[SOLVED] SESSION help! about to jump off a bridge

[guyfromfl]

I cannot figure out why this login script will not work.  I have simply copied and pasted it from code that works.  If I ask it to return $_SESSION['user_id'] from inside login.php it echos the correct value.  If you put it anywhere else it says undefiened index.

 

no matter what I get redirected to the login page.

 

I don't think the $_SESSION data is getting passed to the other pages.

 

PLEASE HELP

 

pretty simple code snipets:

 

header.php

<?php

include('includes/format.php');
include('includes/dblib.php');

$config = $db->getConfig();
$format = new format();

	session_start();

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<title>Broadway Limited Imports Service Department</title>
	<link href="http://bli.servehttp.com/bli/knowledgebase/includes/bliprint.css" rel="stylesheet" type="text/css" media="print" />
	<link href="includes/css/bli.css" type="text/css" rel="stylesheet" media="screen, tv, tty" />
	<link href="http://bli.servehttp.com/bli/knowledgebase/includes/jquery-ui-1.7.2-custom.css" type="text/css" rel="stylesheet" />
	<script src='lib/jquery/jquery.js' type="text/javascript"></script>
	<script src='includes/corners.js' type="text/javascript"></script>
	<script src='includes/ui.core.js' type="text/javascript"></script>
	<script src='includes/ui.datepicker.js' type="text/javascript"></script>

<!-- Functions -->
	<script type="text/javascript">
$(function() {
$("#datepicker").datepicker();
$("#format").change(function() { $('#datepicker').datepicker('yy-mm-dd', {dateFormat: $(this).val()}); });

});
	</script>

</head>
<body>
<!-- <body onload="document.frmSearch.search.focus()"> -->
	<!-- Begin Wrapper -->
	<center>
		<div id="wrapper">
		<!-- Logged in Status -->
<?php

echo ($_SERVER['user_id']);
if (isset($_SESSION['user_id'])) {
	echo "<div style='float: right; font-size: 12px; padding-right: 10px; top:0' id='userPanel'>
		  <span style='color: #777;'><a href='issueList.php'>Issue Tracker</a> | </span>
		  <span style='color: #777;'><a href='admin/'>Admin Control Panel</a> | </span>   
	      <a href='logout.php'>Logged in as " . $db->getUserfNameById($_SESSION['user_id']) .
	     "</a></div>";
} else {
	echo "NOOOOOOOOOOOOOO";
}

?>
		<!-- Begin Header -->
		<div id="header">
			<p style="color:#ccc; valign: middle; text-align: left">
				<a href="<?php echo $config['companyWebsite']; ?>"><img style="padding-left: 10px" src="img/HeaderLogo.png" alt="Broadway Limited Imports" /></a>
				<a href="http://bli.servehttp.com">Knowledge Base</a>
			</p>
		</div>


		</div>
		<!-- End Header -->

 

 

index.php

<?php

require('includes/header.php');

//echo $_SESSION['user_id'];
//die();

if (isset($_SESSION['user_id'])) {
?>
		<h3>Main Menu</h3>
		<table id="menu">
			<tr>
				<td><img src='img/icons/128/Tools.png' /><br />Repairs</a></td>
				<td><img src='img/icons/128/Components.png' /><br />Parts</a></td>
			</tr>
			<tr>
				<td><img src='img/icons/128/Issue.png' /><br />Issues</td>
				<td><a href='customer.php?action=menu'><img src='img/icons/128/Customers.png' /><br />Customers</a></td>

			</tr>
		</table>

<?php
} else {
header("Location: login.php");
}


require('includes/footer.php'); 
?>

 

 

 

login.php

<?php

require('includes/header.php');
?>

<br /><br />
<div id="login">

<?php

// Check if user wants to login
if(isset($_GET['try'])) {

    // Check info was entered
    if(empty($_POST['username']) OR empty($_POST['password'])) {
    // not everything was entered
        echo "<span style='color: red'>Please fill in all the fields.</span>";
    } else {
        // Check credentials
        $username = mysql_real_escape_string($_POST['username']);
        //$password = md5($_POST['password']);
	$password = $_POST['password'];

        $checkUser = $db->checkUser($username, $password);

        if ($checkUser == 0) {
            echo "<span style='color: red'>Invalid login!</span>";
        } else {
            // CREATE SESSION
            $_SESSION['user_id'] = $checkUser;
		echo $_SESSION['user_id'];

            // $db->logUser();
            header("Location: index.php");
        }
    }
}

?>
<form action="login.php?try=validate" method="post">
<p>
<strong>Login<br /></strong>
Username: <input type="text" name="username" class="login" /><br />
<br />
Password: <input type="password" name="password" class="login" /><br />
<br />
<input type="submit" value="Login" />
</p>
</form>
</div><br /><br />
</div>
<?php
include ('includes/footer.php');
?>

[guyfromfl]

oh and the code for the $db->checkUser($username, $password); call

 

dblib.php

class dblib {
        // Other stuff

function checkUser($user, $pass) {
	/*
	 * Description: Validate a user by his log in creditials.  A
	 * 				user with user_id of zero is a normal web surfer
	 * 				and cannot access company privilege info.
	 * 
	 * Date:		April 1, 2009
	 */
        $sql = "SELECT id FROM bli.users WHERE
				bli.users.username='$user' AND
				bli.users.password=MD5('$pass')";
        $result = $this->query($sql);

        list($user_id) = mysql_fetch_row($result);

        if (empty($user_id)) {
            $user_id = 0;
        }

        return $user_id;
    }
   // More other stuff	
}

$db = new dblib();

[guyfromfl]

NOBODY????????????????

[adamlacombe]

it sounds like a session_start() problem but from the looks of the script its in the header and the header is in every file...

hmm... maybe try including it instead of requiring it..

 

instead of:

require('includes/header.php');

try:

include('includes/header.php');

[guyfromfl]

yea the SESSION variable isn't getting data passed to it.  I don't know. 

 

I tried include had the same result.

 

What's weird is this login script is from other projects that work fine, I Just copied and pasted it.

 

Thanks for lookin at it tho

[adamlacombe]

if you need a simple login script heres a tut: http://bhaviksblog.com/02/php-login-system-tutorial-part-3/

[guyfromfl]

Ill check it out..

 

I did some changing and now footer.php retruns:

Warning: session_destroy() [function.session-destroy]: Trying to destroy uninitialized session in C:\wamp\www\bli\includes\footer.php on line 7

 

so the session never started

[adamlacombe]

hmm...

I would try making an index file, including the db_connect, include other files need, and the session start. then below that add a switch and include the login, main, etc.

try that and lemme know how it goes.

[guyfromfl]

Its not passing session data.

 

The only difference is that I am doing this project on  my WAMP server not my linux box.  is there a problem with WAMP and sessions??

 

Im gonna start googling

 

Thanks for the help

[adamlacombe]

umm.. to tell you the truth I have no idea lol.

Best bet would be to google it.

I am not really a php/mysql expert, I am only 15 and started coding php like 2 years ago lol.

 

But if it doesn't madder what login script you use, I would definitely use that one I sent a few mins ago, I use that for all my projects, I find it pretty simple to use.

Don't know to much about servers and what not so I couldn't tell ya if that might be the problem but I haven't ever heard of a WAMP before only Linux.

Sorry

[guyfromfl]

i wrote this login script about a year and a half ago, and it works perfect on my other projects.

 

thats what is baffling me.

 

[adamlacombe]

ooh that is weird.

Have you tried it on another server lately? like a Linux?

[guyfromfl]

i copied from my linux server to WAMP server (Windows, Apachem MySQL, PHP) and its not working.

 

not 100% sure whats going on here

[guyfromfl]

I've been working on this for baout 9 damn hours and can't get it working.  only 1 person on 3 forums has written back

 

i give up.

[adamlacombe]

I hear ya but dont give up. you could try posting in another board..

take a break and think of what could be causing it..

sorry I couldn't be of any help...

 

Anyone else have any ideas??

[guyfromfl]

im on 2 other boards nothing.

 

this is such a stupid thing to be caught on.

 

im just gonna re write the WHOLE project i guess.

 

thanks for your help man

[PFMaBiSmAd]

Add the following two lines of code immediately after your first opening <?php tag on any main page involved with the problem (not in the included files) -

 

ini_set("display_errors", "1");
error_reporting(E_ALL);

[guyfromfl]

I added that, no change.

 

If i include instead of use header to redirect after the login it works, but it goes through each of the if statements that check the $_SESSION status like they are all true.

 

I am at my wits end

[PFMaBiSmAd]

Every header() redirect needs an exit; statement after it to prevent the remainder of the code on the page from being executed.

 

If your footer.php is unconditionally destroying the session for some odd reason, the session won't exist on any new page.

[redarrow]

1.

session_start() needs to be on all pages,including the included pages...

 

 

2. only use session_start() on the begging off all the pages don't add any think above it.

 

ALSO

[5kyy8lu3]

I have two things ya might look into.

 

First, session variables for www.YourSite.com and YourSite.com (without the "www") are completely different.  I force my site to use the www with a if statement checking for it, else not header("Location: www.YourSite.com");

 

Another thing, you should use session_start(); first thing after your <?php on ALL pages including ones you include.  Even though they should inherit the parent document's session, it doesn't always work like that from what I saw in my own personal experience.  It was an easy fix though, I just started putting session_start(); at the top of all of my php pages.

 

Worth a shot if nothing else is working.

 

here's the snippet i use to force the "www", you can use .htaccess if you prefer.

 

<?php
if ( $_SERVER['SERVER_NAME'] != 'www.YourSite.com' )
{
	header("Location: http://www.YourSite.com/");
}
?>

[guyfromfl]

ugh i think i have it now.

 

for some retarded reason I put session_destroy in the the footer.php

 

I dont know whats worse, looking for a stupid problem for 9 hours and writing agro forum posts, or finding out that you did something stupid to make you stare at code for 9 hours and write agro forum posts.

[5kyy8lu3]

ugh i think i have it now.

 

for some retarded reason I put session_destroy in the the footer.php

 

I dont know whats worse, looking for a stupid problem for 9 hours and writing agro forum posts, or finding out that you did something stupid to make you stare at code for 9 hours and write agro forum posts.

oh well, it's all a part of coding glad you got the problem resolved

[redarrow]

lucky i can re seal the skin back on my fingers aft her explaining what i said....

 

dam session's lol