Jump to content

session not working


jeds

Recommended Posts

Hi,

I have six files all in the same directory. The first file contains a function.
file1.php, in its entirety:
[code]<?php       
if ($uac == 'tony') {
$dom = "jedsweb";
$new = "more";
$new_2 = "yes";
} elseif ($uac == 'bob'){
$dom = "cvag";
$new = "less";
$new_2 = "no";
} else
echo "<!DOCTYPE HTML PUBLIC '-//IETF//DTD HTML 2.0//EN'><HTML><HEAD><TITLE>403 Forbidden</TITLE></HEAD><BODY><H1>Forbidden</H1>\nYou don't have permission to access this file.</BODY></HTML>";
?>
[/code]

All the other pages are html, and include the file with the function, except the login and logout files
([code]<?php include("file1.php"); ?>[/code])

login file contains:
[code]<FORM ACTION="file2.php" METHOD="POST">

Authorization Code: <INPUT TYPE="PASSWORD" NAME="uac" /><BR />

<INPUT TYPE="submit" />
</FORM>[/code]

This works as I can echo the 3 variables on file2.php, but I need to use sessions to access the variables on the other files (and file2.php when going back to it)

I have googled and browsed, including this board and still it does not work. Here is where I am at:

At the very top of the login page:
[code]<?php
$_SESSION['uac'] = $uac;
?>[/code]

On the top of the other files, except logout:
[code]<?php
session_start();
echo $_SESSION['uac'];
?>[/code]

And on the logout file:
[code]<?php
header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past
session_destroy('uac');
session_write_close('uac');
?> [/code]

As a matter of disclosure, the logout code is not tested, I'm still trying to get the session to work.
Right now, the 2nd page past logging in gives my error message in file1.php, meaning that the visitor is no longer passing the test.

Thanks in advance

Steve
Link to comment
Share on other sites

Ok, the login page submits to file2.php...

what's this for, on login page!

<?php
$_SESSION['uac'] = $uac;
?>

You can't use a session variable [b]$_SESSION[/b], if you have not started a session! So session_start(); must be on the login page if your including the above session variable. But what is that variable [b]$_SESSION['uac'][/b] for? It serves no purpose.

I don't see [b]file2.php[/b], so I can't tell what your doing there, but you need to take the $_POST variable [b]$_POST['uac'][/b] being sent by the login form to file2.php, and assign it's value to the session variable [b]$_SESSION['uac'][/b] on the file2.php page.

Then I don't see what [b]file1.php[/b] is doing, because your not stopping the script process, so it doesn't matter if you have a valid user or not!

You have to understand, you assign a session so that you use it to validate requests throughout your service. But your not doing that, so it's telling me your not understanding what sessions really does. Don't worry, that's not bad thing, it can become bad if you don't fix the problems.

So let me help you, zip up your (6) files, post on the forum, I will go through each script fixing the problems and write all kinds of comments so you can learn from them. That's the best help I can give you. If you want it, do like I said...

me!
Link to comment
Share on other sites

printf,

The code came from http://www.phpfreaks.com/forums/index.php/topic,103383.0.html
Reply #4

Here's the files. I was outa town for a while then my post was going 500. Hope its up now.

Steve

Well, preview is not working, just comes back to here (better than 500 server error)
So here goes...

[attachment deleted by admin]
Link to comment
Share on other sites

For anyone searching: check out
http://www.tutorialized.com/tutorial/Learning-session-with-examples/13443

the only thing I didn't get from the above url is logout, use:
[code]<?php
session_start();
session_unset(uac);
session_destroy();
?>[/code]
Link to comment
Share on other sites

[quote author=jeds link=topic=110652.msg449594#msg449594 date=1160443402]
For anyone searching: check out
http://www.tutorialized.com/tutorial/Learning-session-with-examples/13443

the only thing I didn't get from the above url is logout, use:
[code]<?php
session_start();
session_unset(uac);
session_destroy();
?>[/code]
[/quote]

If you want to kill a PHP session the you need to clear the session array before call session_destroy(); and don't call session_write_close (); after calling session_destroy ();

[code]session_start ();
$_SESSION = array ();
session_destroy ();[/code]


me!
Link to comment
Share on other sites

OK, your code works, as does mine. At least, clicking on the logout link keeps the visitor out unless they login again, so which is better?

Your logout code
[code]<?php
session_start ();
$_SESSION = array ();
session_destroy ();
?>[/code]

my code
[code]<?php
session_start();
session_unset(permission);
session_unset(uac);
session_destroy();
?>[/code]
(works with code from http://www.tutorialized.com/tutorial/Learning-session-with-examples/13443 )
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.