Session is not working

[am_25]

I'm doing a simple user login system. I tried used session variables, I initialise the session and then use it in a index.php to verify if user is logged in and then it should display the page. but it does not seem to work at all. here is the code for both loginscript.php and index.php. please help

loginscript.php

<?php

include "connect.php"; //connection string

//IF SUBMIT BUTTON PRESSED
if(isset($_POST['submit'])) {

   if(!$_POST['username']) die("Error: You must enter your username before logging in.");
   if(!$_POST['password']) die("Error: You must enter your password before logging in.");
   

//verify user...
$myusername=$_POST['username']; 
$mypassword=$_POST['password']; 
$encrypted_mypassword=md5($mypassword);

$sql="SELECT * FROM users WHERE username='$myusername' and password='$encrypted_mypassword'";
$result=mysql_query($sql);

$q = mysql_fetch_object($result);

    if(!$q) die("Login Failure: An error occured, please verify your username and password are correct.");

//set session variables 
session_start();
$_SESSION['logged_in'] = 1;
$_SESSION['username'] = $_POST['username']; 
$_SESSION['password'] = $_POST['password']; 
session_write_close();

header("Location:index.php");

} else {
//show login form
?>
<html>
<body>
<form name="login" method="post" action="loginscript.php">
<table border="0" width="225" align="center">
    <tr>
        <td width="219" bgcolor="#003366">
            <p align="center"><font color="white"><span style="font-size:12pt;"><b>Login</b></span></font></p>
        </td>
    </tr>
    <tr>
        <td width="219">
            <table border="0" width="220" align="center">
                <tr>
                    <td width="71"><span style="font-size:10pt;">Username:</span></td>
                    <td width="139"><input type="text" name="username"></td>
                </tr>
                <tr>
                    <td width="71"><span style="font-size:10pt;">Password:</span></td>
                    <td width="139"><input type="password" name="password"></td>
                </tr>
                <tr>
                    <td width="71"> </td>
                        <td width="139">
                            <p align="right"><input type="submit" name="submit" value="Submit"></p>
                        </td>
                </tr>
            </table>
        </td>
    </tr>
    <tr>
        <td width="219" bgcolor="#003366"><font color="white">Not Registered? </font><a href="register.html" target="_self"><font color="white">Register</font></a><font color="white"> </font><b><i><font color="white">Now!</font></i></b></td>
    </tr>
</table>
</form>
</body>
</html>
<?php
}//end else
?>

 

this is the index.php

 

<?php 
session_start();
echo "Start";
echo $_SESSION['username']; 
if (!isset($_SESSION['username'])) { 
// check if authentication was performed 
// else die with error 
die ("ERROR: Unauthorized access!"); 
} 
else { 
print "<br><p align = 'left'>  &nbspEmployee Database Application</p>";
print "<tr ><td><p align = 'right'>  <a href='logout.php'>Logout</a></td></tr>";
print "<table align = 'left' border = '1px'>";
print "<tr ><td><a href='empdet.php'>Enter Employee details</a></td></tr>";
print "<tr ><td><a href='empquery.php'>Search Employee details</a></td></tr>";
print "</table>";
}
?>  

[hvle]

I am not sure this solve your problem but..

in your loginscript.php, move the session_start(); to the very top of script.

right below the first <?php

[am_25]

nope! it does not work.

[alpine]

Try to remove session_write_close() - it ends the session, http://no.php.net/manual/en/function.session-write-close.php

[am_25]

nope! it does not work, i removed the session_write_close.

The variables does not get passed on to the index.php script.

Will there be any setting problem

How should the register_globals in the php.ini be should it be on/off.

 

Thanks

 

[hvle]

I could not see any obvious error on your code.  I must ask what version of php are you using and if session is enabled on php.ini

[JasonLewis]

it should be off. always off as far as most programmers are concernd.

[am_25]

; Initialize session on request startup.

session.auto_start = 0

 

register_globals = On

 

Those are my PHP.ini setting, i gave echo statements in the loginscript.php, the value is getting set, but it is not getting passed on to the index.php.

Not sure what could be the problem.

[JasonLewis]

turn register_globals off. it shouldnt be on

[am_25]

;-( nope not working at all....

 

I'm using PHP 5

[curtis_b]

for testing's sake, throw a print_r($_SESSION); on the index.php to see what is in the session.

[am_25]

It shows Array ( )

 

What does this mean?

[am_25]

I tried this simple script from a tutorial and even this does not work.

 

File1.php:

 

 

<?php

session_start();

$_SESSION['username']="enygma";

echo '<a href="file2.php">go to file2</a>';

?>

 

 

 

File2.php:

 

 

<?php

session_start();

echo $_SESSION['username'];

?>

 

 

 

[hvle]

do you put <?php at the first character of the file?  I mean, no space or return line, nothing before that <?php

[am_25]

no I don't have any space or return.

Checked everything still not working

[hvle]

can do do a phpinfo() and tell me what you have on session?

[am_25]

Here are the session details

 

session.auto_start Off Off

session.bug_compat_42 Off Off

session.bug_compat_warn On On

session.cache_expire 180 180

session.cache_limiter nocache nocache

session.cookie_domain no value no value

session.cookie_httponly Off Off

session.cookie_lifetime 0 0

session.cookie_path / /

session.cookie_secure Off Off

session.entropy_file no value no value

session.entropy_length 0 0

session.gc_divisor 1000 1000

session.gc_maxlifetime 1440 1440

session.gc_probability 1 1

session.hash_bits_per_character 5 5

session.hash_function 0 0

session.name PHPSESSID PHPSESSID

session.referer_check no value no value

session.save_handler files files

session.save_path C:\DOCUME~1\anitam\LOCALS~1\Temp\php\upload C:\DOCUME~1\anitam\LOCALS~1\Temp\php\upload

session.serialize_handler php php

session.use_cookies On On

session.use_only_cookies Off Off

session.use_trans_sid 0 0

[am_25]

Fixed the problem It is because of the session.save_path

There was no such directory which existed.

So created the directory and gave write permissions.

 

I have a question, I changed the session.save_path="C:/am/temp";

but it didnot take that path.

 

In the PHPinfo() there is a different path, from where is this path been generated.

 

 

 

[hvle]

good question,

 

I don't know.  I'll post if I found out.

[JasonLewis]

i guess thats what the programmers of PHP no... maybe a mod knows this...

[am_25]

Thank you all for all the help