freedominator Posted November 28, 2013 Share Posted November 28, 2013 it seems that sessions work when i set them for an instant, and then they are destroyed here is my phpinfo page, can anyone see the problem?i dont have access to the phpini file can u check my cookie settings and tell me if i can use those instead?http://cksgrill.net/phpinfo.php here is the top part of the code which is the relevent part <!DOCTYPE html> <script src="/javascript/header.js"></script> <? session_start(); ob_start(); session_set_cookie_params(3000); ini_set('session.gc_maxlifetime', 6 * 60 * 60); $session_expiration = time() + 3600 * 24 * 2; if((($_POST['name'])and($_POST['password']))or(($_POST['name']!="")and($_POST['password']!=""))) { $_SESSION['name']=$_POST['name']; $_SESSION['password']=$_POST['password']; echo $_SESSION['name']; echo $_POST['name']; echo $_SESSION['password']; echo $_POST['password']; } // redifine variables for different server require_once "mysqlconfig.php"; require_once "textprep.php"; // connect to database global $connection; $connection = mysql_connect(DB_SERVER,DB_USER,DB_PASS); if (!$connection) { die("Database connection failed: " . mysql_error()); } // select database $db_select = mysql_select_db(DB_NAME,$connection); if (!$db_select) { die("Database selection failed: " . mysql_error()); } //check if logged in $result = mysql_query("SELECT * FROM admin"); if (!$result) { die("Database query failed: " . mysql_error()); } // get table names as mysql feedback $i=0; while ($row = mysql_fetch_array($result)) { $name[$i]=$row['name']; $password[$i]=$row['password']; $rank[$i]=$row['rank']; //echo "\$name[$i]=".$row['name']; //echo "\$password[$i]=".$row['password']; //echo "\$rank[$i]=".$row['rank']; $i++; } //check if logged in $log=false; for($j=0;$j<$i;$j++) { //echo "<p>(".$name[$j]."==".$_SESSION['name'].")and(".$password[$j]."==".$_SESSION['password'].")</p>"; if(($name[$j]==$_SESSION['name'])and($password[$j]==$_SESSION['password'])) { $log=true; echo logged." ".$log; } } if($log==true) { Quote Link to comment Share on other sites More sharing options...
xProteuSx Posted November 28, 2013 Share Posted November 28, 2013 I'm kind of going to take a shot in the dark here, because I have to go right away, but I came up against this issue when I first started with sessions: If you want to use session variables on ANY PAGE, you have to use session_start(); on that page. So, you probably have a single page where all of these variables are created and set, but if you want to use those variables on another page, you have to simply include the session_start(); code at the top of that page. This will make all session variables available to any of the code on that page. Hoping that solves your problem. Cheers. Quote Link to comment Share on other sites More sharing options...
freedominator Posted November 28, 2013 Author Share Posted November 28, 2013 I'm kind of going to take a shot in the dark here, because I have to go right away, but I came up against this issue when I first started with sessions: If you want to use session variables on ANY PAGE, you have to use session_start(); on that page. So, you probably have a single page where all of these variables are created and set, but if you want to use those variables on another page, you have to simply include the session_start(); code at the top of that page. This will make all session variables available to any of the code on that page. Hoping that solves your problem. Cheers. th the same page is being used to test if the session is still active Quote Link to comment Share on other sites More sharing options...
objnoob Posted November 28, 2013 Share Posted November 28, 2013 You should be establishing session settings before starting the session. Also, how do you know the session is being destroyed? Quote Link to comment Share on other sites More sharing options...
freedominator Posted November 28, 2013 Author Share Posted November 28, 2013 You should be establishing session settings before starting the session. Also, how do you know the session is being destroyed? the same page is used to log in and check if the user is logged in if the user is logged in, $log is true and the administration page loads if the use is not logged in, he is prompted to log in when testing this, i can log in and use the administration page but if i try to refresh the administration page, the session is gone and i am prompted to log in again Quote Link to comment Share on other sites More sharing options...
objnoob Posted November 28, 2013 Share Posted November 28, 2013 Doesn't mean the session is destroyed. You have sloppy logic in your code. You're storing a password in the session? Why? You're not even starting a session. You can't start one after you've sent output to the browser when using cookie. <!DOCTYPE html> <!-- IS OUTPUT BEFORE SESSION START --> <script src="/javascript/header.js"></script> <!-- IS OUTPUT BEFORE SESSION START --> <? session_start(); Quote Link to comment Share on other sites More sharing options...
freedominator Posted November 28, 2013 Author Share Posted November 28, 2013 thats not true nevermind ill ask somewhere else Quote Link to comment Share on other sites More sharing options...
freedominator Posted November 28, 2013 Author Share Posted November 28, 2013 im 99.99% sure the problem is with php.ini or my host, i just need ur help to know what to ask him to change. please check my php.ini http://cksgrill.net/phpinfo.php Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted November 28, 2013 Share Posted November 28, 2013 thats not true nevermind ill ask somewhere else No objnoob is right. The session_start() function cannot be called after any type of output. This is because this functions sets multiple HTTP headers for the session to work. All you need to do is start the session on line one of your script, so it is called before output. Quote Link to comment Share on other sites More sharing options...
jcbones Posted November 28, 2013 Share Posted November 28, 2013 thats not true nevermind ill ask somewhere else That is funny right there. I don't know what is wrong, but I know it isn't what you are telling me... ? LOL. Depending on your version of PHP, session will return a true/false when called. That can always be checked to see if it failed or not. Quote Link to comment Share on other sites More sharing options...
freedominator Posted November 29, 2013 Author Share Posted November 29, 2013 k i tried putting the shit at the top and the session is still destroyed after 1 page load i told u it would make no difference idk y u insist on something that is false <? session_start(); ob_start(); //session_set_cookie_params(3000); ini_set('session.gc_maxlifetime', 6 * 60 * 60); echo "<!DOCTYPE html>"; echo "<script src=\"/javascript/header.js\"></script>"; $session_expiration = time() + 3600 * 24 * 2; Quote Link to comment Share on other sites More sharing options...
MDCode Posted November 29, 2013 Share Posted November 29, 2013 What a great way to get help on a free help forum. I'd like to refer you to http://us1.php.net/session_start specifically this line: Note: To use cookie-based sessions, session_start() must be called before outputing anything to the browser. Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted November 29, 2013 Share Posted November 29, 2013 When you say the session has died what do you mean by this? What is you method for checking the state of the session? Also it is more efficient to compare the users username/password in the mysql query, rather than getting all the results and comparing the username/password with PHP. $username = mysql_real_escape_string($_POST['username']); // sanitize the username before using it in queries $password = $_POST['password']; // should really be encrypting the users password (such as md5, sha1 etc) //check if logged in // only get records where the username and password match $result = mysql_query("SELECT * FROM admin WHERE username='$username' AND password='$password'"); if (!$result) { die("Database query failed: " . mysql_error()); } // check the query returned any results elseif(mysql_num_rows($result)) { // get the result $row = mysql_fetch_assoc($result); // save users data to session here $_SESSION['username'] = $row['username']; $_SESSION['rank'] = $row['rank']; $log = true; } Quote Link to comment Share on other sites More sharing options...
MargateSteve Posted November 29, 2013 Share Posted November 29, 2013 k i tried putting the shit at the top and the session is still destroyed after 1 page loadi told u it would make no differenceidk y u insist on something that is false With responses like this to someone giving genuine and correct advice, don't expect further help to come flooding in. However, as a fellow novice who had similar issues when first using sessions I will make a few suggestions. 1. Do not use short opening php tags. Always use <?php. 2. Are you 100% certain there is no output before session_start()? This includes whitespace and physical line breaks. All of my session pages start <?php session_start(); on the very first line with no space before the tag. 3. Google the problem first. Issues with session_start() have been ask hundreds of times over various forums. 4. Don't dismiss suggestions before you try them. 99% of the time the guys on here are spot on. If they suggest something that does not work, the chances are that it is the way you have implemented it. I know that was the case with me a few times. 5. You get out what you put in. If you ask a question clearly, in full words not text speak, give clear examples of what is wrong and speak to people with a bit more respect when they are trying to help, then you will get the solution. Quote Link to comment Share on other sites More sharing options...
jcbones Posted November 30, 2013 Share Posted November 30, 2013 <?php session_set_cookie_params(3000); //according to the manual: /* * Set cookie parameters defined in the php.ini file. * The effect of this function only lasts for the duration of the script. * Thus, you need to call session_set_cookie_params() for every request and BEFORE session_start() is called. */ if(session_start()) { echo 'Session has started with these params:<pre>' . print_r($_SESSION,true) . '</pre>';//if you see this on the page, then the session has not been destroyed. } //ob_start(); //this is almost never NEEDED, but is instead a bandaid. //ini_set('session.gc_maxlifetime', 6 * 60 * 60); //you have already set the lifetime of the cookie by session_set_cookie_params() $session_expiration = time() + 3600 * 24 * 2; //you are not even using this variable anywhere in the posted script (which isn't complete). Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.