Jump to content

Dynamic navigation and sessions

miligraf

By miligraf
in PHP Coding Help

 Share

Recommended Posts

miligraf Member

miligraf

Posted
Posted

Here is the problem:

 

I made a user login system, after they login (this works fine) a menu shows up so they can edit their account info, when i click the link and the new page loads, it deletes the session so i get the username and password fields again.

 

session_start(); is at the index, so it is in all the pages.

 

This is the code for the login:

 

<? if(!isset($_SESSION['user'])){
if($_POST['login']){
	ob_start();
	include('database.php');
	$sql="SELECT * FROM users WHERE name='$name' and pass='$pass'";
	$result=mysql_query($sql);
	$count=mysql_num_rows($result);

	if($count==1){
		$_SESSION['user']=$name;
	?>
You are now logged in!
	<?
	}else{
	?>
Try again.
	<?
	}
	ob_end_flush();
	mysql_close($connection);
}else{ ?>
	<form action="" method="post" enctype="multipart/form-data">
	Name:<br/><input name="name" id="name" size="27%" type="text"><br/><br/>
	Password:<br/><input name="pass" id="pass" size="27%" type="password"><br/><br/>
	<input name="login" type="Submit" value="Login"> <input type="reset" value="Clear"></form>
<? 	}
}else{?>
<strong>My account</strong><br/>
<a href="?page=account&action=edit" class="enlace">Edit account</a><br/>
<a href="<? session_destroy(); ?>">Logout</a>
<? } ?>

 

Then, there is the account.php file which has the IF and ELSEIF for every "action" setting.

 

Thanks.

Link to comment
Share on other sites
corbin Regular Member

corbin

Posted
Posted

<? if(!isset($_SESSION['ip'])){

  if($_POST['login']){

      ob_start();

      include('database.php');

      $sql="SELECT * FROM users WHERE name='$name' and pass='$pass'";

      $result=mysql_query($sql);

      $count=mysql_num_rows($result);

     

      if($count==1){

        $_SESSION['ip']=$ip;

 

Where is $ip set?

Link to comment
Share on other sites
miligraf Member

miligraf

Posted
  • Author
Posted

<? if(!isset($_SESSION['ip'])){

  if($_POST['login']){

      ob_start();

      include('database.php');

      $sql="SELECT * FROM users WHERE name='$name' and pass='$pass'";

      $result=mysql_query($sql);

      $count=mysql_num_rows($result);

     

      if($count==1){

        $_SESSION['ip']=$ip;

 

Where is $ip set?

 

Sorry, i just changed that.

Link to comment
Share on other sites
corbin Regular Member

corbin

Posted
Posted

I'm pretty sure it has something to do with your output buffering functions. If I recall, it doesn't allow you to output anything in between it. So the sessions are probably affected.

 

As long as the session start is before the buffering, nothing will be affected session wise.

 

Buffering just catches output, nothing else changes (basically).

 

At the top of the page you're having trouble with, right under session_start(), put print_r($_SESSION) and see what it says.

Link to comment
Share on other sites
corbin Regular Member

corbin

Posted
Posted

kratsg, buffering does not affect sessions at all!

 

millgraf does the session remain for pages other than your edit page, or is it the only one suffering from this problem?  If it's not the only page, then most likely your sess id isn't being passed correctly.

Link to comment
Share on other sites
miligraf Member

miligraf

Posted
  • Author
Posted

millgraf does the session remain for pages other than your edit page, or is it the only one suffering from this problem?  If it's not the only page, then most likely your sess id isn't being passed correctly.

 

I get the same problem in all, after i try to access a new page with de session.

 

Check your php.ini file, see how the PHPSESSID is being passed (hopefully, it's got the cookies turned on so it's not passed via url, that's unsafe o_o)

 

what should i have "on" or "off" at my php.ini file ???

 

I dont know if i shouldnt post this but here it goes, the php.ini file:

 

register_globals = off

allow_url_fopen = off

 

expose_php = Off

max_input_time = 60

variables_order = "EGPCS"

extension_dir = ./

upload_tmp_dir = /tmp

precision = 12

SMTP = relay-hosting.secureserver.net

url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset="

 

[Zend]

zend_extension=/usr/local/zo/ZendExtensionManager.so

zend_extension=/usr/local/zo/4_3/ZendOptimizer.so

Link to comment
Share on other sites
miligraf Member

miligraf

Posted
  • Author
Posted

millgraf does the session remain for pages other than your edit page, or is it the only one suffering from this problem?  If it's not the only page, then most likely your sess id isn't being passed correctly.

 

The session is deleted if i only reload the page...even if its actually logged in.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.