session variable problem

[tolkienarda]

hi all i have been programing in php for about nine months and i am having a problem for about the past month that i just cannot solve.

 

it is concerning login scripts and header information.

i am running WAMP with php v5.somthing

 

i can sucessfully register session variables as long as i do everything right after my session_start(). below is my file directory and the scripts i am using (there are two pages called login.php sorry for the poor naming convention)

 

root

  login.php - where username and password are entered, sends info to scripts/login.php

  logged.php - where sucessful logins are redirected to

  -scripts

      login.php - processes the login information sent from ../login.php

 

login.php

<? 
session_start();
echo $_SESSION['message']; 
echo 'i hate computers';
?>
<html>
<head>
<title>login</title>
</head>
<body>
<form action="scripts/login.php" method="post" />
Username: <input type="text" name="uname" /><br>
Password: <input type="text" name="pass" /><br>
<input name="login" type="submit" id="login" value="login" />
</form>
</body> 
</html>

this outputs 'i hate computers after an uncessful login but not the message'

 

scripts/login.php - process the data from ../login.php

<?
$Login=$_POST['login'];
if($Login)
{
$username=$_POST['uname'];
$password=$_POST['pass'];


$host="localhost"; // Host name.
$db_user="eric"; // MySQL username.
$db_password="dal4120"; // MySQL password.
$database="wytrkcms"; // Database name.
$cms = mysql_pconnect($host, $db_user, $db_password) or trigger_error(mysql_error(),E_USER_ERROR);

 $result=mysql_query("SELECT user, pass FROM users WHERE user='$username' AND pass='$password'")
	 or die("SELECT error: " . mysql_error()); 

if(mysql_num_rows($result)=='1')
{ 
	session_start();
	session_destroy();
	session_register("admin");
	header("location: ../logged.php");	
}else
{
	$_SESSION['message'] = "--- Incorrect Username or Password ---";
	header("location: ../login.php");
}
}
?>

this of course has no output but will redirect to the approiate place depending on rather the input was correct or not, note the $_SESSION['message'] can be displayed under where it is set if i put an echo $_SESSION['message']; statement instead of the header redirect

 

and logged.php

<?
session_start();
if(session_is_registered("admin")){ 
header("!location:login.php"); 
}
?>
<html>
<head>
<title>logged</title>
</head>
<body>
logged in sucessfully
</body>
</html>

 

this page will do what it is supposed to

 

my questions are why won't my session_register() function work unless it is right under the session_start() function

and why wont the $_SESSION variable work on the next page

 

if my guesses are right headers are being sent at odd times because i get the 'header cannot be modified' error alot.

my thought for a solution (if it is possible) would hold all header information untill the end of the script to be sent, not sure if this is possible but if it is could someone post how to do it

or any other idea you may have

 

thanks

 

eric

[john010117]

Try changing all of this:

<?

 

...to this:

<?php

 

Shorthand tags are turned off at default for PHP 5 and later.

[trq]

You don't call session_start() before setting $SESSION['message'].

 

{
  session_start();
  $_SESSION['message'] = "--- Incorrect Username or Password ---";
  header("location: ../login.php");
}

 

Also note that session_register() has LONG been deprecated.

[tolkienarda]

thank you both

 

as a question regarding the note of the last post

 

what is currently the standard that replaced session_register() do i just use cookies or use $_SESSION vars. or is there a new function to replace it

 

thanks again to you both

 

eric

[trq]

Just set the $_SESSION var, no need to register it first. eg;

 

<?php

  session_start();
  $_SESSION['foo'] = 'bar';

?>