title says it all, basically what i cant figure out how to do, is to check if a certain session value is equal to nothing. ISSET does not work for the context in this situation. Please help, i know its basic i just cant grapple it. I have searched high and low on google for what i want, but i just cant find it.
This is for security on a site that uses a session to check if the user is logged in or not. If the session does not contain a "." or value is NULL then it will re-direct to a "Please Login page".

Many thanks,

jakx12

if($_SESSION==""){
header("location: pleaselogin.php");
}else{
//is session is equal to something
}

Edited 3 Years Ago by happygeek: fixed formatting

i tried that but it just re-directs me back to the pleaselogin.php even if the session is set and has a value

Did you start a session session_start() or did you just assign a session variable $_SESSION['someitem'] = 'somevalue'; ?

Try this to assign the session value:

<?php
// Start/register the session
session_start();

// Assign the variable
$_SESSION['logged_in'] = 'logged.in';
?>

And this to check the session:

<?php
// Check if the session exists and if it has a . in the value
if(isset($_SESSION['logged_in']) {
  // Check to see if the session value contains a period(.)
  if(preg_match('/([^]*?)\.([^]*?)/', $_SESSION['logged_in']) {
    // Redirect to logged in page
    header("location: pleaselogin.php");
  } else {
    // Do something else here
  }
}
?>

Code not tested, I think the syntax in the preg_match is correct, but check it first.

no i have done SESSION_start() and i still get the same problem

Then post your code as there is obviously something wrong, if you are using isset, it will return true or false, no reason it will fail.

We can't help much without a base to start from ;)

the header file is included in basically every page. Thats why im putting the session security in it. The site is a social site, here is the header.php code:

<?php
SESSION_start();
if($_SESSION['username']==""){
header("location: pleaselogin.php");
}

?>
<div class=linkstop>
<div class=textstyle>
<h2><a href="your_acc.php"><FONT COLOR="#666666">Your Account</FONT></a> | <a href="inbox.php"><FONT COLOR="#666666">Inbox</FONT></a> | <a href="bloghome.php"><FONT COLOR="#666666">Your Blog</FONT></a> | <a href="yourwall.php"><FONT COLOR="#666666">Your Wall</FONT></a> | <a href="galleryhome.php"><FONT COLOR="#666666">Your Gallery</FONT></a> | <a href="your_settings.php"><FONT COLOR="#666666">Your Settings</FONT></a></h2>
</div>
<div class=profilechooseform>
<?php
session_start();
$name1 = $_SESSION['1stname'];
$name2 = $_SESSION['2ndname'];
echo "Welcome, ";  
echo $name1 ." " .$name2;
echo "<br>";
?>
<a href="logout.php"><FONT COLOR="#666666">Log Out</FONT></a>
<br> 
Search for someone's profile:
 <form action="searchresult.php" method="GET" name="view_profile">
 <input name="result" type=text />
 <input name="Go" type="submit" value="Search" />
 </form>
</div>
<br>
</div>

Apart from the fact that your HTML could do with a lot of work, you do not need 2 session_start's, this should only in the file once.

Where is the value for $_SESSION set?

yeah you should only have session_start() in the file once and it needs to be at the *very top, right after the opening php tag.

also i suggest learning CSS. instead of using HTML styling

it will clean up your code immensely.

also i suggest learning CSS. instead of using HTML styling

it will clean up your code immensely.

That and FONT tags were deprecated in HTML 4, so other than the fact that CSS is cleaner and reusable, to 'future-proof' applications, look into XHTML1/2 rather than HTML4

To help, I have removed the second session tag and fixed the problem of detecting if a session is empty:

<?php
session_start();
if(empty($_SESSION['username'])){
header("location: pleaselogin.php");
}

?>
<div class=linkstop>
<div class=textstyle>
<h2><a href="your_acc.php"><FONT COLOR="#666666">Your Account</FONT></a> | <a href="inbox.php"><FONT COLOR="#666666">Inbox</FONT></a> | <a href="bloghome.php"><FONT COLOR="#666666">Your Blog</FONT></a> | <a href="yourwall.php"><FONT COLOR="#666666">Your Wall</FONT></a> | <a href="galleryhome.php"><FONT COLOR="#666666">Your Gallery</FONT></a> | <a href="your_settings.php"><FONT COLOR="#666666">Your Settings</FONT></a></h2>
</div>
<div class=profilechooseform>
<?php
$name1 = $_SESSION['1stname'];
$name2 = $_SESSION['2ndname'];
echo "Welcome, ";  
echo $name1 ." " .$name2;
echo "<br>";
?>
<a href="logout.php"><FONT COLOR="#666666">Log Out</FONT></a>
<br> 
Search for someone's profile:
 <form action="searchresult.php" method="GET" name="view_profile">
 <input name="result" type=text />
 <input name="Go" type="submit" value="Search" />
 </form>
</div>
<br>
</div>

And as for the font tags, I believe that browsers will support them for some time because why would a software developer remove features from their own software. Won't happen for as long as it doesn't cause a problem and as far as I am aware font tags don't cause a problem.

its not that HTML styling causes problems, its just that it is shunned apon in the web development wold. im with you where it doesnt cause problems. however using css is much better. it can be changed quicly.

Sorry to dig up a dead thread, however what this guy is doing strikes a nerve with me. No offense. I feel that others could benefit from this message I have.

You say your still using the FONT tag because it still works and doesn't cause problems. You are missing the ENTIRE point to why things get deprecated and why people extensively point this out all across the internet.

You should NOT be using it because it WILL be removed and dead in the future. They deprecate something, or strongly recommend not to use it, then years later officially remove all support for it, on purpose! They are giving developers, coders, and websites years of time (too long imo) to stop using these deprecated functions or code. If you stop using it the time that it BECOMES deprecated (or the time you become aware it is lol) and follow the guidelines, this will SAVE YOU TONS OF TIME in the future! You do not want to be running deprecated code on tons of websites (yours and client sites) at the time the all support for that code is officially killed! You will immediately have tons of sites down, broken, and requiring your immediate attention!

There is no law or real set of rules in the programming community. However, following guidelines set by those in complete influence of this community, will help everyone (including yourself) in due time. This is why you should adhear to the changes when places like PHP.net and W3 make them. Follow suit immediately, so you are already re-programmed by the time it really matters, and so you don't have 100s of sites down and clients yelling at you!

You may not program for others and may just be doing this to tinker around. That is how everyone starts, but once your pretty good at it you will probably do it for money or other people, or spread out to more sites of your own. However, it is extremely advisable by myself and many many (every established programmer I know) to follow these guidelines promptly. Not because they are your boss, but because it has been proven that it's in your best interest in the long run. Ask any programmer who has had to fix PHP (or any langauge) sites they worked on a year or more ago, because 1 tiny little function they used then, is no longer supported. Yes, it requires in this case, for PHP to be updated on the server, but a lot of sites are on cPanel running stock settings, meaning they will be updated at the time it is set to "stable release". Those not on cpanel probably have another form of auto-updating as well.

It isn't about just what you have in your face right now. When you program on a larger scale, you also have to think about future headaches! Again, this isn't a law. The guideslines set by places like PHP or W3 are not official rules, however you SHOULD treat them as such!

Good luck,

Wade Shuler
Income Pitbull, LLC

Edited 2 Years Ago by wadeshuler

This article has been dead for over six months. Start a new discussion instead.