Jump to content

[SOLVED] unable to read sessions

max_w1

By max_w1
in PHP Coding Help

 Share

Recommended Posts

revraz Member

revraz

Posted
Posted

You still don't have session_start(); at the top of that file.

 

the entire login.php looks like this

<?php 
ob_start();
  print "SESSION ID: ".session_id();
  print "\nSession module: ".session_module_name();
  print "\nSession save path: ".session_save_path();
  $_SESSION['loggedin'] = 'testuser';
  $_SESSION['time'] = time();
  print "\nSession data: ";
  print_r($_SESSION);

////////////////////////////////////////////////////////////////////////////////////////////
/**//**//**/require ("config.php");/**//**//**//**//**//**//**//**//**//**//**//**//**//**///
/////////////////////////////////////////////////////////////////////////////////////////////	
if (isset ($_COOKIE['password']) || isset ($_COOKIE['rempassword'])) 
{
echo("you are already logged in");
}
else
{

      // Variables that data come from the form
      $username = $_POST["username"];
      $password = $_POST["password"];
      $login    = $_POST["login"]; 
  $ipaddress = $REMOTE_ADDR;
  $remember  = $_POST["remem"];
      // Check if username and password where submitted
    	
  if(isset($login))
  {
  if(isset($login))
  {
  if (!$username) {
          echo "Please enter username"; exit;
      }
      if (!$password) {
          echo "Please enter password"; exit;
      }

     
     
    
      $issuchusername = mysql_query("SELECT * FROM users WHERE username = '$username'");
      $usernamelogin = mysql_num_rows($issuchusername);

    
      if ($usernamelogin == 1) {
  

          $issuchpassword = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'");
          $passwordlogin = mysql_num_rows($issuchpassword);

         
          if ($passwordlogin == 1) {
	 if(isset($remember))
				 {
				 if(isset($remember)){
    setcookie('username', $username, time()+1209600);
    setcookie('password', base64_encode ($password), 0);
    setcookie('remember', $remember, 0);
    setcookie('ipaddress', $ipaddress, 0);
  }
  //remove the anti-hacking cookie
  setcookie ('tries', '', time()-60, '/', '', 0);
  $_SESSION['loggedin'] = $_POST['username'];
  $_SESSION['time'] = time();
  header ('Location: /members.php');
  exit;
				 }
				 else 
				 {
				 session_start();
		//remove the anti-hacking cookie
		setcookie ('tries', '', time()-60, '/', '', 0);
		$_SESSION['loggedin'] = $_POST['username'];
		$_SESSION['time'] = time();
		header ('Location: members.php');
				 }
                 }
					           
          }
          else {
              echo "Incorrect username/password1";
              header("Location: index.php?error=true");
		  exit;
          }
      }
      if(!$usernamelogin)
  {
  echo "incorrect username or password";
  header("Location: index.php?error=true");
  exit;
}
  }
} 
?>

 

 

 

Link to comment
Share on other sites
max_w1 Member

max_w1

Posted
  • Author
Posted

well now i have but does'nt work still. i think it is not necessary to have session_start(); on the first

line because the ob_start(); will be gone to second line and the headers will stop working..

 <?php 
session_start();
ob_start();
  print "SESSION ID: ".session_id();
  print "\nSession module: ".session_module_name();
  print "\nSession save path: ".session_save_path();
  $_SESSION['loggedin'] = 'testuser';
  $_SESSION['time'] = time();
  print "\nSession data: ";
  print_r($_SESSION);

////////////////////////////////////////////////////////////////////////////////////////////
/**//**//**/require ("config.php");/**//**//**//**//**//**//**//**//**//**//**//**//**//**///
/////////////////////////////////////////////////////////////////////////////////////////////	
if (isset ($_COOKIE['password']) || isset ($_COOKIE['rempassword'])) 
{
echo("you are already logged in");
}
else
{

      // Variables that data come from the form
      $username = $_POST["username"];
      $password = $_POST["password"];
      $login    = $_POST["login"]; 
  $ipaddress = $REMOTE_ADDR;
  $remember  = $_POST["remem"];
      // Check if username and password where submitted
    	
  if(isset($login))
  {
  if(isset($login))
  {
  if (!$username) {
          echo "Please enter username"; exit;
      }
      if (!$password) {
          echo "Please enter password"; exit;
      }

     
     
    
      $issuchusername = mysql_query("SELECT * FROM users WHERE username = '$username'");
      $usernamelogin = mysql_num_rows($issuchusername);

    
      if ($usernamelogin == 1) {
  

          $issuchpassword = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'");
          $passwordlogin = mysql_num_rows($issuchpassword);

         
          if ($passwordlogin == 1) {
	 if(isset($remember))
				 {
				 if(isset($remember)){
    setcookie('username', $username, time()+1209600);
    setcookie('password', base64_encode ($password), 0);
    setcookie('remember', $remember, 0);
    setcookie('ipaddress', $ipaddress, 0);
  }
  //remove the anti-hacking cookie
  setcookie ('tries', '', time()-60, '/', '', 0);
  $_SESSION['loggedin'] = $_POST['username'];
  $_SESSION['time'] = time();
  header ('Location: /members.php');
  exit;
				 }
				 else 
				 {
				 session_start();
		//remove the anti-hacking cookie
		setcookie ('tries', '', time()-60, '/', '', 0);
		$_SESSION['loggedin'] = $_POST['username'];
		$_SESSION['time'] = time();
		header ('Location: members.php');
				 }
                 }
					           
          }
          else {
              echo "Incorrect username/password1";
              header("Location: index.php?error=true");
		  exit;
          }
      }
      if(!$usernamelogin)
  {
  echo "incorrect username or password";
  header("Location: index.php?error=true");
  exit;
}
  }
} 

  

  //===============================================
  //script compleated on friday 14 december 6:35 pm
  //===============================================
  // errors has to be sorted out in the next version
  //+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\
  //loginscpt tested in mozilla firefox and internet explorer while cookies are enabled|)
  //+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++/ 
  //popup blocker must be enabled.
  //++++++++++++++++++++++++++++++ 
  //TATA BYEBYE SEEYOU .
  //++++++++++++++++++++++++++++++    
?>

Link to comment
Share on other sites
rhodesa Newbie

rhodesa

Posted
Posted

it can be index.html as long as there is no PHP in it...

 

try this for login.php:

 

<?php 
  session_start();
  require ("config.php");
  if (isset ($_COOKIE['password']) || isset ($_COOKIE['rempassword']))
    die("you are already logged in");

  // Variables that data come from the form
  $username = $_POST["username"];
  $password = $_POST["password"];
  $login = $_POST["login"]; 
  $ipaddress = $_SERVER['REMOTE_ADDR'];
  $remember  = $_POST["remem"];
  //Check if username and password where submitted
  if(!strlen($username))
    die("Please enter username");
  if(!strlen($password))
    die("Please enter password");
  $userdata = mysql_query("SELECT * FROM users WHERE username = '".mysql_real_escape_string($username)."'");
  if(mysql_num_rows($userdata) !== 1)
    die("Invalid username/password");

  //Checkpassword
  if(strcmp($userdata['password'],$password))
    die("Invalid password");

  if(isset($remember)){
    setcookie('username', $username, time()+1209600);
    setcookie('password', base64_encode ($password), 0);
    setcookie('remember', $remember, 0);
    setcookie('ipaddress', $ipaddress, 0);
  }

  //remove the anti-hacking cookie
  setcookie ('tries', '', time()-60, '/', '', 0);

  $_SESSION['loggedin'] = $username;
  $_SESSION['time'] = time();
  header ('Location: /members.php');
  exit;
?>

Link to comment
Share on other sites
rhodesa Newbie

rhodesa

Posted
Posted

you are correct...overwrite this block of code:

 

  $userdata = mysql_query("SELECT * FROM users WHERE username = '".mysql_real_escape_string($username)."'");
  if(mysql_num_rows($userdata) !== 1)
    die("Invalid username/password");
  $entry = mysql_fetch_array($userdata);

  //Checkpassword
  if(strcmp($entry['password'],$password))
    die("Invalid password");

Link to comment
Share on other sites
max_w1 Member

max_w1

Posted
  • Author
Posted

SUCESS it is displaying the session buy it is also giving the following error:

 

Warning: session_start(): Cannot send session cookie - headers already sent by (output started at C:\Program Files\YellowTip\Htdocs\dragonballZ\members.php:9) in C:\Program Files\YellowTip\Htdocs\dragonballZ\members.php on line 194

 

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at C:\Program Files\YellowTip\Htdocs\dragonballZ\members.php:9) in C:\Program Files\YellowTip\Htdocs\dragonballZ\members.php on line 194

 

what is that error for?

Link to comment
Share on other sites
rhodesa Newbie

rhodesa

Posted
Posted

First thing, you were starting your sessions properly. As many people noted, it needs to be the VERY first thing called.

 

But your login.php file was a mess. Open the old version and the new version side by side and you will see the many many changes I had to make.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.