swatisonee Posted January 3, 2007 Share Posted January 3, 2007 Hi,I seem to remember a sticky that collated all sessions problems but i cannot find it. I have a login script that works great but the session id doesnt get passed onto the user pages. The session gets recorded in my log file in the db but when the user clicks on the link to proceed, the error message to prevent unauthorised use pops up. Could someone have a look and tell me what i am doing wrong ?Thanks !Adminhead.php===========[code]<?include ("../include/session.php");include ("../cloth.php");require ("../include/bottom.php");include ("../include/background.php");if(!isset($_SESSION['userid'])){echo "<center><font face='Verdana' size='2' color=red>Sorry, Please login and use this page </font></center>";exit;} $userid = $_SESSION['userid'];?>[/code]newsession.php // used in login code============[code]<?php$_SESSION['id']=session_id();$_SESSION['userid']=$userid;$_SESSION['username']=$username;$_SESSION['type']=$type;$_SESSION['dbtype']=$dbtype;?>[/code]Session.php=========[code]<? session_start();?>[/code]Login Code========[code]<?php//Process this if statement only if form was submittedif($_POST['submit']){$username=$_POST['username'];$password=$_POST['password'];$ip=$_SERVER['REMOTE_ADDR'];$date = putenv('TZ=Europe/Amsterdam');mktime(0,0,0,1,1,1970) ;$tm = date("Y-m-d H:i:s");$dbtype = $_POST['dbtype']; //Define unique section vars, etc. if ($dbtype == 'Paper') { include "paper.php"; // contains dbname, pw and other info $section = 'Paper'; } if ($dbtype == 'Cloth') { include "cloth.php"; // contains dbname, pw and other info $section = 'Cloth'; }?><? include ("include/session.php"); //Test for login success $sql = "SELECT * FROM Users WHERE Username='$username' AND Password = '$password'"; $result = mysql_query($sql); if ($myrow = mysql_fetch_array($result)){ $userid = $myrow["Userid"]; $type = $myrow["Type"]; if ($type == '1') { $userFile = 'adminhead.php'; } if ($type == '2') { $userFile = 'saleshead.php'; } include "include/newsession.php" ; $result2=mysql_query("insert into Log (Sessionid,Userid,IP,Date) values('$_SESSION[id]','$userid','$ip','$tm')"); echo mysql_error(); } $login_success = 'Yes';}?><input type="hidden" name="userid" value="<? echo $userid ?>" ><input type="hidden" name="type" value="<? echo $type?>" ><!doctype html public "-//w3c//dtd html 3.2//en"><html><head><title>:Login:</title><meta name="GENERATOR" content="Arachnophilia 4.0"><meta name="FORMATTER" content="Arachnophilia 4.0"></head><body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#800080" alink="#ff0000"><?phpif($_POST['submit'] && ($login_success == 'Yes')){ $successMessage = '<p class="data"><center><font face="Tahoma" size=2>Thank you for logging in '.$username.'!<br /><br />'; $successMessage .= '<a href="'.$section.'/'.$userFile.'?Userid='.$userid.'">Click here to proceed to your options</a></font></center></p>'; print $successMessage;} elseif ($_POST['submit'] && ($login_success != 'Yes')) { session_unset(); $failureMessage = '<p class="data"><center><font face="Verdana" size="2" color="red">Login Failure. Please fill in all fields with the correct information.<br /></font></center></p>'; print $failureMessage;?><form action="<?php print $PHP_SELF ?>" method="post"><table border='0' cellspacing='0' cellpadding='0' align=center> <tr id='cat'> <tr> <td bgcolor='#f1f1f1' ><font face='verdana, arial, helvetica' size='2' align='center'> Username </font></td> <td bgcolor='#f1f1f1' align='center'><font face='verdana, arial, helvetica' size='2' ><input type ='text' class='bginput' name='username' value="<?php print ((strlen($username))? $username : '' );?>" /></font></td></tr><tr> <td bgcolor='#ffffff' ><font face='verdana, arial, helvetica' size='2' align='center'> Password</font></td> <td bgcolor='#ffffff' align='center'><font face='verdana, arial, helvetica' size='2' ><input type ='password' class='bginput' name='password' ></font></td></tr><tr> <td bgcolor='#ffffff' ><font face='verdana, arial, helvetica' size='2' align='center'> Select database:</font></td> <td bgcolor='#ffffff' align='center'><font face='verdana, arial, helvetica' size='2' ><select name="dbtype"><?php$typesArray = array (""=>"[Select One]","Paper"=>"Paper","Cloth"=>"Cloth");foreach ($typesArray AS $key=>$value) { print '<option value="'.$key.'" '.(($dbtype == $key)? "selected" :"").'>'.$value.'</option>';}?></select> </font></td></tr><tr> <td bgcolor='#f1f1f1' colspan='2' align='center'><font face='verdana, arial, helvetica' size='2' align='center'><input name='submit' type='submit' value='Submit'> <input type='reset' value='Reset'></font></td> </tr></table></center></form><?php} else {?><form action="<?php print $PHP_SELF ?>" method="post"><table border='0' cellspacing='0' cellpadding='0' align=center> <tr id='cat'> <tr> <td bgcolor='#f1f1f1' ><font face='verdana, arial, helvetica' size='2' align='center'> Username </font></td> <td bgcolor='#f1f1f1' align='center'><font face='verdana, arial, helvetica' size='2' ><input type ='text' class='bginput' name='username' value="<?php print ((strlen($username))? $username : '' );?>" /></font></td></tr><tr> <td bgcolor='#ffffff' ><font face='verdana, arial, helvetica' size='2' align='center'> Password</font></td> <td bgcolor='#ffffff' align='center'><font face='verdana, arial, helvetica' size='2' ><input type ='password' class='bginput' name='password' ></font></td></tr><tr> <td bgcolor='#ffffff' ><font face='verdana, arial, helvetica' size='2' align='center'> Select database:</font></td> <td bgcolor='#ffffff' align='center'><font face='verdana, arial, helvetica' size='2' ><select name="dbtype"><?php$typesArray = array (""=>"[Select One]","Paper"=>"Paper","Cloth"=>"Cloth");foreach ($typesArray AS $key=>$value) { print '<option value="'.$key.'" '.(($dbtype == $key)? "selected" :"").'>'.$value.'</option>';}?></select> </font></td></tr><tr> <td bgcolor='#f1f1f1' colspan='2' align='center'><font face='verdana, arial, helvetica' size='2' align='center'><input name='submit' type='submit' value='Submit'> <input type='reset' value='Reset'></font></td> </tr></table></center></form><?php}?></body></html>[/code] Quote Link to comment https://forums.phpfreaks.com/topic/32704-solved-wheres-the-sessions-sticky-now-i-have-a-problem/ Share on other sites More sharing options...
PFMaBiSmAd Posted January 3, 2007 Share Posted January 3, 2007 In your login code -[code]?><? include ("include/session.php");[/code]Closing the php tag ?>, having a newline/blank line, then restarting PHP where you do your session start, is causing the newline/blank line to be output to the browser, which prevents the session from starting. Quote Link to comment https://forums.phpfreaks.com/topic/32704-solved-wheres-the-sessions-sticky-now-i-have-a-problem/#findComment-152199 Share on other sites More sharing options...
swatisonee Posted January 3, 2007 Author Share Posted January 3, 2007 Oh ok. Now I understand ! Thank you so much !Btw, how come you have the same picture icon as Barand ? Swati Quote Link to comment https://forums.phpfreaks.com/topic/32704-solved-wheres-the-sessions-sticky-now-i-have-a-problem/#findComment-152228 Share on other sites More sharing options...
ober Posted January 3, 2007 Share Posted January 3, 2007 There is a default selection of avatars. It's quite possible that several hundred members chose that avatar. I'm marking this thread as solved. Quote Link to comment https://forums.phpfreaks.com/topic/32704-solved-wheres-the-sessions-sticky-now-i-have-a-problem/#findComment-152230 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.