Jump to content

Dynamic navigation and sessions


miligraf

Recommended Posts

Here is the problem:

 

I made a user login system, after they login (this works fine) a menu shows up so they can edit their account info, when i click the link and the new page loads, it deletes the session so i get the username and password fields again.

 

session_start(); is at the index, so it is in all the pages.

 

This is the code for the login:

 

<? if(!isset($_SESSION['user'])){
if($_POST['login']){
	ob_start();
	include('database.php');
	$sql="SELECT * FROM users WHERE name='$name' and pass='$pass'";
	$result=mysql_query($sql);
	$count=mysql_num_rows($result);

	if($count==1){
		$_SESSION['user']=$name;
	?>
You are now logged in!
	<?
	}else{
	?>
Try again.
	<?
	}
	ob_end_flush();
	mysql_close($connection);
}else{ ?>
	<form action="" method="post" enctype="multipart/form-data">
	Name:<br/><input name="name" id="name" size="27%" type="text"><br/><br/>
	Password:<br/><input name="pass" id="pass" size="27%" type="password"><br/><br/>
	<input name="login" type="Submit" value="Login"> <input type="reset" value="Clear"></form>
<? 	}
}else{?>
<strong>My account</strong><br/>
<a href="?page=account&action=edit" class="enlace">Edit account</a><br/>
<a href="<? session_destroy(); ?>">Logout</a>
<? } ?>

 

Then, there is the account.php file which has the IF and ELSEIF for every "action" setting.

 

Thanks.

Link to comment
https://forums.phpfreaks.com/topic/73141-dynamic-navigation-and-sessions/
Share on other sites

<? if(!isset($_SESSION['ip'])){

  if($_POST['login']){

      ob_start();

      include('database.php');

      $sql="SELECT * FROM users WHERE name='$name' and pass='$pass'";

      $result=mysql_query($sql);

      $count=mysql_num_rows($result);

     

      if($count==1){

        $_SESSION['ip']=$ip;

 

Where is $ip set?

<? if(!isset($_SESSION['ip'])){

  if($_POST['login']){

      ob_start();

      include('database.php');

      $sql="SELECT * FROM users WHERE name='$name' and pass='$pass'";

      $result=mysql_query($sql);

      $count=mysql_num_rows($result);

     

      if($count==1){

        $_SESSION['ip']=$ip;

 

Where is $ip set?

 

Sorry, i just changed that.

I'm pretty sure it has something to do with your output buffering functions. If I recall, it doesn't allow you to output anything in between it. So the sessions are probably affected.

 

As long as the session start is before the buffering, nothing will be affected session wise.

 

Buffering just catches output, nothing else changes (basically).

 

At the top of the page you're having trouble with, right under session_start(), put print_r($_SESSION) and see what it says.

kratsg, buffering does not affect sessions at all!

 

millgraf does the session remain for pages other than your edit page, or is it the only one suffering from this problem?  If it's not the only page, then most likely your sess id isn't being passed correctly.

millgraf does the session remain for pages other than your edit page, or is it the only one suffering from this problem?  If it's not the only page, then most likely your sess id isn't being passed correctly.

 

I get the same problem in all, after i try to access a new page with de session.

 

Check your php.ini file, see how the PHPSESSID is being passed (hopefully, it's got the cookies turned on so it's not passed via url, that's unsafe o_o)

 

what should i have "on" or "off" at my php.ini file ???

 

I dont know if i shouldnt post this but here it goes, the php.ini file:

 

register_globals = off

allow_url_fopen = off

 

expose_php = Off

max_input_time = 60

variables_order = "EGPCS"

extension_dir = ./

upload_tmp_dir = /tmp

precision = 12

SMTP = relay-hosting.secureserver.net

url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset="

 

[Zend]

zend_extension=/usr/local/zo/ZendExtensionManager.so

zend_extension=/usr/local/zo/4_3/ZendOptimizer.so

millgraf does the session remain for pages other than your edit page, or is it the only one suffering from this problem?  If it's not the only page, then most likely your sess id isn't being passed correctly.

 

The session is deleted if i only reload the page...even if its actually logged in.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.