff]

Because one way or another, you're not logged in.

You either:

- made a typo in your variables and are requesting an empty variable
- set that session variable without putting data into it

Now, I don't see any typos in your code, so try echoing that variable as I suggested and see if it returns as expected.

[dual_alliance]

[quote author=tvdhoff link=topic=103269.msg411143#msg411143 date=1154953862]
Hi,

Try echoing those session variables you try to set:

[code]
echo "Username: " . $_SESSION["username"];
[/code]

[/quote]

Hi tvdhoff,

I tried this and the result was:

[code]Username: dual_alliance[/code]

So it cant be the username :-[, and still when l click the link to admin2.php it makes me login again.

[Orio]

I can see that every time there's an error, you set $error with the msg. Instead of doing that, just echo the error and exit (use die("Error- Wrong user"))
This way, you will be able to see what went wrong.

Orio.

[tvdhoff]

If I run your code it runs as expected...

[king arthur]

Try putting a line "<?php dump_array($_SESSION); ?>" between the body tags in admin.php and the same again in admin2.php and see what it outputs.

[dual_alliance]

[quote author=Orio link=topic=103269.msg411166#msg411166 date=1154955909]
I can see that every time there's an error, you set $error with the msg. Instead of doing that, just echo the error and exit (use die("Error- Wrong user"))
This way, you will be able to see what went wrong.

Orio.
[/quote]

Nothing changed.

[quote author=king arthur link=topic=103269.msg411186#msg411186 date=1154956912]
Try putting a line "<?php dump_array($_SESSION); ?>" between the body tags in admin.php and the same again in admin2.php and see what it outputs.
[/quote]

It gives me an error lol.

Fatal error: Call to undefined function dump_array() in C:\wamp\www\member\admin\admin.php on line 15

[king arthur]

Sorry, try print_r($_SESSION) instead of the echo dump_array()!

[dual_alliance]

[quote author=king arthur link=topic=103269.msg411215#msg411215 date=1154958498]
Sorry, try print_r($_SESSION) instead of the echo dump_array()!
[/quote]

Hi king arthur,

I tried what you said, the result is as follows:

Array ( [userid] => 1 [username] => dual_alliance [password] => 0926274431b9d************ ) Username: dual_alliance

From what l can see everything looks fine their.  However l was unable to see what it looked like on admin2.php as whenever l try to access that page it makes me log in and the login script then displays admin.php.  I will see what happens if l change it to admin2.php and get back to you.

dual_alliance

[b]Update:[/b] I changed the include file to admin2.php, made a link on admin2.php to link to admin.php and l it makes me login.  However l do get the arrary:

Array ( [userid] => 1 [username] => dual_alliance [password] => 0926274431b9d************ )

[Orio]

Try changing:
if (!$_SESSION['username']) {

To:
if (!isset($_SESSION['username'])){


The way you are check if $_SESSION['username'] is set is worng.
Make the change both in admin.php and admin2.php

Orio.

[dual_alliance]

Hi Orio,

No luck, its still the same.  I have included links to some screen shots to show you what happens.

Once you login:

[url=http://img283.imageshack.us/img283/5640/admin1np0.jpg]http://img283.imageshack.us/img283/5640/admin1np0.jpg[/url]

Once you click the link:

[url=http://img526.imageshack.us/img526/2636/admin2lu8.jpg]http://img526.imageshack.us/img526/2636/admin2lu8.jpg[/url]

dual_alliance

[dual_alliance]

I cant believe this!  I found a free PHP host and tried my code out and it worked :o, so why doesnt it work on my localhost because it should :/

[king arthur]

Ah you didn't say you were running it on localhost!!! Cookies and sessions seem to behave strangely when you run scripts on localhost, I would never rely on them working properly until you test them on a remote server.

[dual_alliance]

Dam its so much easier/faster to test scripts on localhost rather then uploading them to a server.

[wildteen88]

Cookies/Sessions should work on localhost. Just make sure your browser accepts cookies and that PHP the sessions settings are setup correctly,the defualt settings defined in php.ini are fine.

[dual_alliance]

Well l havent touched the php.ini file and l have cookies enabled so l have no idea why it doesnt work.  Oh well.

Also l would just like to say thankyou to all that helped me fix my problem