Jump to content

User login - problems with sessions


Recommended Posts

I have problems with sessions. It looks like the session variable "MM_UserID" is not passing from one page to another. I created a login page (login.php) and built the form and added dreamweaver mx's login behavior to it.I then created a user info page (login_success.php) which users reach right after logging in that displays several bits of information from their entry in the database table. When I login, the login is successful but no dynamic data (the user's info) is displayed on the user info page. The codes for both the login page and the userinfo page are below:

 

login.php

 

<?php

 

//initialize the session

session_start();

 

include '../Connections/mcssb.php';

 

// *** Validate request to login to this site.

 

if (isset($_POST['Login'])) {

if (isset($_POST['StoreProfile'])) {

setcookie ("UserName", $_POST['UserName'],time()+43200);

} else {

setcookie ("UserName", "",time()-43200);

}

}

 

$loginFormAction = $_SERVER['PHP_SELF'];

if (isset($accesscheck)) {

$_SESSION['PrevUrl'] = $accesscheck;

}

 

if (isset($_POST['UserName'])) {

$loginUsername=$_POST['UserName'];

$password=$_POST['Password'];

$MM_fldUserAuthorization = "UserAccess";

$MM_redirectLoginSuccess = "login_success.php";

$MM_redirectLoginFailed = "login.php?failed=true";

$MM_redirecttoReferrer = true;

mysql_select_db($database_mcssb, $mcssb);

 

$LoginRS__query=sprintf("SELECT UserName, UserPassword, UserAccess, UserID FROM users WHERE UserName='%s' AND UserPassword='%s'",

get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));

 

$LoginRS = mysql_query($LoginRS__query, $mcssb) or die(mysql_error());

$loginFoundUser = mysql_num_rows($LoginRS);

if ($loginFoundUser) {

 

$loginStrGroup = mysql_result($LoginRS,0,'UserAccess');

 

//register the session variables

$_SESSION['MM_Username'] = $loginUsername;

$_SESSION['MM_UserID'] = mysql_result($LoginRS,0,'UserID');

$_SESSION['MM_UserGroup'] = $loginStrGroup;

 

if (isset($_SESSION['PrevUrl']) && true) {

$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];

}

header("Location: http://${_SERVER['HTTP_HOST']}/" . dirname($_SERVER['PHP_SELF']) . "/$MM_redirectLoginSuccess?" . SID);

}

else {

header("Location: ". $MM_redirectLoginFailed );

}

}

?>

 

login_success.php

 

<?php //initialize the session

session_start();

 

include '../Connections/mcssb.php';

 

$colname_LoggedIn = "1";

if (isset($_SESSION['MM_UserID'])) {

$colname_LoggedIn = (get_magic_quotes_gpc()) ? $_SESSION['MM_UserID'] : addslashes($_SESSION['MM_UserID']);

}

mysql_select_db($database_mcssb, $mcssb);

$query_LoggedIn = sprintf("SELECT UserID, UserName, UserEmail FROM users WHERE UserID = %s", $colname_LoggedIn);

$LoggedIn = mysql_query($query_LoggedIn, $mcssb) or die(mysql_error());

$row_LoggedIn = mysql_fetch_assoc($LoggedIn);

$totalRows_LoggedIn = mysql_num_rows($LoggedIn);

?>

 

Link to comment
Share on other sites

  • 4 weeks later...

Correcting the cache-control in the header as mentioned above doesn’t always work. The following worked for me, by placing a session_write_close() before the call to header, followed by and exit():

 

session_write_close();

header("Location: $Page");

exit();

 

More about the same:

 

After you install security patch MS01-055 for Microsoft Internet Explorer 5.5 or 6.0, you may encounter the following problems:

-Session variables are lost.

-Session state is not maintained between requests.

-Cookies are not set on the client system.

 

http://support.microsoft.com/default.aspx?...kb;EN-US;316112

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.