0

hi there,
i have started session in my first page(login page). on fulfilling the validations the user is taken to the next page. in the second page, first i check whether session is set or not, and if it is not set the flash an error message to the user that he/she shlould login first. while validating in my login page if all the validations are successful i set a session variable and this variable i check in the next page. now my problem is that even after succesful login my next page is showing that session is not set. please help me fast.thanks in advance

4
Contributors
19
Replies
20
Views
9 Years
Discussion Span
Last Post by carobee
Featured Replies
0

Are you starting the session in page2 ? If your answer is yes, then you need to show us your code. If your answer is no, then start the session ! :)

0

are you putting session_start() at the top of all the pages that require the session?

You beat me by few seconds :P

0

login1.php

<?php
session_start();
ob_start();
?>
<?php
mysql_connect("IP addr","username","password") or die(mysql_error());



mysql_select_db("login") or die(mysql_error());

//if login form is submitted

if(isset($_POST['submit'])) { //if form is submitted

//check whether all the fields are filled or not

if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill all the fields.');
}

//verifies against database
$_POST['username']=md5($_POST['username']);
if(!get_magic_quotes_gpc()) {
$_POST['username']=addslashes($_POST['username']);
}



$check=mysql_query("SELECT * FROM users WHERE username='".$_POST['username']."'") or die(mysql_error());
//gives error if user doesnot exist
//{

$check2=mysql_num_rows($check);

if($check2==0) {
die('User does not exist');
}
while($info=mysql_fetch_array($check))
{


$_POST['pass']=stripslashes($_POST['pass']);


$info['password']=stripslashes($info['password']);
$_POST['pass']=md5($_POST['pass']);


//gives error if password is wrong

if($_POST['pass'] !=$info['password']) {
die('incorrect password,please try again.');
}
else
//if login is ok then direct them to options page
{
$_SESSION['views'] = 1;	
header("Location:option1.php");	
ob_flush();

?>
<!META HTTP-EQUIV="Refresh" CONTENT="0; URL=option1.php">
<?php
}
}
}
else
{
//if they are not logged in

?>

<form action="<?PHP echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="50">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}
?>

option1.php

<?php 
session_start();
ob_start();
if(isset($_SESSION['views']))
$_SESSION['views']=$_SESSION['views']+1;
else
{
//header("Location:message.php"); 
echo "session not set"."</br>";	
print_r($_SESSION);
}
?>

a long code :-)

0

I don't see anything wrong with the code apart from this line. if(!$_POST['username'] | !$_POST['pass']) { It should have been if(!$_POST['username'] || !$_POST['pass']) { . Thats just a syntax error. The code isn't long ! lol.. it has just 80+ lines. Anyway, Check if its entering the else { $_SESSION part. If its entering the else part, remove the meta tag and try again..

Edit: And btw, <!META HTTP-EQUIV="Refresh" CONTENT="0; URL=option1.php"> is wrong. What is "!" doing there ?

Edit 2: And, you are not printing $_SESSION in page 2 :)

0

I don't see anything wrong with the code apart from this line. if(!$_POST['username'] | !$_POST['pass']) { It should have been if(!$_POST['username'] || !$_POST['pass']) { . Thats just a syntax error.

that part is not throwing any error

The code isn't long ! lol.. it has just 80+ lines. Anyway, Check if its entering the else { $_SESSION part. If its entering the else part, remove the meta tag and try again..

Edit: And btw, <!META HTTP-EQUIV="Refresh" CONTENT="0; URL=option1.php"> is wrong. What is "!" doing there ?

since i have used header(), so i have commented that syntax

Edit 2: And, you are not printing $_SESSION in page 2 :)

i had tried doing that but it doesn't print any value.

0

I have modified your code to test it and it works. Here's the code. Modify it again to meet your requirements.

<?php //login1.php
session_start();
ob_start();
?>
<?php
//if login form is submitted

if(1==2) {
die('incorrect password,please try again.');
}
else
//if login is ok then direct them to options page
{
$_SESSION['views'] = 1;	
header("Location:option1.php");	
ob_flush();

?>
<META HTTP-EQUIV="Refresh" CONTENT="0; URL=option1.php">
<?php
}
?>

And here is option1.php

<?php 
session_start();
ob_start();
if(isset($_SESSION['views'])) {
$_SESSION['views']=$_SESSION['views']+1;
echo $_SESSION['views'];
}
else
{
//header("Location:message.php"); 
echo "session not set"."</br>";	
print_r($_SESSION);
}
?>
0

i a sorry but i am not able to see the modifications?btw i am using php-4.4.4 and apache-1.3.37

0

php and apache versions doesn't matter.
Check the loop, I have added if(1==2) which will always fail. Replace it with your validation part.

0

php and apache versions doesn't matter.
Check the loop, I have added if(1==2) which will always fail. Replace it with your validation part.

sorry to bother you agn naveen, but how is that related to session?

0

Replace if(1==2) with

if(!$_POST['username'] || !$_POST['pass']) {
die('You did not fill all the fields.');
}

and leave the else part as it is.

0

i think its not working for me. even tried out with a simple upload script.
upload_index.php

<?php                                                                                                                                        
session_start();                                                                                                                             
$_SESSION['views']=1;                                                                                                                        
?>                                                                                                                                           
<form enctype="multipart/form-data" action="upload.php" method="POST">                                                                       
Please choose a file: <input name="uploaded" type="file"/><br/>                                                                              
<input type="submit" value="Upload"/>                                                                                                        
</form>

upload.php

<?php
session_start();
if(isset($_SESSION['views']))
{
        echo "Session variable".$_SESSION['views']."</br>";
        echo "session is set"."</br>";
}
else
echo "Session is not set"."</br>";
$target_path="/usr/local/apache/htdocs/upload/";
$target_path=$target_path.basename($_FILES['uploaded']['name']);
 
echo "target path ".$target_path."</br>";
 
$ok=1;
 
$uploaded_size=ini_get('upload_max_filesize');
$post_max=ini_get('post_max_size');
echo "maximum upload_size $uploaded_size and post_max_size $post_max "."</br>";
if($ok==0)
{
        echo "Sorry your file was not uploaded";
}
else
{
        if(move_uploaded_file($_FILES['uploaded']['tmp_name'],$target_path))
        {
                echo "The file ".basename($_FILES['uploaded']['name'])." has been uploaded";
        }
        else
        {
                echo "Sorry, there was a problem uploading your file."."</br>";
                echo "the error is ".$_FILES['uploaded']['error']."</br>";
        }
 
}
 
print_r($_FILES);
 
 
?>

still the same problem

0

hmm..Your above script should definitely work.. Check your php.ini file for session.
Check for these lines and if its commented, uncomment it.

session.save_handler = files
session.use_cookies = 1

.
If this doesn't work, then I can't do much about it.

0

hmm..Your above script should definitely work.. Check your php.ini file for session.
Check for these lines and if its commented, uncomment it.

session.save_handler = files
session.use_cookies = 1

.
If this doesn't work, then I can't do much about it.

this lines are not commented. i guess i m having a hard luck with this forum.
can you suggest me of other way so that i can prevent the users from opening the option1.php page without logging.

0

my php.ini says that session.save_path=/var/lib/php/session.
but there was no php dir . so i created a php dir and session dir and gave 0777 permissions to session dir. now everything is ok.
thanks

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.