Jump to content

Question Regarding Session_Start()?

scm22ri

By scm22ri
in PHP Coding Help

 Share

Recommended Posts

scm22ri Member

scm22ri

Posted
Posted

Hi,

 

I'm trying to figure out why my website isn't displaying a registered user. When I visit a specific page on my website, the page is displaying a message that I'm not logged in but when I visit other pages of my website I'm clearly logged in. My question is, how would I fix this?

 

Right below is the syntax of the php page that's giving me a problem. Below this syntax is syntax of a page a visitor is most likely coming from to visit the "get-inventory.php" page. The "get-inventory.php" I believe is the problem page.

 

get-inventory.php page

<?php
session_start();
echo 'BEFORE-------------------------------------START><BR>';
print_r($_SESSION);
echo 'BEFORE-------------------------------------END><BR>';
// include "connect_to_mysql.php";
echo 'AFTER-------------------------------------START><BR>';
print_r($_SESSION);
echo 'AFTER-------------------------------------END><BR>';
include "connect_to_mysql.php";
// $url = $_SERVER['REQUEST_URI'];
// $_SESSION['pageurls'] = "$url";

$user = $_SESSION['id'];

$car_id = $_GET["car_id"];

include 'header.php';

if ($user !=0){

// notes to myself
// include 'header.php'; if I leave out the header.php within the if statement the header does not appear which means I'm def. not logged in.
// But my question is why aren't I logged in if I already signed in earlier?

// header('Location: http://mywebsite.com/class-work/sign3/valchecklogin.php'); //just redirect the user to thelogin page
// header('Location: http://mywebsite.com/loginURL.php?url='.$url.'');
echo "$car_id".'<br>';
echo "$user".'<br>';
echo "Your logged in";
// exit();
}else{
echo "$car_id".'<br>';
echo 'Your not logged in'.'<br>';
echo 'click on "Reg" or "Login" and you\'ll see I\'m logged in.'.'<br>';
// exit();
}

include 'footer.php';

?>

 

>>>>>

 

inventory.php page syntax (from this page most visitors will be visiting the above "get-inventory.php" page). I'm not sure if this page is causing the problem but I figured I would add it in here.

 

<?php
// session_start();
// $url = $_SERVER['REQUEST_URI']; //Getting Page url and storing in $url variable.
// $_SESSION['pageurls']= "$url"; //Now storing that $url variable in SESSION.
// $loggedinuser = $_SESSION['id'];
include"connect_to_mysql.php";

$state = $_GET["state"];
$city = $_GET["city"];
$year = $_GET["year"];
$make = $_GET["make"];
$model = $_GET["model"];

// for making "pretty" URLS
$state = str_replace (' ','_', $state);
$city = str_replace (' ','_', $city);
$model = str_replace (' ','_', $model);

/* $state = str_replace (' ', '', $state);
$city = str_replace (' ', '', $city);
$make = str_replace (' ', '', $make);
$model = str_replace (' ', '', $model); */

/* $state = str_replace (' ', '_', $state );
$city = str_replace (' ', '_', $city );
$year = str_replace (' ', '_', $year );
$make = str_replace (' ', '_', $make );
$model = str_replace (' ', '_', $model ); */

/* $state = str_replace (' ', '_', $state);
$city = str_replace (' ', '_', $city);
$model = str_replace (' ', '_', $model); */

//////////////// Below is the function
function capit($element)
{
$element = strtolower($element);
return ucwords($element);
}
//////////////// Above is the function

$state = capit($state);
$city = capit($city);

$year = capit($year);
$make = capit($make);
$model = capit($model);

?>

<!DOCTYPE html>
<html>
<head>
<title><?=$year?> <?=$make?> <?=$model?> <?=$city?> <?=$state?></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="description" content="<?=$city?> <?=$state?> <?=$year?> <?=$make?> <?=$model?> " />
<meta name="keywords" content="<?=$city?>,<?=$state?>,<?=$year?>,<?=$make?>,<?=$model?> " />

</head>

<body bgcolor="#FFFFFF" text="#000000">

<?php
include 'header.php';

$sql = mysql_query ("SELECT d.id AS car_id, d.year, d.make, d.model, p.value AS price, p.exterior_color, p.interior_color, p.engine, p.mileage, p.transmission, p.gas_type, p.state, p.city
FROM tbl_car_description d, tbl_car_prices p
WHERE (d.id = p.cardescription_id)
AND (p.state = '".$state."')
AND (p.city = '".$city."')
AND (d.year = '".$year."')
AND (d.make = '".$make."')
AND (d.model = '".$model."')");

while($row = mysql_fetch_array($sql)){

$car_id = $row["car_id"];
$year = $row["year"];
$make = $row["make"];
$model = $row["model"];
$price= $row["price"];
$exteriorcolor = $row["exterior_color"];
$interiorcolor = $row["interior_color"];
$engine = $row["engine"];
$mileage = $row["mileage"];
$transmission = $row["transmission"];
$gastype = $row["gas_type"];
$state = $row["state"];
$city = $row["city"];

echo "$car_id".'<br>';
echo "$year".'<br>';
echo "$make".'<br>';
echo "$model".'<br>';
echo "$price".'<br>';

echo "$exteriorcolor".'<br>';
echo "$interiorcolor".'<br>';
echo "$engine".'<br>';
echo "$mileage".'<br>';
echo "$transmission".'<br>';

echo "$gastype".'<br>';
echo "$state".'<br>';
echo "$city".'<br>';

echo "<a href ='http://www.mywebsite.com/get-car3.php?car_id=$car_id'>Sell this car!</a>".'<br>';


}
echo "The below URL link is hardcoded".'<br>';
echo "<a href ='http://www.mywebsite.com/get-car3.php?car_id=6'>-Sell this car!</a>".'<br>';
?>

<?php
include 'footer.php'
?>

Link to comment
Share on other sites
Muddy_Funster Regular Member

Muddy_Funster

Posted
Posted

why have you commented out the lines at the top of the invintory page - including the session_start()?

You should check if the $_SESSION['id'] is actualy set rather than checking if the $user != 0 by using 

if(!isset($_SESSION['id'])){
echo "You're not logged in";
}

 

I have never worked with sessions, but you should upgrade your code to mysqli instead of mysql.

Why? What help do you see that will that be to the current problem?

Aslo, as a general rule of thumb - You shoudn't give instruction without validating your statement.

Link to comment
Share on other sites
scm22ri Member

scm22ri

Posted
  • Author
Posted (edited)

Hi Everyone,

 

Thanks for the help.

 

Muddy_Foster,

 

why have you commented out the lines at the top of the invintory page - including the session_start()?

 

The reason why the session is commented out is because I didn't want to create duplicate pages. It's my understand every time a session is created it creates a unique ID onto that page and the major search engines don't like that. I've also tried this code with the session_start(); on for the inventory page and it still does not work. Perhaps maybe it's this page that's causing the problem? or am I totally wrong when I say that?

 

You should check if the $_SESSION['id'] is actualy set rather than checking if the $user != 0 by using

 

I did just that and it does not seem to be working. I'm testing a few things and changing the syntax around a bit on my get-inventoryphp page. What do you think I'm doing wrong here? Thanks everyone.

 

Below is my syntax for get-inventory.php

 

<?php
session_start();
echo 'BEFORE-------------------------------------START><BR>';
print_r($_SESSION);
echo 'BEFORE-------------------------------------END><BR>';
include "connect_to_mysql.php";
echo 'AFTER-------------------------------------START><BR>';
print_r($_SESSION);
echo 'AFTER-------------------------------------END><BR>';

$_SESSION["pageurls"] = "$url";
$url = $_SERVER["REQUEST_URI"];
$loggedinuser = $_SESSION['id'];
$username = $_SESSION["username"];
$carnumber = $_GET["carnumber"];

echo '<!DOCTYPE html>
<html>
<head>
<title>Title goes here</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="description" content="description goes here" />
<meta name="keywords" content="keywords go here" />';

include 'header.php';

##################################
## what actually is the $loggedinuser value ##
##################################
echo '<BR> '.'>>>>>>>>>'.$loggedinuser.'<<<<<<<<<'.' <BR>';
##################################
##							 ##
##################################

if(isset($_SESSION['id'])) //checking if user is logged in?
{

	 echo "$loggedinuser".'<br>';
	 echo "$carnumber".'<br>';
	 echo "Your logged in!";
}
else if (!isset($_SESSION['id']))
{//Not logged in


echo "User is not logged in show loggin page link <a href=\"loginURL.php?url=$url\">Please login!</a><br>";


}

?>

<?php
include 'footer.php';
?>

Edited by scm22ri
Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted (edited)

You are (apparently) redirecting/linking to different variations of your domain name, both with and without the www. on them, and you are also redirecting/linking to different paths after your domain name. Unless your session id cookie is setup to match those variations/paths, the session id cookie will only match the exact domain-variation/path where it was set at.

 

What does a phpinfo statement show for the session.cookie_domain and session.cookie_path settings?

 

To match all variations of your domain name (with and without the www. on them), the session.cookie_domain setting must be .yourdomain.com (with the leading dot and of course using your actual domain name.) The session.cookie_path setting should be a / to match all paths after your domain name.

 

BTW - you only need a session_start statement on a page that sets or references a $_SESSION variable (the second piece of code you posted at the start of this thread doesn't seem to use any session variables, so I'm not sure why you even posted it), and if you happen to be passing the session id in the URL, which you are probably not, then you have bigger concerns then to worry about how search engines see you site.

Edited by PFMaBiSmAd
Link to comment
Share on other sites
scm22ri Member

scm22ri

Posted
  • Author
Posted

You are (apparently) redirecting/linking to different variations of your domain name, both with and without the www. on them, and you are also redirecting/linking to different paths after your domain name. Unless your session id cookie is setup to match those variations/paths, the session id cookie will only match the exact domain-variation/path where it was set at.

 

Hi PFMaBiSmAd,

 

Thanks for the reply and help. I changed every URL link path to my domain. Some pages I had www, http://, .mydomain.com, / etc ...

 

I changed everything to / and my problem seems to have fixed itself, which I'm happy about. Thanks.

 

What does a phpinfo() statement show for the session.cookie_domain and session.cookie_path settings?

 

This is a little concerning because my phpinfo.php page is still saying

 

session.cookie_domain Local Value > No Value | Master Value > No Value

 

session.cookie_path Local Value > / | Master Value > /

 

It's currently working but the cookie_domain and cookie_path aren't set correctly. Perhaps I'm still doing something wrong? I'm not sure what to make of this. Maybe my mydomain.phpinfo.php page didn't update itself? (although it's been 3-4hrs approx.)

 

Thanks again

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.