0

By default the page after login.php is authorize.php which just checks the information then sends it off to index.php. From index.php I cannot get to my page 'volunForm.php', it just redirects me back to the login page. This is my first ever login system and my first time using sessions. Am I doing it all wrong? Is there a way I can make my sessions expire after certain time automatically and more importantly getting them to work across pages.

index: http://pastebin.com/Rc5zUJMA
volunForm: http://pastebin.com/Z65L7dZu
authorize: http://pastebin.com/aHfdYwLM

3
Contributors
5
Replies
47
Views
3 Years
Discussion Span
Last Post by toxicandy
0

You have the following if statment in your volunForm.php page:

if(!isset($_SESSION['sess_user_id']) || (trim($_SESSION['sess_user_id']) == '')) {
        header("location: login.php");
        exit();
}

This is redirecting anyone who doesn't have the session cookie sess_user_id set. Make sure this is being set when the user logs in.

0

Don't I have it being set correctly in the authorize.php page?

if ($bcrypt->verify($_POST['password'], $row['password'])){
        session_regenerate_id();
    $_SESSION['sess_user_id'] = $row['uid'];
    $_SESSION['sess_email'] = $row['email'];
        $_SESSION['sess_name'] = $row['fname'] . " " . $row['lname'];
    session_write_close();
        header("Location: index.php");
0

EDIT:

I got cookies working but I am unsure if that is a good thing to keep or if I should focus getting sessions to work.

0

You code looks okay, so check that you have session_start();'s on all pages and that $row['uid'] value is actually being set.

Sessions are needed to maintain security, thats for sure.

0

I had session_start(); at the top of all the pages I Was testing with but it still didn't work. After setting the sessions information in the authorize.php page, I call header("Location: index.php"); which works, they have to be logged in to get there, but upon getting there I was unable to use my navagation list to navigate to volunForm.php, it requested I log in.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.