Jump to content


Photo

Sessions I'm Sick of Them (Please Help Me)


  • Please log in to reply
10 replies to this topic

#1 dual_alliance

dual_alliance
  • Members
  • PipPipPip
  • Advanced Member
  • 140 posts
  • LocationNSW, Australia

Posted 10 August 2006 - 08:11 PM

When it comes to sessions l can't get them to work and it is SO frustrating.  I have tried many login script's and once l click any link it logs me out (in IE), l can't use sessions on localhost for some strange reason but l have SMF installed and working fine and another login script which l tried works in firefox but not IE.

How can l make it so sessions work?  Should l use cookies?  I no a session is sortof a cookie as well but l have seen people use cookies and sessions together.  If so can someone please give me an example of a login script using cookies + sessions or just one of the 2, because l am really getting frustrated.

Thankyou,

dual_alliance

#2 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 10 August 2006 - 08:14 PM

cookies and sessions, by default are used together.  You don't have to do anything, php does everything for you. 
the first thing, above EVERY page that uses sessions simply have session_start();
at the top with no white space, or nothing above it, keep any echo's a ways away from it or you get header errors.
As far as sesisons to setup a session
$_SESSION['variable'] = "whatever";
that session is set, if it's logging you out then you have to set the session maxlifetime high enough so it doesn't automatically close when the browser shuts down, or also doesn't cut them off in the middle of something either.

------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.


#3 dual_alliance

dual_alliance
  • Members
  • PipPipPip
  • Advanced Member
  • 140 posts
  • LocationNSW, Australia

Posted 10 August 2006 - 08:18 PM

I have that on every new page and it doesn't work.  (thats why l'm so fustrated)

#4 SharkBait

SharkBait
  • Members
  • PipPipPip
  • Advanced Member
  • 845 posts
  • LocationMetro Vancouver, BC

Posted 10 August 2006 - 08:49 PM

Show the code that is giving you trouble?

Are you running a web server (like apache) locally on your own machine or is it hosted else where?

<?php

$_POST['username'] = "SharkBait"   // pretend this was retrieved from a form
$PASS = "myPass";

if(isset($_POST['submit'])) {
   // Check if user submitted a form
   if(!empty($_POST['username'])) {
     $username = $_POST['username'];
   }
   // Check Password
   if($_POST['password'] == $PASS) {
      // passwords match create sessions

      $_SESSION['username'] = $username;
    } else {
       // Password does not match
    }
}
?>

Check for a session
<?php

if(isset($_SESSION['username'])) {
   echo "Hi {$_SESSION['username']}";
} else {
   echo "Session is not set, I don't know who you are";
}
?>


#5 dual_alliance

dual_alliance
  • Members
  • PipPipPip
  • Advanced Member
  • 140 posts
  • LocationNSW, Australia

Posted 10 August 2006 - 09:04 PM

Hi SharkBait,

Thats very similar to what l have so I will post the codes l have tried (on localhost and a webhost):

First Code
<br />
process_login.php
<?php

session_start();

header("Cache-control: private"); 

// Get MySQL Database information

	


	

include('db.php');

// Make variables from the form

	

$Username = $_POST['userName'];

	

$Password = $_POST['passWord'];

// Remove HTML (if any)

$Username = strip_tags("$Username");

$Password = strip_tags("$Password");

// Connect to server and select database.

mysql_connect("$dbHost", "$dbUserName", "$dbPassWord")or die("Cannot connect to server!");

mysql_select_db("$dbName")or die("Cannot select Database!");

// Does the user exist?

	

$sql_user_check = "SELECT * FROM users WHERE username=\"$Username\" ";

	

$result_name_check = mysql_query($sql_user_check);

	

$usersfound = mysql_num_rows($result_name_check); 

// If the user doesn't exist, create error

	

if ($usersfound < 1) {

	

$error = "User $Username not found.";

// If the user does exist, continue with processing 

}else{

// Check if the passwords match

$sql_pass_get = "SELECT * FROM users WHERE username=\"$Username\" ";

$user_info = mysql_fetch_array(mysql_query($sql_pass_get));

$encryptpass = $user_info['password']; 

// If it doesn't match, note that and end
  
if ($encryptpass != md5($Password)) {

// If it does match, let in and pass on info to session variables

}else{ 

$_SESSION['userid'] = $user_info['userid'];
      
$_SESSION['username'] = $user_info['username'];
      
$_SESSION['password'] = $user_info['password'];

}

}

if (!$_SESSION['username']) {

die ("Invalid password.  Try again.");

}else{
	
include('admin2.php');

}

?>
<br />
another page (linked from admin2.php)
<?php

session_start();
header("Cache-control: private");
if (!isset($_SESSION['username'])) {
    echo "You aren't logged in.";
    include("index.php");
    exit();
}else{

// rest of code....

}

?>

Outcome: Doesn't Work!
<br />
Second Code
<br />
login.php
<?php

// check username and password POST vars exists first, before continuing
if(isset($_POST['username']) && isset($_POST['password']))
{
    session_start();

	@mysql_connect('localhost', 'root', '') or die ('Cannot connect');
	@mysql_select_db('cokusers');
	
    $username = mysql_real_escape_string($_POST['username']);
    $password = mysql_real_escape_string($_POST['password']);
    $passwords = md5($password);

    $sql = "SELECT * FROM `users` WHERE `username` ='$username' AND `password` ='$passwords'";
    $result = mysql_query($sql) or die(mysql_error());

    // returns numbers of matches found.
    $users = mysql_num_rows($result);

    // if there was 1 result returned, user has successfully logged in
    if ($users == 1)
    {
        $row = mysql_fetch_assoc($result);

        $_SESSION['userid'] = $row['id'];
        $_SESSION['username'] = $row['username'];

        header("Redirect=5; URL=logged_in.php");

        echo "You are logged in! You\'ll be automatically redirected in 5 secounds. ";
        echo 'Or click <a href="logged_in.php">here</a> if you are impatient';
    }
    // user was not logged in, username/password combo incorrect
    else
    {
        echo 'Your Password and/or Username are incorrect<br />Please try agin<br /><br /><a href="index.php">Here</a>';
    }
}
else
{
    die("You have either come to this page in error or you did not fill in the login form!");
}

?>
<br />
The page it links to
<?php
session_start();
if(isset(!$_SESSION['username'])){//if there is nothing in the session
echo 'you are not logged in';
exit;//quit the page so they cant view anything else
}else{

// Rest of code etc.......

}

?>
<br />
Outcome: Doesn't Work!
<br />
I hope you can see now why l am frustrated with sessions ;D.  Your help is very much appreciated.

#6 SharkBait

SharkBait
  • Members
  • PipPipPip
  • Advanced Member
  • 845 posts
  • LocationMetro Vancouver, BC

Posted 10 August 2006 - 10:48 PM

What happens if you
print_f($_SESSION);

After you've tried setting the session?

Notice you also have this near the bottom:
if(isset(!$_SESSION['username']))) { //ifthere is nothing in seession

// Id change it to this:
if (!isset($_SESSION['username'])) {


#7 akitchin

akitchin
  • Staff Alumni
  • Advanced Member
  • 2,516 posts
  • LocationCalgary, AB, Canada

Posted 10 August 2006 - 11:17 PM

no one has bothered to mention that sessions are a SERVER-SIDE issue.  they will not work differently in IE and firefox unless you have different cookie settings in one or the other; even then, it's hard to produce differences.

#8 dual_alliance

dual_alliance
  • Members
  • PipPipPip
  • Advanced Member
  • 140 posts
  • LocationNSW, Australia

Posted 10 August 2006 - 11:25 PM

What happens if you

print_f($_SESSION);

After you've tried setting the session?

Notice you also have this near the bottom:
if(isset(!$_SESSION['username']))) { //ifthere is nothing in seession

// Id change it to this:
if (!isset($_SESSION['username'])) {


Nothing changed still the same problem.  akitchin l will try a different free host and tell you what happens

#9 dual_alliance

dual_alliance
  • Members
  • PipPipPip
  • Advanced Member
  • 140 posts
  • LocationNSW, Australia

Posted 10 August 2006 - 11:39 PM

Well a word of advice do not use php01.net to host free php websites.  And the otherone l tried it works in firefox but not IE.  Can any of you guys/girls refer me to a free host that you know works with sessions in IE?

(I am only using a free host now because l trying to make an online game and well l dont want to pay serverpowered.com's large fee's until its completed lol).

Thanks,

dual_alliance

#10 mainewoods

mainewoods
  • Members
  • PipPipPip
  • Advanced Member
  • 685 posts
  • LocationMaine

Posted 11 August 2006 - 12:07 AM

I think this statement is wrong:
$sql_user_check = "SELECT * FROM users WHERE username=\"$Username\" ";
-your usage of double quotes around $Username is wrong.  sql only allows the usage of single quotes in that usage. In fact I believe that should be generating a mysql error because of invalid syntax.

#11 dual_alliance

dual_alliance
  • Members
  • PipPipPip
  • Advanced Member
  • 140 posts
  • LocationNSW, Australia

Posted 11 August 2006 - 12:18 AM

Well l'm using the second code to test it out on hosts so l might leave it.  But thanks for point it out l will remember to edit it if ever l use it.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users