i'm a newbie in php and maybe my question is so silly.

i tried to create a session in a file named login.php

<?php
include "koneksi.inc.php";
$name=$_POST['name'];
$password=$_POST['password'];

$hasil=mysql_query("SELECT * FROM TabelPegawai WHERE nama='$name' AND password='$password'");
$row=mysql_fetch_array($hasil);

if ($row[nama]==$name AND $row[password]==$password)
{
        session_start();
        $_SESSION['namauser']=$row[nama];
        $_SESSION['passuser']=$row[password];
        $_SESSION['level']=$row[jabatan];

	if($_SESSION['level']=="Manager")
		{header("location: manager.php");}
	else if($_SESSION['level']=="Kasir")
		{header("location:kasir.php");}
	else if($_SESSION['level']=="Gudang")
		{header("location:gudang.php");}
	else
		{header("location:http://www.google.com");}
}
else
       {header("location:http://www.yahoo.com");}
?>

but, $_SESSION is not recognized in other files like manager.php, gudang.php, and kasir.php

is there something wrong with my code?
thanks for your helps.

Did you start the session on all the pages where you need to access your session variables?

Dave

Did you start the session on all the pages where you need to access your session variables?

Dave

no, i only start the session in login.php
do i need to start the session in every page?

oh, it works if i start the session in every page that needs session variables. i also must start the session in a php file that destroy the session right? like this :

<?php
session_start();
session_destroy();
?>

am i right?

oh, it works if i start the session in every page that needs session variables. i also must start the session in a php file that destroy the session right? like this :

<?php
session_start();
session_destroy();
?>

am i right?

Yes but obviously, not until you are finished with it. You should also test whether a session has already been started or not before you try and start another one i.e.

if (!isset($_SESSION)) {
  session_start();
}

Dave

Member Avatar

You don't need to check. session_start() will not start a new session overwriting the old one. It just propagates.
session_destroy wouldn't be used very often, unless in a logout page or similar. You wouldn't have a session_start in this file as well (I don't think).

You don't need to check. session_start() will not start a new session overwriting the old one. It just propagates.
session_destroy wouldn't be used very often, unless in a logout page or similar. You wouldn't have a session_start in this file as well (I don't think).

OK .. that's your choice. It is simply good practice.

D

thanks guys. i think i still need to insert session_start() in logout php, i have tried it.
@Dave : thanks so much for the solution
@Ardav : thanks (again) :)