nilansanjaya Posted February 25, 2010 Share Posted February 25, 2010 hey guys... ive got a big prob here.. i got to fix some error's on a exsisting project ( some one else did it ) its a admin panel. the problem is that , you can navigate to anypage , but when you go to usermanagment page and then go back to anyother page , your session is gone , and you are redirected to the login. i kno it may be hard without the codings...but dont kno which one to post.. ( not all at once rite ? ) so ask .. help me ! Link to comment https://forums.phpfreaks.com/topic/193328-help-with-a-session-problem/ Share on other sites More sharing options...
PravinS Posted February 25, 2010 Share Posted February 25, 2010 There may be session_unregister (), session_unset(), session_destroy() functions used in user management page or any file which is included in user management page. Link to comment https://forums.phpfreaks.com/topic/193328-help-with-a-session-problem/#findComment-1017928 Share on other sites More sharing options...
nilansanjaya Posted February 25, 2010 Author Share Posted February 25, 2010 There may be session_unregister (), session_unset(), session_destroy() functions used in user management page or any file which is included in user management page. thanks for ur quick reply... bot unfortunately , theres only one session_destroy() and thats only in logout.php ive checkd all the files ( using dreamveawer's advanced search) but no any of those session removing functions are there. Link to comment https://forums.phpfreaks.com/topic/193328-help-with-a-session-problem/#findComment-1017929 Share on other sites More sharing options...
Deoctor Posted February 25, 2010 Share Posted February 25, 2010 Paste the code of one page..i think that u can do if help is needed.. without code. it is quite impossible to do.. also check what values are there in the php.ini file for these things session.cache_expire session.gc_maxlifetime Link to comment https://forums.phpfreaks.com/topic/193328-help-with-a-session-problem/#findComment-1017932 Share on other sites More sharing options...
nilansanjaya Posted February 25, 2010 Author Share Posted February 25, 2010 sorry for the delay heres the page thats causing me this case :/ usermanage.php <?php session_start(); if ($_SESSION['user_name'] == '' || $_SESSION['user_level'] != 1) { header('Location: index.php'); exit(0); } require_once('../config/config.php'); require_once('../includes/header.php'); require_once('../lib/svalidation.php'); require_once('../lib/functions.php'); require_once('menu.php'); // Get the GET data $uid = isset($_GET['uid']) ? trim($_GET['uid']) : ''; $task = isset($_GET['task']) ? trim($_GET['task']) : ''; // Decode GET values $uid = base64_decode($uid); $task = base64_decode($task); $msg = isset($_GET['msg']) ? trim($_GET['msg']) : ''; // Decode the message $msg = base64_decode($msg); // Calling to error message displaing function $msg = show_err_msg($msg, 'User'); // Change the Submit button name if ($task == 'edit') { $btn_val = 'Update'; } else { $btn_val = 'Add'; } if ($task == 'edit') { $query = "SELECT user_name, first_name, last_name FROM users WHERE user_name = '$uid' ORDER BY first_name ASC"; $result = mysql_query($query) or die('Sql error.'); $row = mysql_fetch_assoc($result); } // Get post or database values $first_name = isset($_POST['first_name']) ? add_escape($_POST['first_name']) : $row['first_name']; $last_name = isset($_POST['last_name']) ? add_escape($_POST['last_name']) : $row['last_name']; $user_name = isset($_POST['user_name']) ? add_escape($_POST['user_name']) : $row['user_name']; $password = isset($_POST['password']) ? add_escape($_POST['password']) : $row['password']; if ($_POST['btn_add_upd'] == 'Add' || $_POST['btn_add_upd'] == 'Update') { $proceed = true; // $prceed is used to check that whether to insert data to the database // Server side validation // First Name validation if (is_blank($first_name) == true) { $msg_fname = 'First Name cannot be blank.'; $proceed = false; } // Last Name validation if (is_blank($last_name) == true) { $msg_lname = 'Last Name cannot be blank.'; $proceed = false; } // Email validation if (is_blank($user_name) == true) { $msg_email = 'User Name cannot be blank.'; $proceed = false; } /*if ($email != '') { if (check_email_address($email) == false) { $msg_email = 'Invalid User Id.'; $proceed = false; } } */ if ($_POST['btn_add_upd'] == 'Add') { // Password validation if (is_blank($password) == true) { $msg_password = 'Password cannot be blank.'; $proceed = false; } } // User level validation /*if (is_blank($user_level) == true) { $msg_user_level = 'Please select a user level.'; $proceed = false; }*/ } // Add the user data to the database if ($_POST['btn_add_upd'] == 'Add') { if ($proceed === true) { // Encrypt the password $en_password = sha1($password); $query = "SELECT user_name FROM users WHERE user_name='$user_name'"; $result = mysql_query($query) or die('Sql error.'); if (mysql_num_rows($result) > 0) { $msg = 4; } else { $query = "INSERT INTO users (first_name, last_name, user_name, pwd, user_level) VALUES ('$first_name', '$last_name', '$user_name', '$en_password', 2)"; $result = mysql_query($query) or die('Sql error.'); if (mysql_affected_rows($dbconn) > 0) { $msg = 1; } else { $msg = 5; } header('Location: '.$_SERVER['PHP_SELF'].'?msg='.base64_encode($msg)); } } } // Update template data if ($_POST['btn_add_upd'] == 'Update') { if ($proceed === true) { $query = "UPDATE user SET fname = '$fname', lname = '$lname', email = '$email', WHERE user_name = $uid"; //echo $query; $result = mysql_query($query) or die('Sql error.'); if (mysql_affected_rows($dbconn) > 0) { $msg = 2; } } } // Delete users if ($task == 'del') { $query = "DELETE FROM users WHERE user_name='$uid'"; $result = mysql_query($query) or die('Sql error.'); if (mysql_affected_rows($dbconn) > 0) { $msg = 3; } else { $msg = 5; } header('Location: '.$_SERVER['PHP_SELF'].'?msg='.base64_encode($msg)); } $show_table = '<table width="330px" border="0" cellspacing="1" cellpadding="2" align="center" class="admin_panel_font">'; $show_table .= '<tr><td colspan="5"> </td></tr>'; $show_table .= '<tr align="left">'; $show_table .= '<th>First Name</th>'; $show_table .= '<th>Last Name</th>'; $show_table .= '<th>User Name</th>'; $show_table .= '<th> </th>'; $show_table .= '<th> </th>'; $show_table .= '</tr>'; $query = "SELECT user_name, first_name, last_name FROM users WHERE user_level != 1 ORDER BY first_name ASC"; $result = mysql_query($query) or die('Sql error.'); while ($row = mysql_fetch_array($result)) { $show_table .= '<tr>'; $show_table .= '<td>' . $row['first_name'] . '</td>'; $show_table .= '<td>' . $row['last_name'] . '</td>'; $show_table .= '<td>' . $row['user_name'] . '</td>'; $show_table .= '<td><a href="'.$_SERVER['PHP_SELF'].'?uid='.base64_encode($row['user_name']).'&task='.base64_encode('edit').'">Edit</a></td>'; $show_table .= '<td><a href="'.$_SERVER['PHP_SELF'].'?uid='.base64_encode($row['user_name']).'&task='.base64_encode('del').'" onclick="return promptConfirm(\'Are you sure?\')">Delete</a></td>'; $show_table .= '</tr>'; } $show_table .= '<tr><td colspan="6"> </td></tr>'; $show_table .= '</table>'; ?> <script type="text/javascript" src="common.js"></script> <script type="text/javascript"> // JavaScript Email validation function isValidEmail(val) { var re = /^[\w-]+(\.[\w-]+)*@([\w-]+\.)+[a-zA-Z]{2,7}$/; if (!val.match(re)) { return false; } else { return true; } } // Validate Required fields function validate() { var status = true; var btn_name = '<?=$btn_val?>'; // Validae First Name if (document.getElementById("txt_fname").value == "") { document.getElementById("td_txt_fname").innerHTML = "First Name cannot be blank."; status = false; } // Clear the error message if (document.getElementById("txt_fname").value != "") { document.getElementById("td_txt_fname").innerHTML = ""; } // validate Last Name if (document.getElementById("txt_lname").value == "") { document.getElementById("td_txt_lname").innerHTML = "Last Name cannot be blank."; status = false; } // Clear the error message if (document.getElementById("txt_lname").value != "") { document.getElementById("td_txt_lname").innerHTML = ""; } // Validate Email address (Check if Email is blank) if (document.getElementById("txt_email").value == "") { document.getElementById("td_txt_email").innerHTML = "Email cannot be blank."; status = false; } // Check Email is valid or not if (document.getElementById("txt_email").value != "" && isValidEmail(document.getElementById("txt_email").value) == false) { document.getElementById("td_txt_email").innerHTML = "Invalid Email."; status = false; } // Clear error messages if (document.getElementById("txt_email").value != "" && isValidEmail(document.getElementById("txt_email").value) == true) { document.getElementById("td_txt_email").innerHTML = ""; } if (btn_name == 'Add') { // Password validation if (document.getElementById("txt_password").value == "") { document.getElementById("td_txt_password").innerHTML = "Password cannot be blank."; status = false; } // Clear Password validation error message if (document.getElementById("txt_password").value != "") { document.getElementById("td_txt_password").innerHTML = ""; } } // User level validation if (document.frm_user_management.user_level.selectedIndex == 0) { document.getElementById("td_user_level").innerHTML = "Please select a user level."; status = false; } // Clear User level validation error message if (document.frm_user_management.user_level.selectedIndex != 0) { var tmp_cat = document.frm_user_management.user_level.selectedIndex; document.getElementById("td_user_level").innerHTML = ""; } if (status == true) { return true; } else { return false; } } // Cancel updation function cancel_operation() { window.location.href="user_manage.php"; // Redirect to current page } // This function is used to get the confirm box function promptConfirm(prompt_str) { var answer = confirm(prompt_str); if (answer) { document.frm_user_management.submit(); } else { return false; } /*if (confirm(prompt_str)) { alert(prompt_str); document.frm_user_management.submit(); } else { return false; }*/ } </script> <form name="frm_user_management" id="frm_user_management" method="post" action="<?=$_SERVER['PHP_SELF']?>?uid=<?=base64_encode($uid)?>&task=<?=base64_encode($task)?>"> <table width="500px" border="0" cellspacing="0" cellpadding="1" align="center" class="admin_panel_font"> <tr> <td> </td> <td> </td> <td> </td> <tr> <th> </th> <th colspan="2" align="left">Manage Users</th> </tr> <tr> <td colspan="3"> </td> </tr> <tr> <td width="150" class="form_label_right">First Name:</td> <td width="150" class="frm_elements"><input type="text" name="first_name" id="first_name" value="<?=$first_name?>" size="20" maxlength="25" /></td> <td width="200" id="td_txt_fname"><?=isset($msg_fname) ? $msg_fname : ' '?></td> </tr> <tr> <td class="form_label_right">Last Name:</td> <td class="frm_elements"><input type="text" name="last_name" id="last_name" value="<?=$last_name?>" size="20" maxlength="25" /></td> <td id="td_txt_lname"><?=isset($msg_lname) ? $msg_lname : ' '?></td> </tr> <tr> <td class="form_label_right">User Name:</td> <td class="frm_elements"><input type="text" name="user_name" id="user_name" value="<?=$user_name?>" size="20" maxlength="50" /></td> <td id="td_txt_email"><?=isset($msg_email) ? $msg_email : ' '?></td> </tr> <?php // Show only in adding if (isset($task) && $task == 'edit') { ?> <tr> <td class="form_label_right"> </td> <td class="frm_elements"><a href="change_password.php?uid=<?=base64_encode($uid)?>">Change password</a></td> <td> </td> </tr> <?php } else { ?> <tr> <td class="form_label_right">Password:</td> <td class="frm_elements"><input type="password" name="password" id="password" value="<?=$password?>" /></td> <td id="td_txt_password"><?=isset($msg_password) ? $msg_password : ' '?></td> </tr> <?php } ?> <tr> <td> </td> <td class="frm_elements"> <input type="submit" name="btn_add_upd" value="<?=$btn_val?>" size="20" maxlength="25" /> <input type="button" name="btn_cancel" value="Cancel" size="20" maxlength="25" /></td> </tr> <tr> <td> </td> <td colspan="2"><?=$msg?></td> </tr> </table> <?=$show_table?> </form> <?php require_once('../includes/footer.php'); ?> when i go to dat page...and try to go to another from that...then im out and redirecting to login Link to comment https://forums.phpfreaks.com/topic/193328-help-with-a-session-problem/#findComment-1017940 Share on other sites More sharing options...
Deoctor Posted February 25, 2010 Share Posted February 25, 2010 do one thing.. make one page with the same name and place there in that folder usermanage.php and write this in there?? <?php echo $_SESSION['user_name']; echo $_SESSION['user_level']; ?> Link to comment https://forums.phpfreaks.com/topic/193328-help-with-a-session-problem/#findComment-1017949 Share on other sites More sharing options...
nilansanjaya Posted February 25, 2010 Author Share Posted February 25, 2010 hey guys ! ive solved it... the reason for that error was bit weird though ! hmm ! nywy.thanks alot every ! Link to comment https://forums.phpfreaks.com/topic/193328-help-with-a-session-problem/#findComment-1017965 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.