Session variable not carrying.

[matthew798]

Hey guys, plz tell me why the session var $_SESSION['return_url'] is not carrying from test.php to login.php

 

The two echos in this file work perfectly, so i know the session var is registered...

test.php

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

    <title>SWG:ANH • Bringing PreCU back to life...</title>

    <link rel="shortcut icon" href="favicon.ico" />
    <link rel="stylesheet" type="text/css" media="screen" href="theme/main.css" />

<?php

session_start();
// This section will generate a var containing the current page URL. This will be used to allow the language script to redirect users back to the page they
// were on, in the language they selected. It is registered as a session variuable that will change every time the page changes.
function curPageURL() {
$pageURL = 'http';
if ($_SERVER["HTTPS"] == "on") {$pageURL .= "s";}
$pageURL .= "://";
if ($_SERVER["SERVER_PORT"] != "80") {
  $pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
} else {
  $pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
}
return $pageURL;
}
// Here we register the URL we grabbed earlier in the session var.
$return_url = curPageURL();
$_SESSION['return_url'] = $return_url;

echo $_SESSION['return_url'];
echo $return_url;
include 'lang/enus.php';
include 'menu.php';
?>

 

login.php

<?php
session_start();
echo $_SESSION['return_url'] ;
include 'dbconnect.php';
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$return_url = $_SESSION['return_url'];
echo $return_url;
$result = mysql_query("SELECT COUNT(*) FROM account WHERE Username='$username' and Pass='$password'") or die(mysql_error());
$result = mysql_fetch_row($result); 
$result = $result[0];


if($result == 1){
$_SESSION['username'] = $username;

header("Location:".$return_url);
}
else {
echo "Wrong Username or Password. Use the back button. If you think this message is incorrect, contact the webmaster.";
}
?>

 

I know its not carrying because the echo in login.php is not returning anything and the script cant execute the header function because it has nowhere to go! Ive narrowed it down to the session var not carrying.

[PFMaBiSmAd]

session_start() has go to go on a page before any characters are output to the browser. In your first code you have about 11 lines of html being output before the session start_statement().

 

Are you developing and debugging this code on a system with error_reporting set to E_ALL and display_errors set to ON so that all the php detected errors will be reported and displayed? You will save a ton of time.

 

The two echos in this file work perfectly, so i know the session var is registered...

All that means is that you set a variable and echoed it. That does not mean it is actually a session variable that will carry over between pages.

[matthew798]

hey! yeah i dont know why i didnt turn error reporting on... Anyways, heres the error... A bit too cryptic for me!

 

 

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /Applications/MAMP/htdocs/anhwebfrontend/admin.php:1) in /Applications/MAMP/htdocs/anhwebfrontend/admin.php on line 2

 

Notice: Undefined index: HTTPS in /Applications/MAMP/htdocs/anhwebfrontend/admin.php on line 19

3

 

[PFMaBiSmAd]

output started at /Applications/MAMP/htdocs/anhwebfrontend/admin.php:1 (line 1)

 

It would take seeing what line was is to narrow down the possibilities, but you either have -

 

1) Some characters in your file before the first opening <?php tag that is on line one,

2) Some code on line one that is sending output or is the output,

3) A file that has been saved with the BOM (Byte Order Mark) characters at the start of the file.

[pornophobic]

Just my two cents, but since you're just using the headers for redirection after logging in, why wouldn't you just use $_SERVER['HTTP_REFERER'] for return_url instead of doing all that processing?