Sessions

[supanoob]

OK, so i thought my sessions were working, but when i try to query from the database it would appear they are not. I have ensured that i have session_start(); on every page. Below is the part in which i start my session (or at least thought i did) and the query.

 

Before the code i would like to explain my set-up, basically to keep things less confusing for myself i have split my website into 3 sections site_top.php, site_bottom.php and site_middle.php. All these are called in a document known as index.php, index.php has my session_start(); in at the very top, thats how i know it is called on every page. ok so the 3 pages involved with starting the session, index and querying are below.

 

loging_check.php

<?php
$email = $_POST['email'];
$password = $_POST['password'];
$email = stripslashes($email);
$password = stripslashes($password);
$email = mysql_real_escape_string($email);
$password = mysql_real_escape_string($password);
$password = sha1($password);
                               
if ($password == '')
{
echo "You left the password field blank. Please try again.";
DIE(include_once('site_bottom.php'));
}
if ($email == '')
{
echo "You left the email field blank. Please try again.";
DIE(include_once('site_bottom.php'));
}

                        
$query  = "SELECT account_id, account_password, account_username FROM accounts WHERE account_email = '$email'";
$result = mysql_query($query);
$num_rows = mysql_num_rows($result);

$row = mysql_fetch_array($result);
$id = $row['account_id'];
$password_1 = $row['account_password'];
$username = $row['account_username'];

if ($num_rows == '0')
{
echo "The email you entered does not exist.";
DIE(include_once('site_bottom.php'));
}

if ($password != $password_1)
{
echo "The password you entered does not match the one stored.";
DIE(include_once('site_bottom.php'));
}

echo "Welcome back $username. Click <a href=\"index.php\">here</a> to continue.";

include_once('query_accounts.php');

?>

 

query_accounts.php

<?php
$_SESSION['id'] = $id;

$query  = "SELECT account_id, account_password, account_mail, account_friends, account_friends_req, account_status, account_comments account_username, account_email, account_activation_code, account_realname, account_ip, account_gender, account_points, account_country, account_dob_year, account_dob_month, account_dob_day, account_activated FROM accounts WHERE account_id = '$id'";
$result = mysql_query($query) or die("Query to get blah failed with error: ".mysql_error());

$row = mysql_fetch_array($result);
$account_id = $row['account_id'];
$password_1 = $row['account_password'];
$username = $row['account_username'];
$email = $row['account_email'];
$activation_code = $row['account_activation_code'];
$realname = $row['account_realname'];
$ip = $row['account_ip'];
$gender = $row['account_gender'];
$points = $row['account_points'];
$country = $row['account_country'];
$dob_year = $row['account_dob_year'];   
$dob_month = $row['account_dob_month']; 
$dob_day = $row['account_dob_day'];
$activated = $row['account_activated'];
$mail = $row['account_mail'];
$friends = $row['account_friends'];
$friends_req = $row['account_friends_req'];
$status = $row['account_status'];
$comments = $row['account_comments'];

?>

 

index.php

<?php 
session_start();
?>
<html>
<head>
<title>layout 2</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<?php
include_once('/styles/images.css');
include_once('/styles/style.css');
include_once('/javascript/check_pass.js');
?>
<?php include_once ('site_top.php'); ?>
<?php
if ($_GET["step"] == 'registration') {include_once('registration.php');}
if (!$_GET["step"]) {include_once('home.php');}
if ($_GET["step"] == 'login_check') {include_once('login_check.php');}
if ($_GET["step"] == 'wars') {include_once('wars.php');}
if ($_GET["step"] == 'wof') {include_once('wof.php');} ?>
<?php include_once ('site_bottom.php'); ?>

 

any help will be much appreciated.

[seventheyejosh]

This looks to be backward:

 

$_SESSION['id'] = $id;

 

Should it not be:

 

$id=$_SESSION['id'];

 

At this part:

 

$_SESSION['id'] = $id;

$query  = "SELECT account_id, account_password, account_mail, account_friends, account_friends_req, account_status, account_comments account_username, account_email, account_activation_code, account_realname, account_ip, account_gender, account_points, account_country, account_dob_year, account_dob_month, account_dob_day, account_activated FROM accounts WHERE account_id = '$id'";

[Pikachu2000]

I don't see anywhere in those scripts where a $_SESSION var is used in a DB query. What makes you think you're having a session problem? Have you added a print_r($_SESSION) to see if the $_SESSION array contains the values you expect it to contain or not?

[supanoob]

This looks to be backward:

 

$_SESSION['id'] = $id;

 

Should it not be:

 

$id=$_SESSION['id'];

 

At this part:

 

$_SESSION['id'] = $id;

$query  = "SELECT account_id, account_password, account_mail, account_friends, account_friends_req, account_status, account_comments account_username, account_email, account_activation_code, account_realname, account_ip, account_gender, account_points, account_country, account_dob_year, account_dob_month, account_dob_day, account_activated FROM accounts WHERE account_id = '$id'";

 

changed that and it made no difference, i have it like that because thats what is setting the session?

 

I don't see anywhere in those scripts where a $_SESSION var is used in a DB query. What makes you think you're having a session problem? Have you added a print_r($_SESSION) to see if the $_SESSION array contains the values you expect it to contain or not?

 

because i want to use the $_SESSION to carry the ID so i can query from the database?

[seventheyejosh]

Set the session here:

 

$id = $row['account_id'];

 

Not at the top of another file. And try doing a print_r(); to make sure your session exists.

[supanoob]

Set the session here:

 

$id = $row['account_id'];

 

Not at the top of another file. And try doing a print_r(); to make sure your session exists.

 

i set the session there, and printed the session, all it says is "Array" nothing else. :S

[Rustywolf]

I dont see a session_start() in your script (query_accounts)

[supanoob]

I dont see a session_start() in your script (query_accounts)

 

Added one and it didnt help, even when i query the session on the login_check.php it still shows as only (Array)

[supanoob]

I don't see anywhere in those scripts where a $_SESSION var is used in a DB query. What makes you think you're having a session problem? Have you added a print_r($_SESSION) to see if the $_SESSION array contains the values you expect it to contain or not?

 

Also yes i have printed $_SESSION and all that comes up is "Array". It would appear the session is being set correctly, i have printed the session on the login check page and that doesnt print an array either.

[supanoob]

noone else any ideas?