Cannot pass username over a session (noob)

[awfullook]

Hello.

 

I am just beginning to teach myself the basics of php. I am learning from books and video tutorials etc. I have come across a problem that I just can't work out, I'm sure it is very simple.

 

Two files, movie1.php and moviesite.php, movie1.php looks like this:

 

<?php
session_start();

$_SESSION['username'] = "Joe12345";
$_SESSION['authuser'] = 1;
?>
<html>
<head>
<title>Find My Movie!</title>
</head>
<body>
<?php
$myfavmovie = urlencode("The Life of Brian");
echo "<a href='moviesite.php?favmovie=$myfavmovie'>";
echo "click here to see information about my favourite movie!";
echo "</a>"
?>
</body>
</html>

 

OK? You see the '$_SESSION['username'] = "Joe12345";', this is my specific problem. This should be echoed into the next page, moviesite.php which you can see below:

 

<?php
session_start();

//check to see if the user has logged in with a valid password
if ($_SESSION['authuser'] != 0)	{
echo "sorry, but you don't have permission to view this page";
exit();
}
?>
<html>
<head>
<title>My Movie Site - <?php echo $_REQUEST['favmovie']; ?></title>
</head>
<body>
<?php
echo "Welcome to our site, ";
echo $_SESSION['username'];
echo "! <br>";
echo "My favourite movie is ";
echo $_REQUEST['favmovie'];
echo "<br>";
$movierate = 5;
echo "My movie rating for this movie is ";
echo $movierate;
?>
</body>
</html>

 

OK? 'echo $_SESSION['username'];' does not echo the username. Everything else seems to be ok.

 

This is an example I have been working on from the book 'Beginning PHP, MySQL and Apache Web Development'.

 

I hope someone can help. The username 'Joe12345' is not carried to the next page. It is just blank.

 

Many Thanks for all and any assistance people can give me.

 

 

[cssfreakie]

PLace this at the top of any script you have and report the error back to us.

<?php
error_reporting(E_ALL);
ini_set("display_errors", 1);

?>

 

If you access the second code you showed directly you should get an error, since $_SESSION['username'] is not yet defined. If you first visit the first page and than the second it should work.

 

_edit: when developing use that little snippet above all your scripts, or alter your php.ini Don't use that in production btw.

[awfullook]

Hi There

 

Thanks for the help. I forgot to mention that I was indeed accessing the second sript via the first one, so the session should have started.

 

I added the code to both scripts, ran movie1.php and followed the link to open moviesite.php and this is the output:

 

Notice: Undefined index: authuser in /home/rory/public_html/web development/MySQL_php/moviesite.php on line 11 Welcome to our site, Notice: Undefined index: username in /home/rory/public_html/web development/MySQL_php/moviesite.php on line 23 !

My favourite movie is The Life of Brian

My movie rating for this movie is 5

 

Undefined index on line 11 and 23?

 

Thanks

[cssfreakie]

That error (undefined index) means That the session variable with the index of username ($_SESSION['username']) is not yet set, so it needs to be set first. Otherwise you'll get the error.

As a working example, make 2 pages with the code below and run it and see how it works.

 

PAGE1.php

<?php
//error reporting
error_reporting(E_ALL);
ini_set("display_errors", 1);
//start session
session_start();

$_SESSION['monkey'] = 'gorilla';

echo '<h3>THIS IS PAGE 1</h3>';


?>

 

PAGE2.php

<?php
//error reporting
error_reporting(E_ALL);
ini_set("display_errors", 1);
//start session
session_start();

echo '<h3>THIS IS PAGE 2</h3>';

if(isset($_SESSION['monkey'])){ // check if $_SESSION['monkey']  is set
    echo $_SESSION['monkey'].'as you can see you went to page1 first and now it works';
}else{
    echo '<p>it seems session monkeys is not yet set<br />
       you are trying to access this page before page 1.</p>';
}



?>

 

p.s. in the process of testing this session stuff notice your browser stores a cookie with the session id (probably starting with PHPSESSID ) IF you remove that cookie and access page 2 the session is again not set.

[awfullook]

Hi there.

 

So I created the two files with the script you sent. page1.php and page2.php.

 

Accessed page1.php, then in the URL swapped over to page2.php....

 

'THIS IS PAGE 2

 

it seems session monkeys is not yet set

you are trying to access this page before page 1.'

 

What is wrong here? I'm not accessing page 2 beofre page 1. I access page 1 first, there is no link between them so in my browser address bar changed 'page1' to read 'page2'... Could this be a set up problem? Permissions?

 

I'm on Ubuntu 11.04, PHP Version 5.3.5-1 ubuntu7.2.

[cssfreakie]

if you do what you just said, it should just work. If not, I doubt your server settings are correct. Too bad I know crap about that Apart from looking in php.ini and see what you have there. You might want to post a thread in the server forum and mention that you can't get sessions to work.

[PFMaBiSmAd]

Browse to page1.php and check in your browser if there is a cookie named PHPSESSID for the domain/localhost you are using to access the page.

[jcbones]

Look in the php.ini and make sure that:

 

; The path for which the cookie is valid.
; http://php.net/session.cookie-path
session.cookie_path = /

; The domain for which the cookie is valid.
; http://php.net/session.cookie-domain
session.cookie_domain =

[awfullook]

There is no PHPSESSID cookie for page1.php....

 

@jcbones - I checked php.ini and those entries were as you have posted...

 

Thanks.

[PFMaBiSmAd]

There is no PHPSESSID cookie for page1.php....

 

You need to determine why the session_start() on page1.php didn't send a session id cookie to your browser.

 

Create a php script file with a phpinfo() statement in it and browse to the file. Post ALL settings from the session section of the output. The first line should be Session Support enabled. The last line will probably be session.use_trans_sid

 

Is there any chance that you have disabled cookies in your browser settings?

[awfullook]

Hi there.

 

I'm pretty sure I haven't disabled cookies. Looking in my cookies, there are entries for sites I have visited in the past few days...

 

php session info:

 

Session Support enabled

Registered save handlers files user

Registered serializer handlers php php_binary wddx

 

Directive Local Value Master Value

session.auto_start Off Off

session.bug_compat_42 Off Off

session.bug_compat_warn Off Off

session.cache_expire 180 180

session.cache_limiter nocache nocache

session.cookie_domain http://localhost/ http://localhost/

session.cookie_httponly Off Off

session.cookie_lifetime 0 0

session.cookie_path / /

session.cookie_secure Off Off

session.entropy_file no value no value

session.entropy_length 0 0

session.gc_divisor 1000 1000

session.gc_maxlifetime 1440 1440

session.gc_probability 1 1

session.hash_bits_per_character 5 5

session.hash_function 0 0

session.name PHPSESSID PHPSESSID

session.referer_check no value no value

session.save_handler files files

session.save_path /tmp /tmp

session.serialize_handler php php

session.use_cookies On On

session.use_only_cookies On On

session.use_trans_sid 0 0

 

Sorry, that looks a bit messy.

 

 

[PFMaBiSmAd]

session.cookie_domain  http://localhost/  http://localhost/

 

^^^ That's not a domain. It is a URL.

 

I recommend that you find where that value is being set at and clear it.

[awfullook]

Hi there, thanks.

 

php.ini has a blank value for session.cookie_domain. This from php.net

 

"session.cookie_domain specifies the domain to set in the session cookie. Default is none at all meaning the host name of the server which generated the cookie according to cookies specification."

 

So, can you give me an example of what should be there? I am running all this from my local computer, which is a LAMP. But you probably guessed that. As far as I know my localhost domain is similar to "www.sub.mydomain.org.com". A subdomain.

 

Thanks

[PFMaBiSmAd]

The php.ini that you are looking at is probably not the one the php is using. The Loaded Configuration File line in the phpinfo() output is the php.ini that php is using.

 

In most cases, an empty session.cookie_domain setting should be used. The session id cookie will automatically be set to and match the host name of the server.

[awfullook]

The loaded config file according to phpinfo() is '/etc/php5/apache2/php.ini' which is indeed the one I am editing.

 

The mystery deepens.

[PFMaBiSmAd]

There's something that is setting both the master and local value to  http://localhost/  http://localhost/

 

Search through that php.ini file for all occurrences of session.cookie_domain

[Pikachu2000]

This may sound like a stupid question, but you have saved the php.ini file and restarted Apache, right?

[awfullook]

Ha!

 

It wasn't a stupid question. It was one the most valid questions asked thus far.

 

After changing the contents of session.cookie_domain.... I saved the php.ini file - but didn't restart Apache.

 

Now I have restarted apache, my original code, and the test code provided by cssfreakie now work as intended.

 

Thank you all, and sorry for noob-based action we have all experienced on this thread.

 

Cheers, marking as solved.