First page
<?php
session_start(); // put ahead all html tags and echo commands and print.
$_SESSION["username"] = 'admin';
echo 'see session';
?>
Second page
<?php
if( $_SESSION["username"] == 'admin' ) {
echo 'Hello '. $_SESSION["username"] . ' You are adminstrator on this page';
} else {
echo 'You can not accesss';
}
?>
Question
When I click on the link session then I get :
Undefined variable: _SESSION
I have no idea why.
Add in your second file at the start session_start();
like that:
<?php
session_start();
if( $_SESSION["username"] == 'admin' )
{
echo 'Hello '. $_SESSION["username"] . ' You are adminstrator on this page';
}
else
{
echo 'You can not accesss';
}
?>
You need to put session_start(); at the begin of the second page.
Related
I am building a login page using php.
I don't know why the session variable does not work.
Here is my login.php
<?php
function loginFail()
{
echo "<script> alert(\"Invalid user name or password\");";
echo "location.href=\"index.php\";";
echo "</script>";
}
if (empty($_POST["loginName"])|| empty($_POST["adminPwd"])) {
loginFail();
} else {
$userName=$_POST["loginName"];
$password=$_POST["adminPwd"];
if (($userName=="user") && ($password=="password")) {
session_start();
$_SESSION["isLogined"]="Ok";
header("location:admin.php");
} else {
loginFail();
}
}
?>
Here is admin.php
<?php
include 'checkSession.php';
?>
This is checkSession.php source code
<?php
function loginFail()
{
echo "<script> alert(\"Session Expired, please login again\");";
echo "location.href=\"index.php\";";
echo "</script>";
}
echo $_SESSION["isLogined"];
?>
The output of checkSession.php is :
Undefined variable: _SESSION
I have tried replace
header("location:admin.php");
with
echo "<script>";
echo "location.href=\"admin.php\";";
echo "</script>";
However, it still does not work.
Furthermore, I have tried replace :
header("location:admin.php");
With
echo $_SESSION["isLogined"];
It can display the word "Ok".
Would you tell me how to fix the problem?
The page is unable to see the login form whose code is written under the isset function statement. I have written the code correctly and have executed it many times , but now the code written inside the isset statement does not works. here is the code:-
<?php
session_start();
echo "<p style=\"font-color: #ff0000;\"> Catogoies </p>";
echo '<link href="var/www/html/sample.css" rel="stylesheet">';
require_once('../html/conn.php');
$query = "select * from catogories";
mysqli_select_db($dbc, 'odit');
$retrieve = mysqli_query($dbc, $query);
if(!$retrieve)
{
die(mysqli_error($query));
}
while($row=mysqli_fetch_array($retrieve, MYSQL_ASSOC)){
echo "<p style=\"font-color: #ff0000;\">".''.$row["Name"].''."</p>";
$_SESSION['cat']=$row["Name"];
}
if(!($_SESSION)) {
session_start();
}if(isset($_SESSION['lgout']))//the variable logout intialization line
{
if($_SESSION['lgout']!=1||$_SESSION['signup']){
echo "Hello : ".''.$_SESSION['unme'].''; echo "<br><br>";
echo '<a href="logout.php">'."Logout";}
else {
include 'lform.php'; echo "<br><br>";
echo '<a href="Sign_up.php">'."Sign up"."<br>";
} }
mysqli_close($dbc);
//include 'lform.php';
?>
<br>
<a href = 'adding_catogory.php'>Create a New Catogory</a><br><br>
<a href = 'Log_in.php'></a>
<?php
$db = #mysqli_connect("localhost", "oddittor", "Odit#123", "odit");
if(isset($_POST['login'])){
$username=mysqli_real_escape_string($db, $_POST['l_id']);
$password=mysqli_real_escape_string($db, $_POST['pswd']);
$sql="SELECT * from users where usrName='$username' and pswrd = '$password'";
$result = mysqli_query($db, $sql) or die(mysqli_error($db));
$count=mysqli_num_rows($result) or die(mysqli_error($db));
if($count>0) {
$_SESSION['unme']=$username; //This is the global session variable...used for storing the variables across the pages.
$_SESSION['lgout']=0;
header('Location : session.php'.$_SESSION['unme']);
header("Location : Homepage.php".$_SESSION['unme'].$_SESSION['lgout']); header( "refresh:0;url=Homepage.php" );
$_SESSION['unme']=$username;
}
else {
$error = "Invalid Details! Please Renter them"; }
}
?>
Here the problem is in the
if(isset($_SESSION['lgout']))
line if, I remove this line i can see the login page form but by doing so, I get the error of undefined variable logout whenever, I open the page for the first time.
here is the logout script
<html>
<?php
session_start();
$_SESSION['lgout']=1;
$_SESSION['signup']=0;
echo ' You have been successfully logged out';
header('Location : Homepage.php'.$_SESSION['lgout']);header( "refresh:0;url=Homepage.php" );
?>
</html>
You need to put your
session_start();
globally on the start of page. As it's not able to get $_SESSION object.
Just remove
session_destroy();
As you can access all $_SESSION values.
Your queries not secured. Use Prepared Statements instead of your all queries.
http://php.net/manual/en/mysqli.quickstart.prepared-statements.php
I have 4 files home.php, log_out.php, blank_one.php, connection.php
and did not include the login.php and index.php since it only reads the
user name and password.
My problem is the session after clicking the log out
then click arrow back
to go blank_one.php directly I get these errors :'(
Notice: Undefined index: CurrentUser
Notice: Undefined index: CurrentUserType
BLANK ONE
========================================================================
and since logout(log_out.php) was clicked the content must be no user found ,EMPTY and back should be disabled.
Is there a way to handle this sessions to remove the errors after destroying it ?
`help please. :'(
blank_one.php
<?php
session_start();
$currUser = $_SESSION["CurrentUser"];
$currUserType = $_SESSION["CurrentUserType"];
echo('BLANK ONE');
?>
home.php
<?php
session_start();
$currUser = $_SESSION["CurrentUser"];
$currUserType = $_SESSION["CurrentUserType"];
if($currUserType == '1' or $currUserType == '2')
{
echo '
<html>
<body>
blank
logout
</body>
</html>
';
}
else if($currUserType == '2'){
}
else if($currUserType == '3'){
echo '
';
}else{
echo '<div> no user found </div>';
}
?>
connection.php
<?php
$conn = mysql_connect('localhost', 'root', '', 'life');
if (!$conn)
{
die('Connect Error: ' . mysql_errno());
session_destroy();
session_start();
}
else
{
//echo ("connected from connection.php");
session_start();
echo ("");
}
?>
log_out.php
<?php
session_start();
include('connection.php');
$conn = mysql_connect('localhost', 'root', '', 'wildlife');
if ($conn)
{
$update=mysql_query("INSERT INTO wrd_user(emp_log_out) VALUES (now())");
session_destroy();
mysql_close();
header('Location:index.php');
}
else
{
echo ("");
}
?>
Wrap your variable setting code in blank_one.php will solve the problem:
<?php
session_start();
if (isset($_SESSION["CurrentUser"])) {
$currUser = $_SESSION["CurrentUser"];
}
if (isset($_SESSION["CurrentUserType"])) {
$currUserType = $_SESSION["CurrentUserType"];
}
echo('BLANK ONE');
?>
You need the same in home.php too.
You should test if the session variables (created with the login page) are set to verify that the user is logged in or not.
blank_one.php
<?php
session_start();
if( (isset($_SESSION['CurrentUser']) &&(isset($_SESSION['CurrentUserType'])) {
$currUser = $_SESSION["CurrentUser"];
$currUserType = $_SESSION["CurrentUserType"];
}
else {
echo('BLANK ONE');
}
?>
This should be done also in the protected pages so as to avoid errors and security problems with direct URL access when the user is not logged in. And the user should be redirected in that case.
home.php
<?php
session_start();
if( (isset($_SESSION['CurrentUser']) &&(isset($_SESSION['CurrentUserType'])) {
$currUser = $_SESSION["CurrentUser"];
$currUserType = $_SESSION["CurrentUserType"];
}
else
{
header('Location:index.php');
die();
}
if($currUserType == '1' or $currUserType == '2')
{
echo '
<html>
<body>
blank
logout
</body>
</html>
';
}
else if($currUserType == '2'){
}
else if($currUserType == '3'){
echo '
';
}else{
echo '<div> no user found </div>';
}
?>
i'm using raw php and using $_SESSION but in every request the $_SESSION is reinstating and all the $_SESSION variables are emptied i used http://127.0.0.1/ insted of http://localhost/ and the $_SESSION work fine but now i update my code to server and the $_SESSION is break again so please any help on and many thnks in advance.
my code
functions.php
function login_user($UserName, $user_role)
{
$_SESSION["UserID"] = get_user_id($UserName, $user_role);
$_SESSION["UserName"] = $UserName;
$_SESSION["UserRole"] = $user_role;
$_SESSION["UserLogged"] = 1;
if($user_role == "s") {
$url = get_home_url() . '/student/student-profile.php';
header("Location: $url");
} else if ($user_role == "i") {
$url = get_home_url() . '/instructor/instructor-profile.php';
header("Location: $url");
} else if ($user_role == "a") {
$url = get_home_url() . '/admin/admin-profile.php';
header("Location: $url");
}
}
login.php
<?php
include ('../autoload.php');
if(!empty($_POST))
{
if(!empty($_POST['username']) &&
!empty($_POST['login_password']) &&
!empty($_POST['user_type']))
{
if(get_user_password($_POST['username'], $_POST['user_type']) == $_POST['login_password'])
{
login_user($_POST['username'], $_POST['user_type']);
} else {
echo 'Password incorrect please try again...';
}
} else {
echo 'Please fill all fields and try again...';
}
} else {
echo 'Some thing went wrong please try again...';
}
student.php
<?php
include ('../autoload.php');
//check if user logged in or not redirect to home page
if(!array_key_exists('UserLogged', $_SESSION)){
$url = get_home_url() . '/home.php';
header("Location: $url");
}
get_header();
echo '<wml>';
echo '<card id="student-profile" title="Student Profile">';
echo '<br/>';
echo '<h2 align="center">Welcome:</h2>';
echo '<h4 align="center">'.$_SESSION['UserName'].'</h4>';
echo '<br/>';
echo '<p align="center">';
echo 'INFO<br/><br/>';
echo '</p>';
echo '</card>';
echo '</wml>';
autoload.php
<?php
include 'helpers/session.php';
include 'helpers/db_functions.php';
include 'helpers/functions.php';
session.php
<?php
SESSION_START();
First page
<?php
session_start(); // put ahead all html tags and echo commands and print.
$_SESSION["username"] = 'admin';
echo 'see session';
?>
Second page
<?php
if( $_SESSION["username"] == 'admin' ) {
echo 'Hello '. $_SESSION["username"] . ' You are adminstrator on this page';
} else {
echo 'You can not accesss';
}
?>
Question
When I click on the link session then I get :
Undefined variable: _SESSION
I have no idea why.
Add in your second file at the start session_start();
like that:
<?php
session_start();
if( $_SESSION["username"] == 'admin' )
{
echo 'Hello '. $_SESSION["username"] . ' You are adminstrator on this page';
}
else
{
echo 'You can not accesss';
}
?>
You need to put session_start(); at the begin of the second page.