Session Problem

[mem0ri]

My problem is (hopefully) not in the implementation of a session...using PHP 5...but my session does not seem to propogate itself across pages...or even on refresh to the same page...help?

Login page takes a username and password...checks against MySQL database...and then reloads...grabbing the session variable $_SESSION['perms'] to build a menu. When echoing this $SESSION['perms'], it comes up empty...?

[code]
<?php
//----------LOGIN-------------------------------------------------------------------------------------------------------------------------------
//User Login ...and other commented info

//----------------------------------------------------------------------------------------------------------------------------------------------

//Includes--------------------------------------------------------------------------------------------------------------------------------------
    require("MySQLQueries.php");  //holds my MySQL functions...works fine.
    require("FormsandHeaders.php");  //holds generic html output...works fine.

//Declaration of Variables----------------------------------------------------------------------------------------------------------------------
    $perms = @$_SESSION['perms'];  //<--MY PROBLEM CHILD!!!
    
    $email = @$_POST['emailbox'];
    $pass = @$_POST['passwordbox'];
    $login = @$_POST['Login'];
    $pagename = "Login.php";
    $pagetitle = "(company) Login";
    
//Functions-------------------------------------------------------------------------------------------------------------------------------------
    if($login) //if the login button was pressed
    {
        $getuser = array();
        $getuser = fetchSingle("user", "$email", "email"); //get the username
        $checkpass = @$getuser['password'];

        if($checkpass == $pass) //ensure the password, login success
        {
            session_start();  //start the session
            $fullname = $getuser['firstname']." ".$getuser['lastname'];
            $sessperms = $getuser['catid'];
            $form1 = "Login Successful.  Welcome ".$fullname.".";
            $_SESSION['user']=$fullname;  //set session variable
            $_SESSION['perms']=$sessperms; //set session variable
        }
        else  //show login failed
        {
            $times = 0;
            $form1 = "Login Failed.  After ".$times." more failed attempts, your computer will be locked out";
            $form1 .=" of the system for 24 hours.<br>";
            $form1 .="<a href=\"Login.php\">Try Again</a>";
        }
    }
    else  //create the login form
    {
        $form1 = "<br><br><table align=\"center\"><tr><td colspan=\"2\">Login to (company)</td>";
        $form1 .="</tr><form action=\"Login.php\" method=\"POST\" name=\"LoginForm\"><tr>";
        $form1 .="<td>E-mail:</td><td><input name=\"emailbox\" type=\"text\" id=\"emailbox\" maxlength=\"30\"></td></tr>";
        $form1 .="<tr><td>Password:</td><td><input name=\"passwordbox\" type=\"password\" id=\"passwordbox\" maxlength=\"30\"></td></tr>";
        $form1 .="<tr><td colspan=\"2\" align=\"right\"><input type=\"submit\" name=\"Login\" value=\"Login\"></td></tr></form></table>";
    }
    
    $header = getHeader($pagetitle);  //get page template
    
    if($perms) $menu = getMenu($perms, $pagename);  //get menu options
    else $menu = getMenu(NULL, $pagename);
    
//Page Execution--------------------------------------------------------------------------------------------------------------------------------
    echo($header);  //execute the page.
    echo("<table align=\"center\" width=\"780\"><tr><td>");
    echo($menu);
    echo("</td><td align=\"left\">");
    echo($form1);
    echo("</td></tr></table>");

?>
[/code]

[keeB]

Where's your [code]session_start()[/code]????

it should be the top most code.. before any includes, before anything!

[mem0ri]

[!--quoteo(post=354991:date=Mar 14 2006, 10:42 AM:name=keeB)--][div class=\'quotetop\']QUOTE(keeB @ Mar 14 2006, 10:42 AM) [snapback]354991[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Where's your [code]session_start()[/code]????

it should be the top most code.. before any includes, before anything!
[/quote]


Well...my session_start() doesn't come until after the user presses the "Login" button. Once that is done, the page refreshes and a session_start() is called...then session variables declared.

I was under the impression that a session_start() did not need to be started until you wanted one...and then variables declared...

...do I need a session_start() at the beginning of every page from which I want session variables? That seems a bit odd...

[keeB]

Nope.. it's not odd at all.. If you're going to be working with sessions (server side cookies) then you need to initialize them before you can write and read from them.. it only makes sense, doesn't it?

[mem0ri]

[!--quoteo(post=355019:date=Mar 14 2006, 11:45 AM:name=keeB)--][div class=\'quotetop\']QUOTE(keeB @ Mar 14 2006, 11:45 AM) [snapback]355019[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Nope.. it's not odd at all.. If you're going to be working with sessions (server side cookies) then you need to initialize them before you can write and read from them.. it only makes sense, doesn't it?
[/quote]


Makes sense...just figured that a session_start() was to initialize a session...i.e...start it...not to propogate the same session across pages.

I appreciate the help there...but apparently that was not the problem...still no propogation across pages.

[keeB]

[!--quoteo(post=355025:date=Mar 14 2006, 07:59 PM:name=mem0ri)--][div class=\'quotetop\']QUOTE(mem0ri @ Mar 14 2006, 07:59 PM) [snapback]355025[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Makes sense...just figured that a session_start() was to initialize a session...i.e...start it...not to propogate the same session across pages.

I appreciate the help there...but apparently that was not the problem...still no propogation across pages.
[/quote]

Well let me look more closely at the code and see if I can help further.. at first glance nothing seems wrong. Can you say speicifically which page the data is not being carried over to?

Small question.. why are you using the [b]@[/b] sign? I've never seen / used that syntax before.

[mem0ri]

Thanks for looking over this code with me so closely.

The @ symbol is to surpress errors...as when the page initially loads, there should be no value in $_SESSION['perms'] and therefore $perms would throw an "undefined variable" error if it were not preceeded with @.

I could do a if(isset($_SESSION['perms'])) $perms = $_SESSION['perms'];...but...yea...that's a lot more typing than just @.

Of course...the short argument might be "why even bother to set a session variable to another variable"? Let's just say it results in less total typing in the end...and easier playing with code.

ANYWAY...the page is simply refreshing to itself. The idea is that a person goes to this login page...puts in their username and password...clicks the "Login" button...and the page reloads...with the side menu now showing up.

So...the answer is...the page loads to itself.

[keeB]

Keep playing around with it or we can wait for someone else to come help, but right now I am in windows and can't help test as of yet..

[code]<?php

session_start();

function session_checker(){
    if (!isset($_SESSION["user"])) {
        // do something if the session is not set.. (show the login page, whatever) for now we will just register the $_SESSION["user"] variable
        $_SESSION["user"] = "keeb";
    }
}

session_checker();

print $_SESSION["user"];

?>[/code]

That's how I would do it

[kb0000]

Yah i do have the problem in 5.2.1 .I have just switched over o this version. And earlier in php 4.3.2 the session was working all fine but here the session_start() is not working at all.
Please help.