JadWS Posted February 18, 2015 Share Posted February 18, 2015 Hey there guys . First let me thank you for your previous helps. Second let me apologize for this post from what it could contain from annoying spam of code. As you may know im still working on login / register system. Well i was working on it any way .... But after that i ran into some problems. Problem : the sessions are not saved and the user is never logged in. While testing my code . The user after logging in successfully it redirect him to member.php page where it should show him the username and all that. Yet it doesn't. You may know this problem from my previous post : http://forums.phpfreaks.com/topic/294511-not-saving-session-data-after-log-in/. The only different between both codes IS that in the previous post i was testing it on localhost . Now im testing it on a real website : http://homeserver.webuda.com/ (its still empty ....) Again the same problem... Codes : index.php : <?php session_start(); $userid = $_SESSION['userid']; $username = $_SESSION['username']; if ($username && $userid) { echo "Welcome <b>$username</b>, <a href='./logout.php'>Logout</a>"; } else { echo "Please login to access this page. <a href='./login.php'>Login here</a>"; } ?> Login.php : <?php session_start(); $form='<form action="login.php" method="POST"> <table> <tr> <td>Username :</td> <td><input type="text" name="user"></td> </tr> <tr> <td>Password :</td> <td><input type="password" name="pass"></td> </tr> <tr> <td></td> </tr> <tr> <td></td> </tr> <tr> <td></td> </tr> <tr> <td></td> </tr> <tr> <td><input type="submit" name="loginbtn" value="Log in"></td> </tr> </table> </form>'; $user = $_POST['user']; $pass = $_POST['pass']; if ($_POST['loginbtn']) { if ($user) { if ($pass) { require 'connect.php'; $query = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM users WHERE username = '$user' "); $row = mysqli_fetch_assoc($query); $passwordFromPost = $_POST['pass']; $hashedPasswordFromDB = $row['password']; if ($passwordFromPost === $hashedPasswordFromDB) { $query = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM users WHERE username = '$user' "); $numrows = mysqli_num_rows($query); if ($numrows == 1) { $query = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM users WHERE username = '$user' "); $row = mysqli_fetch_assoc($query); $dbactive = $row['active']; $dbuser = $row['username']; if ($dbactive == 1) { $_SESSION['userid'] = $dbid; $_SESSION['username'] = $dbuser; echo "You have been logged in as <b>$dbuser</b> <a href='./index.php'>Click here</a> to go back to home page"; } else { echo '<font color="red">You must activate your account to log in.</font>'; echo $form; } } else { echo '<font color="red">You entered an invalid username or password.</font>'; echo $form; } } else { echo '<font color="red">You entered an invalid username or password.</font>'; echo $form; } ((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res); } else { echo '<font color="red">You must enter your password.</font>'; echo $form; } } else { echo '<font color="red">You must enter your username.</font>'; echo $form; } }else{ echo $form; } ?> The user is logged in successfully ... and all that yet in index nothing happen. Hope you can help me now . Thanks for reading. Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted February 18, 2015 Share Posted February 18, 2015 when debugging code, you need to have php's error_reporting set to E_ALL (or even better, a -1 ) and display_errors set to ON to get php to help you. if your code is running at all, you can put these settings into your main file(s), immediately after the first opening <?php tag. ini_set("display_errors", "1"); error_reporting(-1); Quote Link to comment Share on other sites More sharing options...
JadWS Posted February 18, 2015 Author Share Posted February 18, 2015 hey there. I did as you said and i got the following errors : Notice: Undefined index: userid in /home/a1095229/public_html/index.php on line 9 Notice: Undefined index: username in /home/a1095229/public_html/index.php on line 10 i though these are kind of normal problems ? Quote Link to comment Share on other sites More sharing options...
JadWS Posted February 18, 2015 Author Share Posted February 18, 2015 well look i tried to put the code as following : still not working ... index.php : <?php session_start(); $userid = $_SESSION['userid']; $username = $_SESSION['username']; if ( isset ($userid) && isset ($username) ) { echo "Welcome <b>$username</b>, <a href='./logout.php'>Logout</a>"; } else { echo "Please login to access this page. <a href='./login.php'>Login here</a>"; } ?> login.php : <?php session_start(); $form='<form action="login.php" method="POST"> <table> <tr> <td>Username :</td> <td><input type="text" name="user"></td> </tr> <tr> <td>Password :</td> <td><input type="password" name="pass"></td> </tr> <tr> <td></td> </tr> <tr> <td></td> </tr> <tr> <td></td> </tr> <tr> <td></td> </tr> <tr> <td><input type="submit" name="loginbtn" value="Log in"></td> </tr> </table> </form>'; $user = $_POST['user']; $pass = $_POST['pass']; if (isset($_POST['loginbtn'])) { if (isset($_POST['user'])) { if (isset($_POST['pass'])) { require 'connect.php'; $query = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM users WHERE username = '$user' "); $row = mysqli_fetch_assoc($query); $passwordFromPost = $_POST['pass']; $hashedPasswordFromDB = $row['password']; if ($passwordFromPost === $hashedPasswordFromDB) { $query = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM users WHERE username = '$user' "); $numrows = mysqli_num_rows($query); if ($numrows == 1) { $query = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM users WHERE username = '$user' "); $row = mysqli_fetch_assoc($query); $dbactive = $row['active']; $dbuser = $row['username']; if ($dbactive == 1) { $_SESSION['userid'] = $dbid; $_SESSION['username'] = $dbuser; echo "You have been logged in as <b>$dbuser</b> <a href='./index.php'>Click here</a> to go back to home page"; } else { echo '<font color="red">You must activate your account to log in.</font>'; echo $form; } } else { echo '<font color="red">You entered an invalid username or password.</font>'; echo $form; } } else { echo '<font color="red">You entered an invalid username or password.</font>'; echo $form; } ((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res); } else { echo '<font color="red">You must enter your password.</font>'; echo $form; } } else { echo '<font color="red">You must enter your username.</font>'; echo $form; } }else{ echo $form; } ?> Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted February 18, 2015 Share Posted February 18, 2015 i though these are kind of normal problems ? two error messages that indicate that your session variables don't exist, would mean that your log in code didn't log anyone in or that information didn't carry over to the index.php page. you would need to determine why by checking exactly what the log in code did when it ran or if there are any php or database errors in that code. Quote Link to comment Share on other sites More sharing options...
cyberRobot Posted February 18, 2015 Share Posted February 18, 2015 Based on the following code, it looks like you're comparing a hashed password against the raw version: $passwordFromPost = $_POST['pass']; $hashedPasswordFromDB = $row['password']; if ($passwordFromPost === $hashedPasswordFromDB) { //... Also, it doesn't look like $dbid is defined before the following line: $_SESSION['userid'] = $dbid; Quote Link to comment Share on other sites More sharing options...
JadWS Posted February 18, 2015 Author Share Posted February 18, 2015 Based on the following code, it looks like you're comparing a hashed password against the raw version: $passwordFromPost = $_POST['pass']; $hashedPasswordFromDB = $row['password']; if ($passwordFromPost === $hashedPasswordFromDB) { //... Also, it doesn't look like $dbid is defined before the following line: $_SESSION['userid'] = $dbid; Oh ye about the hashed pass ... its not hashed .... i was just too lazy in order to change it .... And what do you mean ? Also, it doesn't look like $dbid is defined before the following line: $_SESSION['userid'] = $dbid; Quote Link to comment Share on other sites More sharing options...
cyberRobot Posted February 18, 2015 Share Posted February 18, 2015 When logging in, do you see the message echoed here: echo "You have been logged in as <b>$dbuser</b> <a href='./index.php'>Click here</a> to go back to home page"; If so, the SESSION variables should be set. To make sure, you can try displaying it: $_SESSION['username'] = $dbuser; echo "You have been logged in as <b>$dbuser</b> <a href='./index.php'>Click here</a> to go back to home page"; var_dump($_SESSION['username']); Quote Link to comment Share on other sites More sharing options...
JadWS Posted February 18, 2015 Author Share Posted February 18, 2015 (edited) ah ye its displayed ... im telling you my code works perfectly only index.php it doesn't ... ... it echo the username and every thing works fine ... even the errors ...(on login.php) Edited February 18, 2015 by JadWS Quote Link to comment Share on other sites More sharing options...
JadWS Posted February 18, 2015 Author Share Posted February 18, 2015 maybe its related to being hosted on a diff server than localhost ? but i dont think thats the problem .... excuse my bad grammar ... Quote Link to comment Share on other sites More sharing options...
cyberRobot Posted February 18, 2015 Share Posted February 18, 2015 maybe its related to being hosted on a diff server than localhost ? but i dont think thats the problem .... excuse my bad grammar ... Are both of the pages hosted on the same server? Quote Link to comment Share on other sites More sharing options...
JadWS Posted February 18, 2015 Author Share Posted February 18, 2015 (edited) Are both of the pages hosted on the same server? ye pretty much ... i even gave a link to the web if you wanna try : http://homeserver.webuda.com/ Edited February 18, 2015 by JadWS Quote Link to comment Share on other sites More sharing options...
cyberRobot Posted February 18, 2015 Share Posted February 18, 2015 After the SESSION variables are set here: $_SESSION['userid'] = $dbid; $_SESSION['username'] = $dbuser; ...did you trying displaying them to the screen to make sure they contain the value you expect? You could try something like this: $_SESSION['userid'] = $dbid; $_SESSION['username'] = $dbuser; print '<pre>' . print_r($_SESSION, true) . '</pre>'; Quote Link to comment Share on other sites More sharing options...
JadWS Posted February 18, 2015 Author Share Posted February 18, 2015 (edited) Array( [userid] => [username] => Jad) EDIT : it does.... it echo the sessions ... maybe not id ? Edited February 18, 2015 by JadWS Quote Link to comment Share on other sites More sharing options...
JadWS Posted February 18, 2015 Author Share Posted February 18, 2015 oh wait a second ... it does .... <?php session_start(); $userid = $_SESSION['userid']; $username = $_SESSION['username']; echo $username; it echoed Jad (the username...) so it works ... Quote Link to comment Share on other sites More sharing options...
JadWS Posted February 18, 2015 Author Share Posted February 18, 2015 Also even after reloading page etc ... its still logged in ... so sessions work right ? Quote Link to comment Share on other sites More sharing options...
cyberRobot Posted February 18, 2015 Share Posted February 18, 2015 ... so sessions work right ? It sure sounds like it Array ( [userid] => [username] => Jad) EDIT : it does.... it echo the sessions ... maybe not id ? As I mentioned earlier, $dbid is not define. So the following line of code creates the SESSION variable, but the value will be an empty string: $_SESSION['userid'] = $dbid; I imagine that you need to define $dbid like you did for $dbuser here: $dbuser = $row['username']; Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.