Jump to content

I'm getting a session error

maviyazilim

By maviyazilim
in PHP Coding Help

 Share
Go to solution Solved by mac_gyver,

Recommended Posts

maviyazilim Regular Member

maviyazilim

Posted
Posted

Why can't I print the user's name on the screen?

 

Warning: Undefined array key "nik" in C:\xampp\htdocs\a-deneme\sayfam.php on line 4

 

<?php
require_once('kaynak/baglan.php');
session_start();
$_SESSION['nik'] = $_POST['nik'];

 ?>
<!DOCTYPE html>
<html lang="tr">
<head>
  <title>Sayfanız - Hoşgeldiniz</title>
  <meta charset="utf-8">
  <link rel="stylesheet" type="text/css" href="kaynak/style.css">
</head>
<body>
<div id="ana">
  <h1><?php echo $_SESSION['nik']; ?>Üye giriş sayfasına hoşgeldiniz</h1><br>


</div>
</body>
</html>

Link to comment
Share on other sites
maviyazilim Regular Member

maviyazilim

Posted
  • Author
Posted
5 minutes ago, Barand said:

Has data been posted to that page at the time of the error?

Check for posted data before trying to process it 

if ($_SERVER['REQUEST_METHOD']=='POST')  {

    // here you can process posted data
}

 

if ($_SERVER['REQUEST_METHOD']=='POST')  {
$_POST['nik'];

}

I added this code. the error has not changed.

Link to comment
Share on other sites
maviyazilim Regular Member

maviyazilim

Posted
  • Author
Posted

This is the previous file.

<?php
require_once('kaynak/baglan.php');
session_start();
$_SESSION['nik'] = $_POST['nik'];

$nik = $_POST['nik'];
$sifre = $_POST['sifre'];

$sorgu = "select * from uyeler where kadi = '$nik' and sifre = '$sifre' ";
$sonuc = $baglan->query($sorgu);

if ($sonuc) {
  header("Location:sayfam.php");
}

 ?>

Link to comment
Share on other sites
maviyazilim Regular Member

maviyazilim

Posted
  • Author
Posted
3 minutes ago, Barand said:

If you put it into $_SESSION['nik'] in the previous page, it will still be there. That previous page isn;t posting any data.

If it doesn't send any data, how do I get it to send? I want to print the name of the logged in person on the screen.

Link to comment
Share on other sites
Barand Prolific Member

Barand

Posted
Posted 
 <?php
require_once('kaynak/baglan.php');
session_start();
 ?>
<!DOCTYPE html>
<html lang="tr">
<head>
  <title>Sayfanız - Hoşgeldiniz</title>
  <meta charset="utf-8">
  <link rel="stylesheet" type="text/css" href="kaynak/style.css">
</head>
<body>
<div id="ana">
  <h1><?php echo $_SESSION['nik']; ?> Üye giriş sayfasına hoşgeldiniz</h1><br>
</div>
</body>
</html>

 

Link to comment
Share on other sites
maviyazilim Regular Member

maviyazilim

Posted
  • Author
Posted
4 minutes ago, Barand said: 
 <?php
require_once('kaynak/baglan.php');
session_start();
 ?>
<!DOCTYPE html>
<html lang="tr">
<head>
  <title>Sayfanız - Hoşgeldiniz</title>
  <meta charset="utf-8">
  <link rel="stylesheet" type="text/css" href="kaynak/style.css">
</head>
<body>
<div id="ana">
  <h1><?php echo $_SESSION['nik']; ?> Üye giriş sayfasına hoşgeldiniz</h1><br>
</div>
</body>
</html>

 

the error code is gone from the screen. but the user's name is not written on the screen. echo inside h1 tag not working

Link to comment
Share on other sites
maviyazilim Regular Member

maviyazilim

Posted
  • Author
Posted
3 minutes ago, Barand said:

On your "previous page" you are populating $_SESSION['nik'] from $_POST['nik'].

Are you sure 'nik' value was posted to that page? If not , $_SESSION['nik'] will be empty.

Check the values in your $_SESSION. 

echo '<pre>' . print_r($_SESSION, true) . '</pre>';

 

Array ( [nik] => )

Link to comment
Share on other sites
maviyazilim Regular Member

maviyazilim

Posted
  • Author
Posted

this is my first file.

<?php
require_once 'kaynak/baglan.php';
session_start();
$_SESSION['nik'] = $_POST['nik'];

 ?>
<!DOCTYPE html>
<html lang="tr">
<head>
  <title>Giriş sayfası - Hoşgeldiniz</title>
  <meta charset="utf-8">
  <link rel="stylesheet" type="text/css" href="kaynak/style.css">
</head>
<body>
<div id="ana">
  <h1>Üye giriş sayfasına hoşgeldiniz</h1><br>
  <form action="denetim.php" method="post">
    <label>Kullanıcı adını giriniz. </label><br>
    <input type="text" name="nik"><br><br>
    <label>Şifrenizi giriniz. </label><br>
    <input type="password" name="sifre"><br><br>
    <input type="submit" value="Giriş yap">
  </form>


</div>
</body>
</html>

this is my second file.

<?php
require_once('kaynak/baglan.php');
session_start();
$_SESSION['nik'] = $_POST['nik'];

$nik = $_POST['nik'];
$sifre = $_POST['sifre'];

$sorgu = "select * from uyeler where kadi = '$nik' and sifre = '$sifre' ";
$sonuc = $baglan->query($sorgu);

if ($sonuc) {
  header("Location:sayfam.php");
}

 ?>

this is my third file. I can't print the username on the screen.

<?php
require_once('kaynak/baglan.php');
session_start();
echo '<pre>' . print_r($_SESSION, true) . '</pre>';
 ?>
<!DOCTYPE html>
<html lang="tr">
<head>
  <title>Sayfanız - Hoşgeldiniz</title>
  <meta charset="utf-8">
  <link rel="stylesheet" type="text/css" href="kaynak/style.css">
</head>
<body>
<div id="ana">
  <h1><?php echo $_SESSION['nik']; ?>Üye giriş sayfasına hoşgeldiniz</h1><br>


</div>
</body>
</html>

Link to comment
Share on other sites
dodgeitorelse3 Advanced Member

dodgeitorelse3

Posted
Posted (edited)

instead of saying first file, second file and third file use the actual file name. I am curious if your form is actually posting to second file (denetim.php)  and which file is your redirect (header("Location:sayfam.php")). The clearer you are determines the quickest path to your answer.

Edited by dodgeitorelse3
Link to comment
Share on other sites
maviyazilim Regular Member

maviyazilim

Posted
  • Author
Posted
5 hours ago, dodgeitorelse3 said:

instead of saying first file, second file and third file use the actual file name. I am curious if your form is actually posting to second file (denetim.php)  and which file is your redirect (header("Location:sayfam.php")). The clearer you are determines the quickest path to your answer.

I do not understand what you mean. filenames are different. I just numbered the files to indicate the order of operations. The operation is taking place on the denetim.php page. I am getting the latest file. I can't type the username on the screen.

Link to comment
Share on other sites
mac_gyver Prolific Member

mac_gyver

Posted
Posted

the reason @dodgeitorelse3 asked you to identify, by filename, the three files, is because it is not clear to us (we only see the information you provide in your posts) if the form submits to the same page it is on (why is the line $_SESSION['nik'] = $_POST['nik']; on the form page) or if it submits to a different page. if you had shown us that the 2nd file is denetim.php, we could have the ignored that line of code setting the session variable on the form page.

you changed the code on sayfam.php, which originally had that same line - $_SESSION['nik'] = $_POST['nik'];, which would have set the session variable to a null/empty value, because the post data only exists on the page the form submitted to. did you completely close your browser and start over after making that change to the code?

next, here's a list of things you should/should not be doing -

  1. the login form processing code and the form should be on the same page. by putting them on separate pages, you are creating more work for yourself, in maintaining two pages. this also provides a bad user experience, since the use must now navigate back to the form page upon an error and depending on how you were going to display error messages on the form page, it makes your site open to a phishing attack. the code for any page should be laid out in this general order - 1) initialization, 2) post method form processing, 3) get method business logic - get/produce data needed to display the page, 4) html document
  2. the piece of code that @Barand posted, checking the server request method, is the conditional logic that goes around the post method form processing. it insures that the form has been submitted before referencing any of the form data.
  3. don't copy variables to other variables for nothing. this is just a waste of your time typing. in the post method form processing code, keep the  form data as a set, in an array variable, then operate on elements in this array variable throughout the rest of the code.
  4. you should trim all input data, mainly so that you can detect if all white-space characters were entered.
  5. you should validate all inputs before using them, storing user/validation errors in an array, using the field name as the main array index.
  6. after the end of the validation logic, if there are no user/validation errors, use the submitted form data.
  7. you should not store the plain-text password. use php's password_hash(), in the registration code, and password_verify() in the login code.
  8. don't put external/dynamic values directly into an sql query statement. use a prepared query instead.
  9. testing if $sonuc is a true value doesn't tell you if the query matched a row of data. it only tells you that the query executed without any error, and in fact in php8+, both the mysqli and PDO extensions use exceptions for errors and any conditional logic you have testing the returned value from a query is unnecessary and should be removed. if execution continues to the line following the execution of a query, you know that the query didn't produce an error. you must fetch and test the result of the fetch statement to know if a query matched any data. fetching the data is also necessary to use password_verify() and the value you store in the session variable upon successful login should be the user's id (autoincrement primary index), not the username. you should query on each page request to get any other user data, such as the username, user permissions, ... this insures that any change made to this use data will take effect on the very next page request after it was changed.
  10. the only redirect you should have upon successful login is to the exact same url of the form processing code. this will cause a get request for that page so that the browser won't attempt to resubmit the form data if that page is reloaded or navigated away from an back to. if you want to allow the user to go to a different page, provide navigation links.
  11. every redirect needs an exit/die statement after it to stop php code execution. a header() statement doesn't stop the php code from running.
  12. the session variable is an input to the code on a page. you must validate it before using it. if it is a 'required' input and it doesn't exist, that's an error. you would setup and display an error message instead of trying to use the session variable in the code. if it is not required, you would instead display a default value or skip displaying it at all.
Link to comment
Share on other sites
maviyazilim Regular Member

maviyazilim

Posted
  • Author
Posted
2 hours ago, mac_gyver said:

the reason @dodgeitorelse3 asked you to identify, by filename, the three files, is because it is not clear to us (we only see the information you provide in your posts) if the form submits to the same page it is on (why is the line $_SESSION['nik'] = $_POST['nik']; on the form page) or if it submits to a different page. if you had shown us that the 2nd file is denetim.php, we could have the ignored that line of code setting the session variable on the form page.

you changed the code on sayfam.php, which originally had that same line - $_SESSION['nik'] = $_POST['nik'];, which would have set the session variable to a null/empty value, because the post data only exists on the page the form submitted to. did you completely close your browser and start over after making that change to the code?

next, here's a list of things you should/should not be doing -

  1. the login form processing code and the form should be on the same page. by putting them on separate pages, you are creating more work for yourself, in maintaining two pages. this also provides a bad user experience, since the use must now navigate back to the form page upon an error and depending on how you were going to display error messages on the form page, it makes your site open to a phishing attack. the code for any page should be laid out in this general order - 1) initialization, 2) post method form processing, 3) get method business logic - get/produce data needed to display the page, 4) html document
  2. the piece of code that @Barand posted, checking the server request method, is the conditional logic that goes around the post method form processing. it insures that the form has been submitted before referencing any of the form data.
  3. don't copy variables to other variables for nothing. this is just a waste of your time typing. in the post method form processing code, keep the  form data as a set, in an array variable, then operate on elements in this array variable throughout the rest of the code.
  4. you should trim all input data, mainly so that you can detect if all white-space characters were entered.
  5. you should validate all inputs before using them, storing user/validation errors in an array, using the field name as the main array index.
  6. after the end of the validation logic, if there are no user/validation errors, use the submitted form data.
  7. you should not store the plain-text password. use php's password_hash(), in the registration code, and password_verify() in the login code.
  8. don't put external/dynamic values directly into an sql query statement. use a prepared query instead.
  9. testing if $sonuc is a true value doesn't tell you if the query matched a row of data. it only tells you that the query executed without any error, and in fact in php8+, both the mysqli and PDO extensions use exceptions for errors and any conditional logic you have testing the returned value from a query is unnecessary and should be removed. if execution continues to the line following the execution of a query, you know that the query didn't produce an error. you must fetch and test the result of the fetch statement to know if a query matched any data. fetching the data is also necessary to use password_verify() and the value you store in the session variable upon successful login should be the user's id (autoincrement primary index), not the username. you should query on each page request to get any other user data, such as the username, user permissions, ... this insures that any change made to this use data will take effect on the very next page request after it was changed.
  10. the only redirect you should have upon successful login is to the exact same url of the form processing code. this will cause a get request for that page so that the browser won't attempt to resubmit the form data if that page is reloaded or navigated away from an back to. if you want to allow the user to go to a different page, provide navigation links.
  11. every redirect needs an exit/die statement after it to stop php code execution. a header() statement doesn't stop the php code from running.
  12. the session variable is an input to the code on a page. you must validate it before using it. if it is a 'required' input and it doesn't exist, that's an error. you would setup and display an error message instead of trying to use the session variable in the code. if it is not required, you would instead display a default value or skip displaying it at all.

thank you for the answer. I did not understand what to do. I didn't understand part of your post at all. anyway thanks for your time

Link to comment
Share on other sites
gizmola Prolific Member

gizmola

Posted
Posted 
<?php
require_once('kaynak/baglan.php');
session_start();
echo '<pre>' . print_r($_SESSION, true) . '</pre>';
 ?>
<!DOCTYPE html>
<html lang="tr">
<head>
  <title>Sayfanız - Hoşgeldiniz</title>
  <meta charset="utf-8">
  <link rel="stylesheet" type="text/css" href="kaynak/style.css">
</head>
<body>
<div id="ana">
  <h1><?php echo $_SESSION['nik']; ?>Üye giriş sayfasına hoşgeldiniz</h1><br>


</div>
</body>
</html>

 

This is malformed -- you are outputting html before outputting a full html page.  That is broken.  If you want to do a debug statement like this with the <pre> make sure you move it inside your html page, in the body. 

<?php
require_once('kaynak/baglan.php');
session_start();
?>
<!DOCTYPE html>
<html lang="tr">
<head>
  <title>Sayfanız - Hoşgeldiniz</title>
  <meta charset="utf-8">
  <link rel="stylesheet" type="text/css" href="kaynak/style.css">
</head>
<body>
<?php echo '<pre>' . print_r($_SESSION, true) . '</pre>'; ?>
<div id="ana">
  <h1><?php echo $_SESSION['nik']; ?>Üye giriş sayfasına hoşgeldiniz</h1><br>
</div>
</body>
</html>

 

 

Link to comment
Share on other sites
maviyazilim Regular Member

maviyazilim

Posted
  • Author
Posted
3 hours ago, gizmola said: 
<?php
require_once('kaynak/baglan.php');
session_start();
echo '<pre>' . print_r($_SESSION, true) . '</pre>';
 ?>
<!DOCTYPE html>
<html lang="tr">
<head>
  <title>Sayfanız - Hoşgeldiniz</title>
  <meta charset="utf-8">
  <link rel="stylesheet" type="text/css" href="kaynak/style.css">
</head>
<body>
<div id="ana">
  <h1><?php echo $_SESSION['nik']; ?>Üye giriş sayfasına hoşgeldiniz</h1><br>


</div>
</body>
</html>

 

This is malformed -- you are outputting html before outputting a full html page.  That is broken.  If you want to do a debug statement like this with the <pre> make sure you move it inside your html page, in the body. 

<?php
require_once('kaynak/baglan.php');
session_start();
?>
<!DOCTYPE html>
<html lang="tr">
<head>
  <title>Sayfanız - Hoşgeldiniz</title>
  <meta charset="utf-8">
  <link rel="stylesheet" type="text/css" href="kaynak/style.css">
</head>
<body>
<?php echo '<pre>' . print_r($_SESSION, true) . '</pre>'; ?>
<div id="ana">
  <h1><?php echo $_SESSION['nik']; ?>Üye giriş sayfasına hoşgeldiniz</h1><br>
</div>
</body>
</html>

 

 

when i do this, this is the result on the screen.

Warning: Undefined array key "nik" in C:\xampp\htdocs\a\sayfam.php on line 5

Array ( [nik] => )

Link to comment
Share on other sites
maviyazilim Regular Member

maviyazilim

Posted
  • Author
Posted
2 hours ago, dodgeitorelse3 said:

Does kaynak/baglan.php contain any html output? If it does you must put session_start() first before any html output.

There is no html output on the baglan.php page. I did what you said though. it gave the following error code.

Notice: session_start(): Ignoring session_start() because a session is already active in C:\xampp\htdocs\a\kaynak\baglan.php on line 9

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.