I'm trying to use a Single Sign-on function for a specific script but it's not working. I think the problem is when I try to change between the 2 sessions.
I know about session_start(); should be on the first line but I don't know how to do that in a function called.
Here the function code :
function singleSignOn(){
session_name('Main');
session_start();
$username = $_SESSION['id'];
session_id('Specific');
session_start();
return $username;
}
Related
so here I have a page that holds all the functions.
I give name "init-admin" and I call all these functions on all admin pages
this is the content of init-admin.php
<?php
session_start();
require_once "admin-functions/db.php";
require_once "admin-functions/admin.php";
require_once "admin-functions/navigation1-content.php";
require_once "admin-functions/navigation1-press.php";
require_once "admin-functions/navigation1-restrospective.php";
require_once "admin-functions/navigation1-inquiries.php";
require_once "admin-functions/navigation2-earrings.php";
require_once "admin-functions/navigation2-necklaces.php";
require_once "admin-functions/navigation2-bracelets.php";
require_once "admin-functions/navigation2-sets.php";
require_once "admin-functions/navigation2-men-jewelrys.php";
require_once "admin-functions/navigation2-object_arts.php";
require_once "admin-functions/navigation2-rings.php";
require_once "admin-functions/navigation2-pin_pendant.php";
?>
and this is one of the functions I call as an example. Its function name is "admin.php" this is his content
//1. REGISTER
function Register($username, $email, $password){
global $connect;
$username = mysqli_real_escape_string($connect, $username);
$email = mysqli_real_escape_string($connect, $email);
$password = mysqli_real_escape_string($connect, $password);
$password = password_hash($password, PASSWORD_DEFAULT);
$query = "INSERT INTO admin (admin_username, email, password, actor) VALUES ('$username', '$email', '$password', '1')";
if( mysqli_query($connect, $query) ){
return true;
}else{
return false;
}
}
function prevent_twin_names($username){
global $connect;
$username = mysqli_real_escape_string($connect, $username);
$query = "SELECT * FROM admin WHERE admin_username ='$username'";
if( $result = mysqli_query($connect, $query) ){
if(mysqli_num_rows($result) == 0) return true;
else return false;
}
}
my problem here if i give session like
require_once "core-admin/init-admin.php";
if( !isset($_SESSION['admin_username']) ){
$_SESSION['msg'] = 'page can not open';
header('Location:admin_login.php'); exit();
}
on the function page I get an error "to many redirect".
so I want to ask here if the function page if not given session will be dangerous?
but if I try to call the page function in the browser page that appears only blank pages.
can anyone explain? ty
Okay, so you seem to have various problems here, I will try to answer one question at a time.
header()
With PHP we have the header function; we can use for various purposes, to change the location of the page:
header('Location: index.php');
Or to set the type of content your page is displaying:
header('Content-Type: text/plain');
This is useful when dealing with certain parts of your code. header location is probably the most used function, but you have to be careful when using it. It's usually bound to run you into problems.
The error you are getting comes from redirecting the user too many times with one attempt. That, I believe, is different for each browser.
To fix that error you have to look for where else you set a header, and make sure you only set one header per page. Also note:
Remember that header() must be called before any actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP. It is a very common error to read code with include, or require, functions, or another file access function, and have spaces or empty lines that are output before header() is called. The same problem exists when using a single PHP/HTML file.
Functions
So first let's deal with your function questions. The reason your function page is blank when you load it in your browser it's because it's inside of a function. That means that the block of code before your eyes will only run when initiated. Thus, a blank page.
In practice this would look like:
function foo()
{
return 'Hello Foo!';
}
To get the output out of that function I have to initiate it in my code somewhere, either in it's own file (not a good practice) or where in the code I need it. You can initiate it by
echo foo();
or assign it to a variable:
$foo = foo();
The purposes of functions is so that you do not have to write the same code over and over again. You write one block of code with general guidelines and each time you need the code to be executed, you then call the function.
Sessions
Now that we have discussed functions, please do not add a session to your function. You want functions to be as reusable as possible, add a session at the top of your page.
<?php
session_start();
// some code ...
if(isset($_POST['submit'])
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
if( Register($username, $email, $password) === true )
{
echo 'Registration Complete';
}
else
{
echo 'Registration failed';
}
}
?>
<html>
<head>
</head>
<body>
<form id="registration">
</form>
</body>
</html>
Now when the register, you can call the function. That would be better practice than to start you session with your function.
Here's why, your registration function will come after some code has already been written; a session has to start at the top. Or else it would not run properly. To fix that you can create a function which create a session for you:
function start_my_session()
{
session_start();
}
This one is very simple, but you can buff up your security with different session function. For more information on session security look at PHP's Manual.
I am trying to get a function to output on a page on my site.
All my functions are in functions.php, which I include in the head on all pages.
Here is an example function:
function get_username(){
$userID = $_SESSION['user'];
if($userID){
$username = mysqli_query($dbconfig,"SELECT * FROM users WHERE userId='$userID'");
while($row = mysqli_fetch_assoc($username)) {
return $row['userName'];
}
}
}
When calling the function get_username nothing is returned. To verify, I print the session to check the data exists, which it does.
I have also tried just echoing a simple word in the function like this:
function get_username(){
echo 'test';
}
Again nothing is outputted. As mentioned above the functions.php is included in the head of the page.
Any ideas?
i have a problem calling a session variable from another script. can anybody help me on this matter.
Below is the script that i create the session and store the time in a session variable.
<?php
session_start();
$orgtimestamp = date("Y-m-d h:i:sa");
$_SESSION['orgtimestamp'] = $orgtimestamp;
?>
Here is the script that i try to access this session variable from a function of it. till now nothing worked
<?php
include '../../mydomain/myscript.php';
class survey_Tracksciprt
{
public static function timeofclick(){
session_start();
$time_org = $_SESSION['orgtimestamp'];
echo $time_org;
}
}
this hasnt worked upto now, nothing prints...can anybody give tips to sought this out and its compulsory to have this function timeofclick
You're not creating your class on your second file add:
//I don't know what this does but if it already starts a session remove the session start inside the class.
include '../../mydomain/myscript.php';
$survey = new survey_Tracksciprt();
$survey::timeofclick();
class survey_Tracksciprt
{
public static function timeofclick(){
session_start();
$time_org = $_SESSION['orgtimestamp'];
echo $time_org;
}
}
I also advice putting session_start at the top of your file.
<?php
session_start();
include '../../mydomain/myscript.php';
class survey_Tracksciprt
{
public static function timeofclick(){
$time_org = $_SESSION['orgtimestamp'];
echo $time_org;
}
}
Always use the session_start(); at the top line of the page.
First, you need an init-session.php file, containing:
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
Second, you need to include this file at the start of your loader/layout (whatever you have there), so no operation will be executed before you initialize your session.
Third, you should initialize $orgtimestamp like this:
<?php
$orgtimestamp = date("Y-m-d h:i:sa");
$_SESSION['orgtimestamp'] = $orgtimestamp;
?>
Fourth, you need to call survey_Tracksciprt::timeofclick().
i have this code in my index.php #line 3
if(check_login()==true){
header('location: chat/chat.php');
and this one in my init.php
<?php
session_start();
require('const.php');
require($db_file);
function check_login($username,$enroll) {
if(isset($_SESSION['username']) && isset($_SESSION['enroll'])) {
return true;
}
else
return false;
}
function get_username() {
return $_SESSION['username'];
}
function get_enroll() {
return $_SESSION['enroll'];
}
?>
it always says this line in my page and cant proceed to log in
Warning: Missing argument 1 for check_login(), called in /home/a2502890/public_html/index.php on line 3 and defined in /home/a2502890/public_html/includes/init.php on line 5
im trying to create a simple chat site for my school project
You've defined a function called check_login with two required parameters. $username and $enroll.
Yet on line 3, the code at the top, you're using check_login() without passing in those parameters hence the issue.
Based on what I can see here it looks like you need to remove $username and $enroll from check_login. E.g:
function check_login() {
...
change this
function check_login($username,$enroll)
to
function check_login()
i dont know why you have those parameters when you are not using them.
does session_start() have to be called within every function of a class? like:
class User {
var $username;
function set_session_username($username) {
session_start(); # do I really need to call this again?
$_SESSION['username'] = $username;
}
function retrieve_session_username() {
session_start(); # do I really need to call this again?
$this -> username = $_SESSION['username'];
}
}
session_start();
$user = new User();
$user -> set_session_username('savagewood');
$user -> retrieve_session_username();
echo $user -> username;
No, it only needs to be called once per request. So the first script the runs post it at top of that file
No , you need to start the session only once in the page which is loaded. Not in any class or functions.
No, session_start() should be called once in your app entry point, before your app sends any output.
You could check if session is started:
if (!session_id())
session_start();