Hi php gurus. newbie here needs help.

I m having a problem with my login script. Basically it works 95% of the time, but once and a while it doesn't. The session variable doesn't get set, or remembered, and the next referred page fails on the isset check. I tried a number of things, Please any suggestions would be great. My code is pretty messy...at the moment... but I've been going nuts with this. I recently added the session_regenerate_id and the session_write function to no avail.

snipplet from login.php.

//Start session
session_start();
sql="SELECT login,id FROM tblDealer WHERE login='".$email."' and password='".$password."'"; 
				$r = mysql_query($sql); 
				$row=mysql_fetch_array($r);
				
				if($r) {
					if(mysql_num_rows($r)>0) {
						//Login Successful
						session_regenerate_id();
						//$member=mysql_fetch_assoc($r);
						//$_SESSION['dealer_id']=$member['id'];
						$_SESSION['dealer_id']=$row["id"];
						session_write_close();
						//header("location: client.php");
						$dealer_id = $row["id"];
						print 'success,client.php,dealer='.$dealer_id; // maybe add it to the url ? just for now.
						exit();
					}else {
						//Login failed
						//header("location: login-failed.php");
						print "no such login in the system. please try again."; 
						exit();
					}
				}else  {
					die("Query failed");
				}

Next Page. Client.php
I use this check to confirm the session is there.

session_start();


   if(!isset($_SESSION['dealer_id'])) {
	echo '<p>Security Violation ';
	exit();
 }

Thanks Camilo, I missed that character when pasting into this thread but it is there in my code...

Hi,

What program are you using for debugin your application?. I am using PHP Designer. I think that it would be useful to see what warnings does it give you.

Camilo

nothing really.... I guess I should really start using something.
But like I said it works 95% of the time, I can't reproduce the problem consistently, it seems to happen randomly.....thx

Try eliminating one problem at a time. create a page with just this code in it and refresh it several times, if it resets to zero then you have a problem, if not, I'm pretty sure that it is not a problem with the session.

<?
session_start();
if(!isset($_SESSION['sesstest']) || !is_numeric($_SESSION['sesstest']))
{
	$_SESSION['sesstest'] = 0;
}
else
{
	$_SESSION['sesstest']++;
}
echo $_SESSION['sesstest'];
?>
//Start session
session_start();
$sql="SELECT login,id FROM tblDealer WHERE login='".$email."' and password='".$password."'"; 
				
if($result = mysql_query($sql)) {
	
   if(mysql_num_rows($result)>0) {
	
		list($login,$id) = mysql_fetch_array($result);
      
      $_SESSION['dealer_id']= $id;
		
		print 'success,client.php,dealer='.$id; // maybe add it to the url ? just for now.
		exit();
		
	}else {
		
		print "no such login in the system. please try again."; 
		exit();
	}//else
	
} else{

	die("Query failed");
}
This article has been dead for over six months. Start a new discussion instead.