only one Posted October 21, 2007 Share Posted October 21, 2007 Hi, im building a forum system, i was using cookies too log people in, but obviously some of them want too be able to be logged out when they close their browser, so i thought I'd integrate it with sessions, but on the second page of being logged in the session expires. Do i need to redeclare the session? Quote Link to comment Share on other sites More sharing options...
soycharliente Posted October 21, 2007 Share Posted October 21, 2007 It's hard to diagnose the problem without looking at some of your code. But generally, having something like session_start() should make sure to open a session on each page if one is not already opened so that the use of session variables can take place. Quote Link to comment Share on other sites More sharing options...
only one Posted October 21, 2007 Author Share Posted October 21, 2007 I know that already i placed session_start(); ontop of each page, heres some code like you asked: When they log in declare it: if($row) { $time = date("D d F Y H:i:s"); $ip = $_SERVER['REMOTE_ADDR']; mysql_query("INSERT INTO `user_logs` (`userid`,`ip`,`time`) VALUES ('$row[id]','$ip','$time')"); mysql_query("DELETE FROM `guests` WHERE `ip` = '$_SERVER[REMOTE_ADDR]'"); if(!isset($_POST['staylogged'])) { $_SESSION["user"] = $row[username]; } else { setcookie("user", $row[username]); } I have this on the top of every page aswell: if($_SESSION['user']) { $query = mysql_query("SELECT * FROM `users` WHERE `username` = '$_SESSION[user]'"); $user = mysql_fetch_array($query); $logged = true; } if($_COOKIE['user']) { $query = mysql_query("SELECT * FROM `users` WHERE `username` = '$_COOKIE[user]'"); $user = mysql_fetch_array($query); $logged = true; } Quote Link to comment Share on other sites More sharing options...
only one Posted October 21, 2007 Author Share Posted October 21, 2007 BUMP Quote Link to comment Share on other sites More sharing options...
phpknight Posted October 21, 2007 Share Posted October 21, 2007 Print out the session id for each page so you can see if you are really dealing with the same session or if something weird is happening. Quote Link to comment Share on other sites More sharing options...
only one Posted October 21, 2007 Author Share Posted October 21, 2007 Print out the session id for each page so you can see if you are really dealing with the same session or if something weird is happening. Never thought of that. Quote Link to comment Share on other sites More sharing options...
only one Posted October 21, 2007 Author Share Posted October 21, 2007 No. Still not working. The session has the same id the whole way through but the weird thing is if i set $_SESSION['user'] again as the value of the array: if($_SESSION['user']) { $query = mysql_query("SELECT * FROM `users` WHERE `username` = '$_SESSION[user]'"); $user = mysql_fetch_array($query); $_SESSION['user'] = $user[username]; $logged = true; } The session stays, but it the value of the user variable is 0. Quote Link to comment Share on other sites More sharing options...
phpknight Posted October 21, 2007 Share Posted October 21, 2007 What about this? $_POST['staylogged'] If the user goes to the second page, this will not be set. Once you do the check, you should set a $_SESSION['staylogged']. Then, check that value. Quote Link to comment Share on other sites More sharing options...
dbo Posted October 21, 2007 Share Posted October 21, 2007 And don't use $user[username] that's bad, use $user['username'] Quote Link to comment Share on other sites More sharing options...
only one Posted October 21, 2007 Author Share Posted October 21, 2007 And don't use $user[username] that's bad, use $user['username'] I was just showing a quick example. What about this? $_POST['staylogged'] If the user goes to the second page, this will not be set. Once you do the check, you should set a $_SESSION['staylogged']. Then, check that value. I tried that but the i still need to put the $_SESSION['user'] in and its not keeping its data Quote Link to comment Share on other sites More sharing options...
phpknight Posted October 21, 2007 Share Posted October 21, 2007 Give me an example of that with real data so I can try to see what happens. Quote Link to comment Share on other sites More sharing options...
only one Posted October 21, 2007 Author Share Posted October 21, 2007 Give me an example of that with real data so I can try to see what happens. A link? http://onlyonerule.pwnds.info/forum/ Quote Link to comment Share on other sites More sharing options...
lewis987 Posted October 21, 2007 Share Posted October 21, 2007 post your login page Quote Link to comment Share on other sites More sharing options...
only one Posted October 21, 2007 Author Share Posted October 21, 2007 if($_GET['q'] == 'Login') { if($logged) { $_GET['q'] = "Home"; } else { $title = "<a href=\"$_SERVER[php_SELF]?q=Login\">Login</a> "; $content = true; $contents = " <form action=\"$_SERVER[php_SELF]?q=Login\" method=\"post\" name=\"login\"> <table class=\"board\"> <tr> <td class=\"board_title\" colspan=\"2\">Login</td> </tr> <tr> <td>Username</td> <td><input type=\"text\" name=\"username\" value=\"$_POST[username]\" class=\"textbox2\" maxlength=\"20\" /></td> </tr> <tr> <td>Password</td> <td><input type=\"password\" name=\"password\" class=\"textbox2\" maxlength=\"32\" /></td> </tr> <tr> <td> Stay logged in: <input type=\"checkbox\" name=\"staylogged\" /> </td> </tr> <tr> <td colspan=\"2\"><input type=\"submit\" name=\"submit\" class=\"submit1\" value=\"Login\" /></td> </tr> </table> </form> "; if(isset($_POST['submit'])) { if($_POST['username'] == NULL) { $error = true; $errors .= "<li> Please fill in your Username. </li>"; } if($_POST['password'] == NULL) { $error = true; $errors .= "<li> Please fill in your Password. </li>"; } if(!$error) { $username = htmlentities("$_POST[username]"); $password = md5("$_POST[password]"); $query = mysql_query("SELECT * FROM `users` WHERE `username` = '$username' AND `password` = '$password'"); $row = mysql_fetch_array($query); if($row) { $time = date("D d F Y H:i:s"); $ip = $_SERVER['REMOTE_ADDR']; mysql_query("INSERT INTO `user_logs` (`userid`,`ip`,`time`) VALUES ('$row[id]','$ip','$time')"); mysql_query("DELETE FROM `guests` WHERE `ip` = '$_SERVER[REMOTE_ADDR]'"); if(!isset($_POST['staylogged'])) { $_SESSION['user'] = "$row[username]"; } else { setcookie("user", $row[username]); } header("location: $_SERVER[php_SELF]"); die("<meta http-equiv=\"refresh\" content=\"0;URL=$_SERVER[php_SELF]\" />"); $content = false; $success = true; $successfully = "<li><font color=\"#00cc00\">Successfully</font>: Logged in... Welcome "$username".</li>"; } else { $error = true; $errors .= "<li><font color=\"#ff0000\">Error</font>: Incorrect Username and Password combination.</li> "; } } } } } Quote Link to comment Share on other sites More sharing options...
lewis987 Posted October 21, 2007 Share Posted October 21, 2007 $_SESSION['user'] = "$row[username]"; should be $_SESSION['user'] = $row['username']; other than that, i dont know where the problem lies... the only thing it can be is that session_start(); isnt at the head of each page Quote Link to comment Share on other sites More sharing options...
phpknight Posted October 21, 2007 Share Posted October 21, 2007 Shouldn't this: if(!isset($_POST['staylogged'])) be this: if(isset($_POST['staylogged'])) Quote Link to comment Share on other sites More sharing options...
only one Posted October 22, 2007 Author Share Posted October 22, 2007 $_SESSION['user'] = "$row[username]"; should be $_SESSION['user'] = $row['username']; other than that, i dont know where the problem lies... the only thing it can be is that session_start(); isnt at the head of each page The page has 2000 lines of code, I don't want to paste it all. Shouldn't this: if(!isset($_POST['staylogged'])) be this: if(isset($_POST['staylogged'])) No basically by placing a ! infront of the isset() function it asks if $_POST['staylogged'] isn't set. Quote Link to comment Share on other sites More sharing options...
phpknight Posted October 22, 2007 Share Posted October 22, 2007 I understand that. I just thought the logic was backwards. Quote Link to comment Share on other sites More sharing options...
only one Posted October 22, 2007 Author Share Posted October 22, 2007 I understand that. I just thought the logic was backwards. Don't ask me why it is like it is but when i do it the normal way the cookie doesn't get set. Quote Link to comment Share on other sites More sharing options...
phpknight Posted October 22, 2007 Share Posted October 22, 2007 Right, but it isn't possible that that issue is the problem. Because if it is not set, the session doesn't get set, but it should! Quote Link to comment Share on other sites More sharing options...
only one Posted October 22, 2007 Author Share Posted October 22, 2007 Right, but it isn't possible that that issue is the problem. Because if it is not set, the session doesn't get set, but it should! The session does get set, but it only gets set for 2 pages, on the second it begins too fade, and by the third you are logged out again. Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted October 22, 2007 Share Posted October 22, 2007 You probably should check whether "register_globals" is disabled. If it is enabled, you will have problems when there is a local variable that is named the same as a session variable. For example, with register_globals enabled <?php session_start(); $user = 'xyz'; $_SESSION['user'] = 'abc'; ?> You will find that the value of the $user variable will clobbered by the value of the $_SESSION['user'] variable. Ken Quote Link to comment Share on other sites More sharing options...
MadTechie Posted October 22, 2007 Share Posted October 22, 2007 Few fixes <?php if($row) { $time = date("D d F Y H:i:s"); $ip = $_SERVER['REMOTE_ADDR']; mysql_query("INSERT INTO `user_logs` (`userid`,`ip`,`time`) VALUES ('{$row['id']}','$ip','$time')"); mysql_query("DELETE FROM `guests` WHERE `ip` = '$ip' "); if(!isset($_POST['staylogged'])) { $_SESSION["user"] = $row['username']; } else { setcookie("user", $row['username'], time()+(3600*24*1)); //1 day (change 1 to suite) } ?> <?php if($_SESSION['user']) { $query = mysql_query("SELECT * FROM `users` WHERE `username` = '{$_SESSION['user']}'"); $user = mysql_fetch_array($query); $logged = true; } if($_COOKIE['user']) { $query = mysql_query("SELECT * FROM `users` WHERE `username` = '{$_COOKIE['user']}'"); $user = mysql_fetch_array($query); $logged = true; } ?> Quote Link to comment Share on other sites More sharing options...
only one Posted October 22, 2007 Author Share Posted October 22, 2007 You probably should check whether "register_globals" is disabled. If it is enabled, you will have problems when there is a local variable that is named the same as a session variable. For example, with register_globals enabled <?php session_start(); $user = 'xyz'; $_SESSION['user'] = 'abc'; ?> You will find that the value of the $user variable will clobbered by the value of the $_SESSION['user'] variable. Ken Thanks, they actually aren't globaled but that worked. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.