googlehunter Posted December 6, 2006 Share Posted December 6, 2006 Greetings,I am developing a site and using PHP as my primary programming language. I scripted the login page such that it issues a session variable which indicates that the visitor is logged in. I am able to traverse many of the pages except a few php pages. It seems that the previously assigned session variable is not being detected by these later pages. Can someone please suggest a reason for this oddity? Please visit [url=http://blisstronix.com]http://blisstronix.com[/url] to get a better idea of my dilemma.use the following login credentials to login. Thanksusername=demopassword=demoThank you for your help. Quote Link to comment Share on other sites More sharing options...
marcus Posted December 6, 2006 Share Posted December 6, 2006 Post the code please Quote Link to comment Share on other sites More sharing options...
googlehunter Posted December 6, 2006 Author Share Posted December 6, 2006 login page:[code]$submitted=$_POST['login']; if($submitted=="Login >>") { $username=$_POST['username']; $password=$_POST['password']; $lookup=mysql_query("select * from customers where username='$username'") or die("cant select password"); $getpass=mysql_fetch_array($lookup); if($getpass[3]!=$password || empty($username) || empty($password)) {$errors=1; $errormsg="<font color=red><strong>Your Username or Password is incorrect. Please try again or retrieve your login information below. Thank you.</strong></font>";} if($errors==1){} else{$_SESSION['customerid']=$getpass[10];$accessacct=$_GET['accessacct'];$accessacct2=$_SESSION['accessnum'];if($accessacct!="" && $accessacct2!="" && $accessacct==$accessacct2) {header("location:myaccount.php");}else{header("location:home.php");} } [/code]thanks Quote Link to comment Share on other sites More sharing options...
marcus Posted December 6, 2006 Share Posted December 6, 2006 do you have session_start(); on your login? Quote Link to comment Share on other sites More sharing options...
googlehunter Posted December 6, 2006 Author Share Posted December 6, 2006 yes. Quote Link to comment Share on other sites More sharing options...
trq Posted December 6, 2006 Share Posted December 6, 2006 And all other pages? You need to call session_start() on each page. Quote Link to comment Share on other sites More sharing options...
marcus Posted December 6, 2006 Share Posted December 6, 2006 On your login page, I don't see any forms submitting with GET Quote Link to comment Share on other sites More sharing options...
marcus Posted December 6, 2006 Share Posted December 6, 2006 You could also make your code a bit neater[code] $submitted=$_POST['login']; if($submitted == "Login >>") { $username=$_POST['username']; $password=$_POST['password']; $lookup=mysql_query("select * from `customers` where username='$username'") or die(mysql_error()); $getpass=mysql_fetch_array($lookup); if($getpass[3]!=$password || empty($username) || empty($password)) { $errors = 1; $errormsg = "<font color=red><strong>Your Username or Password is incorrect. Please try again or retrieve your login information below. Thank you.</strong></font>"; }else{ //log user in $_SESSION['customerid']=$getpass[10]; $accessacct = $_GET['accessacct']; //<where are you using a get? $_SESSION['accessnum'] = $accessacct; header("Location: myaccount.php"); } else{ header("Location: home.php"); };[/code] Quote Link to comment Share on other sites More sharing options...
googlehunter Posted December 6, 2006 Author Share Posted December 6, 2006 use the following login credentials to login.username=demopassword=demoI have already included session_start(); on every page.I scripted the login button in the navigation bar to change to "logout" if $_SESSION['customerid'] is active. You will see that it changes to "login" if you click on a product category on the left side of the page. Quote Link to comment Share on other sites More sharing options...
marcus Posted December 6, 2006 Share Posted December 6, 2006 It looks like it works to me. Quote Link to comment Share on other sites More sharing options...
googlehunter Posted December 6, 2006 Author Share Posted December 6, 2006 $_GET['accessacct'] is transfered from the "my accounts page". That is, when the visitor trys to access their account without logging in, they are redirected to the login page with $accessacct as a get variable. After successfully logging in, the visitor will go back to the "my accounts page" if accessact is present or he will go to the home page. Quote Link to comment Share on other sites More sharing options...
googlehunter Posted December 6, 2006 Author Share Posted December 6, 2006 ok, to minimize confusion. close all of your browsers because the session variables will still be active if you have other pages open, even if it not from [url=http://blisstronix.com]blisstronix.com[/url]. after closing your browsers, goto [url=http://blisstronix.com]blisstronix.com[/url] and use demo for username and password.after logging in you will see that "login" in the navigation bar changes to "logout" since $_SESSION['customerid'] was initiated in the script above. Now expand a product category on the menu on the left side of the page. Choose a product listing and you will see that the "logout" button now changes to "login" since $_SESSION['customerid'] is not detected. When you click on a product link on the left, you are accessing catalog.php and i have session_start(); on that page as well. Thanks Quote Link to comment Share on other sites More sharing options...
marcus Posted December 6, 2006 Share Posted December 6, 2006 It stays logout for me Quote Link to comment Share on other sites More sharing options...
googlehunter Posted December 6, 2006 Author Share Posted December 6, 2006 hmm thats odd.let me see something. brb. Quote Link to comment Share on other sites More sharing options...
googlehunter Posted December 6, 2006 Author Share Posted December 6, 2006 I think the problem was having other browsers opened while being logged out.This brings me to another issue:I open [url=http://blisstronix.com]blisstronix.com[/url] in one broswer window.I then open another browser window and goto another website like [url=http://google.com]google.com[/url].I then login and add items to my cart which are stored in a session variable at [url=http://blisstronix.com]blisstronix.com[/url].I close the window that has [url=http://blisstronix.com]blisstronix.com[/url] active. Now I only have the window displaying [url=http://google.com]google.com[/url].With google page still opened. I open another browser window and go back to [url=http://blisstronix.com]blisstronix.com[/url].When I click on "my cart" in the navigation bar it shows me cart items that I had added previously. when I close the [url=http://blisstronix.com]blisstronix.com[/url] browser before, it should have deleted the cart session right? I am concluding that since I had another browser open, session variables are not destroyed when a visitor closes their browsers while at [url=http://blisstronix.com]blisstronix.com[/url]. how do i solve this problem? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.