Jump to content

Sessions - Get username

XRS

By XRS
in PHP Coding Help

 Share

Recommended Posts

XRS Member

XRS

Posted
Posted

Hello,

 

After searching for some hours I don't get an answer for my question .

 

I have a login index with session_start and register the user information with :

 

 

$_SESSION['user'] = $r['username'];
$_SESSION['loggedin'] = true;

 

In that index file, it echo the right username that's logged in.

 

On the other files, it echo always "root".

 

My other files are combined with

 

- Header.php ( Start of validation of session )

- Page.php ( Validate again )

- Footer.php ( End the validation of footer )

 

All files have a session start and if not logged in redirects to index file to login again.

 

 

The problem, somewhere I have an error that I can't discover..

 

Could you please help me ?

 

Header.php

 

<?php
session_start();
include("connect.php");
include("../inc/config.php");
if( isset($_SESSION['user']) and $_SESSION['loggedin'] == true){
    
?>

MY OWN CODE
  <?php
}
else{
    
Header("Location:index.php");
}

?>

PAGE.PHP

 

 

 

 

<?php
session_start();
if( isset($_SESSION['user']) and $_SESSION['loggedin'] == true){
    
?>
<?php include("header.php"); 
$session = session_decode(session_id());
$result = mysql_query("SELECT * FROM admutilizador WHERE id='$session'") or die(mysql_error());
$row = mysql_fetch_array($result);

?>

MY OWN CODE

<?php include("footer.php"); ?>
<?php

}
else{
    
Header("Location:index.php");
}

 

 

FOOTER.PHP

<?php
session_start();
if( isset($_SESSION['user']) and $_SESSION['loggedin'] == true){
    
?>

MY OWN CODE
<?php
}
else{
    
Header("Location:index.php");
}

 

 

Can someone help me ? thanks in advance.

 

 

P.S.

 

I used a test session var

 

$_SESSION['test'] = "TEST";

and it keeps the records in other pages.

 

Using the $_SESSION['user'] = $r['username'];  ( info from DB that returns the right username in the same page, echoing it in other pages always output root.

 

Hope this test could help anyone too.

Link to comment
https://forums.phpfreaks.com/topic/248230-sessions-get-username/
Share on other sites
Buddski Newbie

Buddski

Posted
Posted

Can you show us the code where the username is set into the session?

If you are including the footer.php and header.php pages on page.php you dont need to call session_start() on each of these pages (it will in fact throw a PHP Notice, and ignore the call)

XRS Member

XRS

Posted
  • Author
Posted

I already noticed that and removed the session_start(); from both header.php and footer.php files.

 

The index code where session is registered is:

 

<?php
if( $username != "" and $pw != ""){
$q="SELECT * from admutilizador where username='$username' and password='$pw'";
$result= mysql_query($q, $connection) or die
("Could not execute query : $q." . mysql_error());


if (mysql_num_rows($result) == 0)
{

echo "<div align=center><b>Invalid login details. Please try again.</b></div>";

}
else
{
$r=mysql_fetch_array($result);
session_start();
$_SESSION['user'] = $r['username'];
$_SESSION['loggedin'] = true;
Header("Location: main.php");
}}?>

 

The files is in a PHP_SELF structure but that's the main code for register the session.

Buddski Newbie

Buddski

Posted
Posted

Im not sure what you mean by index code.

From your edit, it looks like something is overwriting the session variable, does it happen on ALL pages?

Try creating blank page that runs no extra code just has some raw html (include the required files for the session of course)

XRS Member

XRS

Posted
  • Author
Posted

That's the index page ( login page ).

 

Then redirects for other page that welcomes the user ( always output "root" ).

When acess de account information, it doesn't show information because the user (root) doesn't exists.

 

In a simple file only with session_start and output it works well. It tells me the right logged in username.

 

The problem is that I don't have anything else ( that's my PHP code on the pages that opens ) that could change the $_SESSION['user'] var.

 

 

EDIT: After creating a simple php page the system seems now to being output the right info on all pages.

That's weird but well, thanks anyway for your help :D

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

Either your code is setting the value (probably with an if($_SESSION['user'] = 'root'){ (one = sign instead of two)) or register_globals are on and you have a $_POST['user'], $_GET['user'], or $_COOKIE['user'] variable that has the value 'root' in it and register_globals is setting the $_SESSION['root'] variable to that value.

 

What does a phpinfo(); statement show for the register_globals setting and do have any code with an = 'root' in it or a post/get/cookie value like I mentioned?

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.