Jump to content

[SOLVED] Where's the Sessions Sticky now ? I have a problem !

swatisonee

By swatisonee
in PHP Coding Help

 Share

Recommended Posts

swatisonee Regular Member

swatisonee

Posted
Posted
Hi,

I seem to remember a sticky that collated all sessions problems but i cannot find it.

I have a login script that works great but the session id doesnt get passed onto the user  pages. The session gets recorded in my log file in the db but when the user clicks on the link to proceed, the error message to prevent unauthorised use pops up. Could someone have a look and tell me what i am doing wrong ?
Thanks !


Adminhead.php
===========

[code]<?

include ("../include/session.php");
include ("../cloth.php");
require ("../include/bottom.php");
include ("../include/background.php");

if(!isset($_SESSION['userid'])){
echo "<center><font face='Verdana' size='2' color=red>Sorry, Please login and use this page </font></center>";
exit;}

$userid = $_SESSION['userid'];
?>[/code]


newsession.php  // used in login code
============

[code]
<?php


$_SESSION['id']=session_id();
$_SESSION['userid']=$userid;
$_SESSION['username']=$username;
$_SESSION['type']=$type;
$_SESSION['dbtype']=$dbtype;
?>
[/code]

Session.php
=========
[code]<? session_start();?>[/code]




Login Code
========
[code]
<?php
//Process this if statement only if form was submitted
if($_POST['submit']){
$username=$_POST['username'];
$password=$_POST['password'];
$ip=$_SERVER['REMOTE_ADDR'];
$date = putenv('TZ=Europe/Amsterdam');
mktime(0,0,0,1,1,1970) ;
$tm = date("Y-m-d H:i:s");
$dbtype = $_POST['dbtype'];

    //Define unique section vars, etc.
    if ($dbtype == 'Paper') {
        include "paper.php"; // contains dbname, pw and other info
        $section = 'Paper';
    }

    if ($dbtype == 'Cloth') {
        include "cloth.php"; // contains dbname, pw and other info
        $section = 'Cloth';
    }


?>

<? include ("include/session.php");

    //Test for login success
    $sql = "SELECT * FROM Users WHERE Username='$username' AND Password = '$password'";
    $result = mysql_query($sql);
    if  ($myrow = mysql_fetch_array($result)){

        $userid = $myrow["Userid"];
        $type = $myrow["Type"];

        if ($type == '1') {
        $userFile = 'adminhead.php';
    }

    if ($type == '2') {
        $userFile = 'saleshead.php';
    }

      include "include/newsession.php"    ;


        $result2=mysql_query("insert into Log (Sessionid,Userid,IP,Date) values('$_SESSION[id]','$userid','$ip','$tm')");
        echo mysql_error();
    }
        $login_success = 'Yes';
}
?>

<input type="hidden" name="userid" value="<? echo $userid ?>" >
<input type="hidden" name="type" value="<? echo $type?>" >

<!doctype html public "-//w3c//dtd html 3.2//en">

<html>

<head>
<title>:Login:</title>

<meta name="GENERATOR" content="Arachnophilia 4.0">
<meta name="FORMATTER" content="Arachnophilia 4.0">
</head>

<body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#800080" alink="#ff0000">

<?php

if($_POST['submit'] && ($login_success == 'Yes')){

    $successMessage = '<p class="data"><center><font face="Tahoma" size=2>Thank you for logging in '.$username.'!<br /><br />';
  $successMessage .= '<a href="'.$section.'/'.$userFile.'?Userid='.$userid.'">Click here to proceed to your options</a></font></center></p>'; 

    print $successMessage;

} elseif ($_POST['submit'] && ($login_success != 'Yes')) {
  session_unset();
    $failureMessage = '<p class="data"><center><font face="Verdana" size="2" color="red">Login Failure.  Please fill in all fields with the correct information.<br /></font></center></p>';
    print $failureMessage;

?>
<form action="<?php print $PHP_SELF ?>" method="post">

<table border='0' cellspacing='0' cellpadding='0' align=center>
  <tr id='cat'>
  <tr> <td bgcolor='#f1f1f1' ><font face='verdana, arial, helvetica' size='2' align='center'>  &nbsp;Username  &nbsp; &nbsp;
</font></td>
    <td bgcolor='#f1f1f1' align='center'><font face='verdana, arial, helvetica' size='2' >
<input type ='text' class='bginput' name='username' value="<?php print ((strlen($username))? $username : '' );?>" /></font></td></tr>

<tr> <td bgcolor='#ffffff' ><font face='verdana, arial, helvetica' size='2' align='center'>  &nbsp;Password
</font></td> <td bgcolor='#ffffff' align='center'><font face='verdana, arial, helvetica' size='2' >
<input type ='password' class='bginput' name='password' ></font></td></tr>

<tr> <td bgcolor='#ffffff' ><font face='verdana, arial, helvetica' size='2' align='center'>  &nbsp;Select database:
</font></td> <td bgcolor='#ffffff' align='center'><font face='verdana, arial, helvetica' size='2' >
<select name="dbtype">
<?php
$typesArray = array (""=>"[Select One]","Paper"=>"Paper","Cloth"=>"Cloth");
foreach ($typesArray AS $key=>$value) {
    print '<option value="'.$key.'" '.(($dbtype == $key)? "selected" :"").'>'.$value.'</option>';
}
?>
</select> </font></td></tr>

<tr> <td bgcolor='#f1f1f1' colspan='2' align='center'><font face='verdana, arial, helvetica' size='2' align='center'>
<input name='submit' type='submit' value='Submit'> <input type='reset' value='Reset'>
</font></td> </tr>

</table></center></form>
<?php

} else {

?>
<form action="<?php print $PHP_SELF ?>" method="post">

<table border='0' cellspacing='0' cellpadding='0' align=center>
  <tr id='cat'>
  <tr> <td bgcolor='#f1f1f1' ><font face='verdana, arial, helvetica' size='2' align='center'>  &nbsp;Username  &nbsp; &nbsp;
</font></td>
    <td bgcolor='#f1f1f1' align='center'><font face='verdana, arial, helvetica' size='2' >
<input type ='text' class='bginput' name='username' value="<?php print ((strlen($username))? $username : '' );?>" /></font></td></tr>

<tr> <td bgcolor='#ffffff' ><font face='verdana, arial, helvetica' size='2' align='center'>  &nbsp;Password
</font></td> <td bgcolor='#ffffff' align='center'><font face='verdana, arial, helvetica' size='2' >
<input type ='password' class='bginput' name='password' ></font></td></tr>

<tr> <td bgcolor='#ffffff' ><font face='verdana, arial, helvetica' size='2' align='center'>  &nbsp;Select database:
</font></td> <td bgcolor='#ffffff' align='center'><font face='verdana, arial, helvetica' size='2' >
<select name="dbtype">
<?php
$typesArray = array (""=>"[Select One]","Paper"=>"Paper","Cloth"=>"Cloth");
foreach ($typesArray AS $key=>$value) {
    print '<option value="'.$key.'" '.(($dbtype == $key)? "selected" :"").'>'.$value.'</option>';
}
?>
</select> </font></td></tr>

<tr> <td bgcolor='#f1f1f1' colspan='2' align='center'><font face='verdana, arial, helvetica' size='2' align='center'>
<input name='submit' type='submit' value='Submit'> <input type='reset' value='Reset'>
</font></td> </tr>

</table></center></form>
<?php
}
?>


</body>

</html>[/code]

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted
In your login code -
[code]?>

<? include ("include/session.php");[/code]Closing the php tag ?>, having a newline/blank line, then restarting PHP where you do your session start, is causing the newline/blank line to be output to the browser, which prevents the session from starting.
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.