I have been using $_SESSION forever and never had an issue. Tonight things are not working when I'm trying to build a new app using the same session logic. I've been trying to debug this for hours looking online to no avail. The session.php keeps redirecting me to the login page. I feel stupid.
login.php
session_start();
$_SESSION['user_id'] = 'superUser';
header("Location: dashboard.php");
exit();
session.php
<?php
session_start();
if ( isset( $_SESSION['user_id'] ) ) {
// do something here
} else {
// Redirect them to the login page
header("Location: login.php");
exit();
}
?>
dahsboard.php
<?php
include_once 'session.php';
echo 'dashboard';
Related
I am having an issue with the follow code. It can echo the variables before it redirects, no problem. But after it redirects, it cannot. It seems to be losing the session variables in the redirect process. Any thoughts?
Original Page:
if (password_verify($rawpassword,$row["passwordHash"])) {
session_start();
$_SESSION["email"] = $email;
$_SESSION["fname"] = $row["firstName"];
echo $_SESSION["email"];
echo $_SESSION["fname"];
header("Location: https://www.mywebsite.com/home.php");
} else {
header("Location: https://www.mywebsite.com/signin.php?addlComment=3True");
die();
}
The Following Page:
<?php
echo $_SESSION["email"];
echo $_SESSION["fname"];
?>
You should learn more about sessions to avoid making mistakes and not leaving your codes vulnerable!
Know that to work with sessions, you must start them right at the beginning of each script
Also, after you create your session, you don't need to use the 'echo' command and right after redirecting to the success page, in fact, it is on the success page that you should work with the 'echo' command, and create some variables to store the value of those sessions, to make it easier to work with, and to make the code cleaner!
Please try it:
Signin
<?php
session_start();
//Start the session in the top of the script
if (password_verify($rawpassword, $row["passwordHash"])) {
$_SESSION["email"] = $email;
$_SESSION["fname"] = $row["firstName"];
header("Location: home.php");
exit();
} else {
header("Location: signin.php?addlComment=3True");
exit();
}
Home
<?php
session_start();
session_regenerate_id(true); //It can help you to protect against attacks, try to learn it!
$email = $_SESSION['email'];
$first_name = $_SESSION['fname'];
//If the user try to access the page without make login, then redirect to the signin page
if(!email || !first_name)
{
header("Location: signin.php");
exit();
}
//Test the sessions variables
echo "Welcome, you're logged in! I know your first name is: {$first_name}";
hi guys im trying with this code to enforce redirection to login form if session is not started, localy it works, but in online server it doesnt, what am i supposed to do please help, here is the code :
<?php
session_start();
if ($_SESSION['loggedIn'] != "true") {
header("Location: login.php");
}
?>
Try this instead :
<?php
session_start();
if (!isset($_SESSION['loggedIn'])) {
header("Location: login.php");
}
?>
Also check what is the value of $_SESSION['loggedIn'] by echoing. Also enable error_reporting if it still not working
Try a else condition also, so that you can know the where the condition gone.
Also don't make new line space before session start function and before session start function write ob_start(); also
try this
<?php
session_start();
if (!isset($_SESSION['loggedIn'])) {
header("Location: login.php");
exit;
}
?>
I've got a login script that puts user details into session variables. Today I moved the website to a new host, and now my coding doesn't work. This is the best I can do, and it still doesn't work
main_login.php:
(script above here gets all the $info from the database. So far it is working)
if($count==1){
session_start();
$_SESSION['username'] = $info['username'];
$_SESSION['given'] = $info['given_name'];
$_SESSION['family'] = $info['family_name'];
$_SESSION['profile'] = $info['profile'];
$_SESSION['adultchild'] = $info['adultchild'];
$_SESSION['id'] = $info['id'];
header("location:welcome.php");
}
welcome.php:
// Check if session is not registered , redirect back to main page.
// Put this code in first line of web page.
session_start();
if(!isset($_SESSION['username'])){
header("location:main_login.php");
}
The trouble is when I print any of the session variables nothing happens. I've even tried doing a var_dump($_SESSION) but it comes up as an empty array. Frankly I've spent all day on this and am stuck.
session_start();
if(!isset($_SESSION['username']));
header("location:main_login.php");
}
change to:
session_start();
if(!isset($_SESSION['username'])){
// ^ typing mistake
header("location:main_login.php");
}
I'm using the following code. Session is working on the same page; on the next page it is not showing the session variable value. Please let me know what I'm doing wrong?
<?php
session_start();
$_SESSION['emailaddress']=$emailAddress;
header("Location: $success "); /* Redirect browser */
exit;
?>
use session_start() in the page that you are redirecting to, as well ($success), before accessing the session values there
So that the "success.php" page looks something like:
<?
session_start();
print_r($_SESSION);
?>
<?php
if(some_condition is true)
{
session_regenerate_id();
session_start();
$_SESSION['emailaddress']=$emailAddress;
header("location: member-index.php");
exit();
}
on secure page:
<?php
//Start session
session_start();
//Check whether the session variable is present or not
if(!$_SESSION['emailAddress'])
{
header("location: access-denied.php");
exit();
}
?>
<p>This is secured page with session: <b><?php echo $_SESSION['emailAddress']; ?></b>
I like to know how to use a condition on php sessions
in this code if the user is not loged in page will redirect to login.php.
<?
session_start();
if(!session_is_registered(username)){
header("location: login.php");
}
?>
what i want is to redirect user to another php if the user is loged in. if not stay on the same page. like if user is not loged in keep the user in index page and if user is loged in redirect the user to user.php
for the login script im using a code fount in this site :http://www.phpeasystep.com/phptu/6.html
thanks in advance.
Set a variable in $_SESSION when you have logged in.
i.e. in login.php:
if ( $passWordCorrect ) {
session_start();
$_SESSION['loggedIn'] = true;
}
in index.php:
session_start();
if ( !empty( $_SESSION['loggedIn'] ) ) {
// User logged in; do magic.
} else {
header('Location: user.php');
}
<?
session_start();
if(!$_SESSION['username]){
header("location: login.php");
}
?>
And in login page you asign the variable like this:
<?php
session_start();
$_SESSION['username']='JohnDoe';
?>
The code is on the same page as the tutorial you linked to:
<?php
session_start();
if(!session_is_registered(myusername)){
header("location:main_login.php");
}
?>
But really you should be using the $_SESSION variable. On the login page:
<?php
session_start()
$_SESSION['username'] = $username;
?>
And then on the other pages:
<?php
session_start()
if (!isset($_SESSION['username'])) {
header('location: login.php')
}
?>
UPDATE
It is better to not use short tags (i.e. <?php instead of ?>)