$_SESSION problem

[cheesybiscuits]

Hiya, I'm quite new to php.

My script was working fine till I transferred to a new host. The login system doesn't seem to register the $_SESSION 'userid' variable, so the proper page won't load because it thinks I'm not logged in.

login.php - processes the login information

<?php
session_start();
include('functions.php');
connect();
// note: session_start needs to be on every document apart 
// from index.php, login.php and register.php

$username = protect($_POST['username']);
$password = protect($_POST['password']);
// the password and username from the inputs are stored in variables

if ($username&&$password) {
// if both the username and password variables are true
	$query = mysql_query("SELECT * FROM users WHERE username='$username'");
	$numrow = mysql_num_rows($query); 

	if ($numrow!=0) {
	// if $numrow does not equal nothing
		while ($row = mysql_fetch_assoc($query)) {
			$userid = $row['userid'];
			$dbusername = $row['username'];
			$dbpassword = $row['password'];
		}
		if ($username==$dbusername&&md5($password)==$dbpassword) {
		// $password gets encrypted so it can be checked on the database password
			$_SESSION['username'] = $username;
			$_SESSION['userid'] = $userid;
			// used for sessions knowing who is logged in
			header("Location:main.php");
			// redirects to main.php page after successful login
		} else {
			echo "Incorrect password";
		}
	} else {

?>
<html>
<head>
<title>University Crusade</title>
<link rel="stylesheet" href="css/style.css" type="text/css" media="screen">
<meta name="viewport" content="width=device-width, minimum-scale=1,maximum-scale=1, user-scalable=no">
</head>
<body>
<div id="wrapper">
<?php
		die ("

		That account doesn't exist...<br /><a href=\"index.php\">try again,</a>
		 <a href=\"register.php\">or register an account.</a>
		");
	}
} else {
	die("Please enter a username and password");
}
?>
</div>
<div id="footer">

</div>
</body>
</html>

 

and the main.php - after login.php it takes the user here

<?php 
session_start();
include('functions.php');
connect();
?>
<html>
<head>
<title>University Crusade</title>
<link rel="stylesheet" href="css/new.css" type="text/css" media="screen">
<meta name="viewport" content="width=device-width, minimum-scale=1,maximum-scale=1, user-scalable=no">
</head>
<body>
<?php	
if (isset($_SESSION['userid'])) {
	include('safe.php');
?>
<ul id="tab-nav">
	<li><a href="stats.php" id="tab-character">CHARACTER</a></li>
	<li><a href="games.php" id="tab-games">GAMES</a></li>
	<li><a href="account.php" id="tab-account">ACCOUNT</a></li>
</ul>
<div id="wrapper">
	<h2 id="name">Hello, <?php echo $_SESSION['username'] ?>!</h2>
	<p>
	Welcome to UNIVERSITY CRUSADE the fantasy-themed pervasive web game!
	</p>
	<p>
	To start playing, begin with clicking the "games" button at the top of
	the screen, from there choose a challenge and follow the instructions
	</p>
	<p>
	What are the other buttons for? Well, the "account" button (top-right)
	is where you can change settings for your account - things like changing
	your password, deleting your account etc. The "character" button (top-left)	
	when clicked takes you to your character, you can change your display picture,	
	view your statistics and battle other players.
	</p>
	<p>
	More help with the game is available in the "account" section, this includes
	a detailed game manual describing in-detail game concepts and information.
	</p>
</div>
<div id="footer">
	<a href="logout.php" class="button">log me out</a>
</div>
<?php
} else {
	die ("
		<div id=\"wrapper\">
			<p>Opps! You don't seem to be logged in...</p>
			<a class=\"button\" href=\"index.php\">login now</a><br />
			<p>Don't have an account? No worries, just <a href=\"register.php\">register for one.</a></p>
		</div>
	");
}
?>
</body>
</html>

I appreciate any help, as I'm left scratching my head.

[Drummin]

See if changing this line makes a difference.

if ($username&&$password) {

to

if (isset($username) && isset($password)) {

[cheesybiscuits]

Hiya, Drummin

The login.php executes fine, but when it gets to main.php this line of code fails

if (isset($_SESSION['userid'])) {

[cpd]

Are you sure your even reaching main.php?

[cheesybiscuits]

CPD,

yes, the

header("Location:main.php");

is being executed and is taking the player to that page, its just once there the main.php page doesn't recognise the

$_SESSION['userid']

has been set, so displays the page as if the player isn't already logged in.

[cpd]

I get the feeling it might be something to do with your database and you not actually getting any information.

 

Can you run a few checks to ensure your actually getting the expected results and confirm the userid is being set inside login.php with a die function or something.

[PFMaBiSmAd]

Add the following two lines of code to both pages, putting it immediately after the first opening <?php tag, to see if there are any session related errors -

 

ini_set("display_errors", "1");
error_reporting(-1);

[cheesybiscuits]

PFMaBiSmAd,

Warning: session_start() [function.session-start]: open(/var/php_sessions/sess_658b974c141c9b9d014548ef21e9e429, O_RDWR) failed: No such file or directory (2) in /hermes/web08/b2309/moo.universitycrusadecom/login.php on line 4

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /hermes/web08/b2309/moo.universitycrusadecom/login.php:4) in /hermes/web08/b2309/moo.universitycrusadecom/login.php on line 4

Warning: Cannot modify header information - headers already sent by (output started at /hermes/web08/b2309/moo.universitycrusadecom/login.php:4) in /hermes/web08/b2309/moo.universitycrusadecom/login.php on line 31

Warning: Unknown: open(/var/php_sessions/sess_658b974c141c9b9d014548ef21e9e429, O_RDWR) failed: No such file or directory (2) in Unknown on line 0

Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/php_sessions) in Unknown on line 0

I got these error messages, do you know what they mean?

Thanks

[cheesybiscuits]

CPD,

Just checked the results and yes everything is doing what it is expected before going to main.php

[PFMaBiSmAd]

I got these error messages, do you know what they mean?

 

Yes, I do. Did you read them, they tell you what the problem is -

 

Failed to write session data (files). Please verify that the current setting of session.save_path is correct

 

The folder that the session.save_path setting points to does not exist. You either need to create the folder (assuming that the session.save_path setting is correct and appropriate) or you need to correctly set the session.save_path setting so that points to a correct and appropriate folder for your hosting account (may require you to create a folder within your account's folder tree.)

[cheesybiscuits]

Thanks PFMaBiSmAd, it was the session.save_path on my host. All sorted now and works fine