Jump to content

Archived

This topic is now archived and is closed to further replies.

thumbliner

Session Variable

Recommended Posts

Need help declaring some session variable guys.

 

I have a login form where the member enters his

1. Pilot Callsign

2. Password

 

I want to declare that Pilot Callsign as the session variable on authentication.

 

Using that Pilot Callsign session variable, I will fetch data from the database relevant to his profile.

 

I already have the whole login page coded along with the restricted access pages (not coded by me).

 

Check this out

 

1. Page is coded like this and working PERFECTLY

---

 

<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['pilot_callsign'])) {
  $loginUsername=$_POST['pilot_callsign'];
  $password=$_POST['password'];
  
  mysql_select_db($database_brn_system, $brn_system);
  	
  $LoginRS__query=sprintf("SELECT pilot_callsign, password, staff_level, firstname FROM pilots WHERE activated = 1 AND pilot_callsign=%s AND password=%s",
  GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $brn_system) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
    
    $loginStrGroup  = mysql_result($LoginRS,0,'staff_level');
    
if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	     
?>

 

---

 

2. As you can see, there already is a session variable declared for Pilot Callsign

But on the next page "Restricted Access Page", when I try to call this same Session Variable, it doesn't work.

 

I tried doing this

<?php echo $_SESSION['MM_Username'] ?>

 

Moreover, I even tried to fetch data from the table like this -

 

SELECT * FROM pilots WHERE pilot_callsign=$_SESSION['MM_Username']

 

Doesn't work  :-\

Share this post


Link to post
Share on other sites

you need to tell it to start up the session on every page (no "if").

<?php
session_start();

this does not clear the session and start a new one. it just tells PHP that you are using session management.

Share this post


Link to post
Share on other sites

1. you did not end your if conditinal with a }.

 

2. doing SELECT * FROM pilots WHERE pilot_callsign=$_SESSION['MM_Username'] is very unlikely to work since it uses two '' inside it and you need to have pilot_callsign=' ' if you have another two in there it will mess up the code.

 

3. i noticed that you check for login just by checking if a session has started. you can just check for a a session you also need to check if there is a username like this $_SESSION['username'].

 

hope that helped.

Share this post


Link to post
Share on other sites

Thanks for the responses but it still doesn't solve anything.

 

Here are both the files.

 

[attachment deleted by admin]

Share this post


Link to post
Share on other sites

session_start MUST be declared before anything else.  At the top of every page that you will be using or editing session data, you must start the session up before anything else.

 

OK, you don't HAVE to, but it's best practice, because if you even echo out a null character before starting the session up, it will error out. Still going through the code. Get back to you as soon as I can with any findings I may have.

Share this post


Link to post
Share on other sites

Have you successfully used session variables at all on the server? I suspect that either sessions don't work at all or that you have a header/session_start error on the second page.

 

You might also be redirecting between urls that have and don't have www. on them and the session id cookie doesn't match the url of the second page and isn't being sent to the server so that the session doesn't exist on that page.

 

Are you developing and debugging your code on a system with error_reporting set to E_ALL and display_errors set to ON so that all the php detected errors will be reported and displayed? The three possibilities I just mentioned would result in php errors that would help determine why your code is not working (assuming that output_buffering is not turned on as well so that the error messages won't show when you do a redirect.)

 

 

 

 

Share this post


Link to post
Share on other sites

Guys, I am not an expert like you but I can assure that there is no problem with that code. Dreamweaver coded it.

 

And its very basic stuff. First is a login form and the second is a page restricted for Admin users. Everything is working fine. Like

1. I have to login to use that page

2. Users other than Admin level can't access the page

3. The page data is shown perfectly on successful login.

 

Everything is fine. Problem is with asking the server to ECHO the already declared session variable. Thats all.

 

I have already attached the files in the previous post. Just see if you can declare the session variable on admin_lounge.php page. If it works, my problem is solved.

Share this post


Link to post
Share on other sites

You didn't show us the whole code for the page where you tried to "ECHO the already declared session variable".

Share this post


Link to post
Share on other sites

Problem Solved!!

I have cracked it. No better feeling than this.

 

There was a VERY small error which was failing everything.

 

In the login form, I had set the id=pilot_callsign2 where it should have been id=callsign

 

My bad. But what I don't understand is, how come I was able to login all this while?

Share this post


Link to post
Share on other sites

id's in html are only used in the browser and have nothing to do with php.

Share this post


Link to post
Share on other sites

I want to go to the database and fetch the firstname of the pilot who is logging in.

 

This is what I could come up with but where to put it?

 

$salman = $_SESSION['MM_Username'];

mysql_select_db($database_brn_system, $brn_system);
$query_rsPilot = "SELECT pilots.firstname, FROM pilots WHERE pilots.pilot_callsign = '$salman'";
$rsPilot = mysql_query($query_rsPilot, $brn_system) or die(mysql_error());
$row_rsPilot = mysql_fetch_assoc($rsPilot);

session_register('firstname');

$_SESSION['firstname'] = $row_rspilot['firstname'];

 

NOTE: When I am echoing $_SESSION['MM_Username'] on the admin_lounge.php page, its working. But when I echo $_SESSION['firstname'], its not working.

 

Check the files also.

 

[attachment deleted by admin]

Share this post


Link to post
Share on other sites

You already have a query in your login code that gets the firstname from the database when there is a successful login. Use that information instead of executing an additional query.

 

Also, session_register() was depreciated 9 years ago, finally throws a depreciated error message in php5.3, and is scheduled to be completely removed in the next major php version release. You are already setting and referencing $_SESSION variables in your code (the proper way to set and reference session variables), how did you come up with code that uses session_register?

Share this post


Link to post
Share on other sites

Yes, but it wasn't working in the first place. I tried this

 

$firstname = mysql_result('firstname');
$_SESSION['firstname'] = $firstname;

 

And on the other page

echo $_SESSION['firstname'];

 

Nothing returned.

 

I have 1000s of lines of PHP code saved in a file. I just pick up chunks from here and there and design my own system.  :P

Not the right way of doing it, I know, but thats all I am capable of.

 

 

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.