Jump to content

Communication between pages using sessions not working

willc

By willc
in PHP Coding Help

 Share

Recommended Posts

willc Newbie

willc

Posted
Posted

Hello,

I am having some difficulty.

 

I have a page that I am trying to limit access to:

www.mydomain.com/forum/index.php

 

I only want members to be able to get to that page after a successful log in and from a link within a members only page:

www.mydomain.com/members/members_page.php

 

On members_page.php, the link will take us to another page (www.mydomain.com/members/forum.php).

 

On forum.php, the www.mydomain.com/forum/index.php page is "embedded" using phpinclude. 

 

The sessions don't seem to be working.  I know I'm missing something because I am an idiot with this stuff.

 

 

So, here's how the progression goes and the essential code for each page:

1.  Deny access to www.mydomain.com/forum/index.php directly unless they have logged in:

<?php

session_start();

if ($_SESSION['access'] !== true)

{

header("location:http://www.mydomain.com/members/main_login.php");

}

?>

HTML and php of the forum index page falls below the code above.

 

2.  If they have not logged in, they have been directed to main_login.php.  Here is the code on that page:

<?

session_start();

if ($_SESSION['access'] == true)

{

header("location:http://www.mydomain.com/members/members_page.php"); //let them in if successful log-in

}

?>

Form HTML falls below the code above.

 

3.  After they have entered their log-in information, they are sent to checklogin.php to see if the username and password match.  Here is the code for that:

 

<?php

session_start();

$host="xxxxx";

$username="xxxxx";

$password="xxxxx";

$db_name="xxxxx";

$tbl_name="xxxxxx";

 

mysql_connect("$host", "$username", "$password")or die("cannot connect");

mysql_select_db("$db_name")or die("cannot select DB");

 

$myusername=strtoupper($_POST['myusername']);

$mypassword=$_POST['mypassword'];

 

$sql="SELECT * FROM $tbl_name WHERE UPPER(lastname) LIKE '%$myusername%' and membernum='$mypassword'";

$result=mysql_query($sql);

 

$count=mysql_num_rows($result);

 

if($count==1){

$_SESSION['access'] = true;

header("Location: http://www.mydomain.com/members/members_page.php");

}

else {

echo "Wrong Username or Password";

}

?>

 

4.  If they have logged in successfully, they are sent to the members_page.php.

 

Here is the php code for that page:

<?php

session_start();

if ($_SESSION['access'] !== true)

{

header("location:http://www.mydomain.com/members/main_login.php");

}

 

5. On members_page.php, there is a link to another page (www.mydomain.com/members/forum.php) which has the forum index page (www.mydomain.com/forum/index.php) embedded in it using phpinclude.  So when they load www.mydomain.com/members/forum.php, they are actually partly seeing www.mydomain.com/forum/index.php within it.

 

Here is the code for www.mydomain.com/members/forum.php

<?php

session_start();

if ($_SESSION['access'] !== true)

{

header("location:http://www.mydomain.com/members/main_login.php");

}

?>

HTML of website with php code is down below the code above.  The link to the actual forum  (www.mydomain.com/forum/index.php) is done using phpinclude so it happens automatically.  So phpinclude brings the forum page (forum/index.php) into the members' forum page (members/forum.php). 

 

Here is that code in the middle of the HTML of the forum.php page:

<?php

session_start();

$_SESSION['access'] = true;

include("http://www.mydomain.com/forum/");

?>

 

 

My problem is that I can't get into the forum.  I am just sent endlessly in a loop from the member log in page to the members only page, around and around.  I suspect that something is happening where the session is not being carried over from the link on the members_only page to the forum.php page.  The access=true is not working on the embedded forum because it keeps asking me to log-in.

 

Should I not be using phpinclude or do you see something that I don't that is not allowing me to get into the forum?  I think I am probably using sessions incorrectly.

 

Any help in any area greatly appreciated.

 

Thank you,

Will

 

 

Link to comment
Share on other sites
l0ve2hat3 Member

l0ve2hat3

Posted
Posted

also enclose all the access session value in qoutes

 

if($count==1){
session_register("access"); //register first
$_SESSION['access'] = "true"; //enclose in quotes
header("Location: http://www.mydomain.com/members/members_page.php");
}
else {
echo "Wrong Username or Password";
}
?>

 

wrap in quotes for all pages

<?
session_start();
if ($_SESSION['access'] == "true")
{
header("location:http://www.mydomain.com/members/members_page.php"); //let them in if successful log-in
}
?>

Link to comment
Share on other sites
l0ve2hat3 Member

l0ve2hat3

Posted
Posted

this is wrong. !==

Here is the code for www.mydomain.com/members/forum.php
<?php
session_start();
if ($_SESSION['access'] !== true)
{
header("location:http://www.mydomain.com/members/main_login.php");
}
?>

 

use this !=

and dont forget to enclose in quotes

Here is the code for www.mydomain.com/members/forum.php
<?php
session_start();
if ($_SESSION['access'] != "true")
{
header("location:http://www.mydomain.com/members/main_login.php");
}
?>

Link to comment
Share on other sites
l0ve2hat3 Member

l0ve2hat3

Posted
Posted

lol sorry.

WHY are you doing this???

$sql="SELECT * FROM $tbl_name WHERE UPPER(lastname) LIKE '%$myusername%' and membernum='$mypassword'";

 

thats no good. if your worried about the whitespaces use the trim() function

also use single quote to enclose the field name when your using the UPPER function

like so


$myusername = trim($myusername);
$sql="SELECT * FROM $tbl_name WHERE UPPER('lastname')='$myusername' and membernum='$mypassword'";

Link to comment
Share on other sites
willc Newbie

willc

Posted
  • Author
Posted

Hi,

First, thanks for your help.  I really do appreciate it.

 

Second, please laugh at me loudly.  Seriously.  It's comical that I'm even trying to tackle this stuff.  My brain cannot handle this code.  I really don't know how you guys do it. 

 

In any case, to answer your question:

$sql="SELECT * FROM $tbl_name WHERE UPPER(lastname) LIKE '%$myusername%' and membernum='$mypassword'";

 

I was just trying to choose the username from the table regardless of whether they entered a lower case last name or an uppercase one.  I didn't want there to be any difference between "Jones" and "jones."  I thought that's how it was done.  But I will implement your solution.

 

All of your help on the log-in seems to be working (thank you) but I'm not quite there yet.  I get this error now:

Warning: include(http://www.mydomain.org/forum/) [function.include]: failed to open stream: Redirection limit reached, aborting in /forum.php on line 397

 

Warning: include() [function.include]: Failed opening 'http://www.mydomain.org/forum/' for inclusion forum.php on line 397

 

Those errors occur on the forum.php page so it seems that once that is fixed, we will be in business!

Link to comment
Share on other sites
l0ve2hat3 Member

l0ve2hat3

Posted
Posted

why are you using this?  you dont want it to redirect there?

 

<?php
session_start();
$_SESSION['access'] = true;
include("http://www.mydomain.com/forum/");
?>

 

like this

 

<?php
session_start();
$_SESSION['access'] = true;
header("location: http://www.mydomain.com/forum/");
?>

 

oh and btw i wasent laughing out loud at you.

I was laughing becuase I posted so many times instead of just one time

Link to comment
Share on other sites
l0ve2hat3 Member

l0ve2hat3

Posted
Posted
In any case, to answer your question:

$sql="SELECT * FROM $tbl_name WHERE UPPER(lastname) LIKE '%$myusername%' and membernum='$mypassword'";

 

I was just trying to choose the username from the table regardless of whether they entered a lower case last name or an uppercase one.  I didn't want there to be any difference between "Jones" and "jones."  I thought that's how it was done.  But I will implement your solution.

 

ok so so do it the way i posted

$myusername=strtoupper($_POST['myusername']);
$myusername = trim($myusername);
$mypassword=$_POST['mypassword'];

$sql="SELECT * FROM $tbl_name WHERE UPPER('lastname')='$myusername' and membernum='$mypassword'";
$result=mysql_query($sql);

 

Link to comment
Share on other sites
willc Newbie

willc

Posted
  • Author
Posted

thanks for the username stuff, i will implement that.

 

on the php include, i just thought that's how it was done if i wanted to "embed" the /forum/index.php page into the members/forum.php page.  But you are suggesting that I put the header redirect in instead?  The php include is now in the middle of the page, in some html code.  When I implement your suggestion, I get this error:

 

Warning: Cannot modify header information - headers already sent by (output started at members/forum.php:20) in members/forum.php on line 397. 

 

Line 397 has this on it: ("location: http://www.mydomain.org/forum/");

 

Thanks again for all your help with this.

 

Also, I will look into just using the path with include.

Link to comment
Share on other sites
l0ve2hat3 Member

l0ve2hat3

Posted
Posted
on the php include, i just thought that's how it was done if i wanted to "embed" the /forum/index.php page into the members/forum.php page

 

yes do that! read my last post. you cant use a URL instead use the path like you said

include("/forum/index.php");

Link to comment
Share on other sites
willc Newbie

willc

Posted
  • Author
Posted

Hello,

No matter what I do with the php's include function, I am getting errors on my page.

 

My code in my php page is this: 

include("http://www.mydomain.org/forum/");

 

when I do that, I get these error messages:

Warning: include(http://www.mydomain.org/forum/) [function.include]: failed to open stream: Redirection limit reached, aborting in /home/usr/public_html/members/forum.php on line 397

 

Warning: include() [function.include]: Failed opening 'http://www.mydomain.org/forum/' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/usr/public_html/members/forum.php on line 397

 

I've even checked the php.ini file and it allows urls.

 

Alternatively, when I use the relative path instead like this:

include("/home/usr/public_html/forum/index.php");

 

I get these warning messages:

 

 

Warning: include(./extension.inc) [function.include]: failed to open stream: No such file or directory in /home/usr/public_html/forum/index.php on line 33

 

Warning: include() [function.include]: Failed opening './extension.inc' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/usr/public_html/forum/index.php on line 33

 

Warning: include(./common.) [function.include]: failed to open stream: No such file or directory in /home/usr/public_html/forum/index.php on line 34

 

Warning: include() [function.include]: Failed opening './common.' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/usr/public_html/forum/index.php on line 34

 

Fatal error: Call to undefined function session_pagestart() in /home/usr/public_html/forum/index.php on line 39

 

Anybody know what to do about this?  There must be something simple I'm missing.  Are .php files supposed to go in specific, "pre-designated" directories?

 

Thank you!

Link to comment
Share on other sites
l0ve2hat3 Member

l0ve2hat3

Posted
Posted

wait...

let me see your code for line 33 on index.php

Warning: include() [function.include]: Failed opening './extension.inc' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/usr/public_html/forum/index.php on line 33

Link to comment
Share on other sites
l0ve2hat3 Member

l0ve2hat3

Posted
Posted

wait...

let me see your code for line 33 on index.php

Warning: include() [function.include]: Failed opening './extension.inc' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/usr/public_html/forum/index.php on line 33

Link to comment
Share on other sites
willc Newbie

willc

Posted
  • Author
Posted

here are lines 33-39 on index.php where the problems now seem to be occurring:

 

33 include($phpbb_root_path . 'extension.inc');
34 include($phpbb_root_path . 'common.'.$phpEx);
35
36 //
37 // Start session management
38 //
39 $userdata = session_pagestart($user_ip, PAGE_INDEX);

 

Have the file paths been screwed up?

 

Thank you!

Link to comment
Share on other sites
willc Newbie

willc

Posted
  • Author
Posted

thats wierd... try

 

include($_SERVER['DOCUMENT_ROOT']."/forum/index.php");

 

When I inserted the code above, I got the same error messages as before.... I think the problem is on index.php.  I have included the code in the previous post that is likely causing the problem.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.