I have an issue with a WordPress session. I have a file 'test.php' that is used post a variable to a WordPress site. It has the condition: "if the session variable is set then the user can access the whole WordPress site, and if the session variable is not set then user can't access the site".
When I post the variable to the WordPress site using test.php the homepage works fine, but when I access inner pages like 'xyz.com/contact' I get an error Not Access which means that the session variable was cleared on the next page.
Here is the test.php file:
<form action="wordpress-site-link" method="POST">
<input type="submit" name="var" value="go"/>
</form>
In the file themes/theme-name/header.php I wrote this code:
session_start();
if(isset($_SESSION['var'])) {
echo 'Welcome';
} else if(isset($_POST['var'])) {
$_SESSION['var'] = $_POST['var'];
} else {
echo 'No access...';
exit;
}
Just hook a function on "init" in your functions.php like this :
function ur_theme_start_session()
{
if (!session_id())
session_start();
}
add_action("init", "ur_theme_start_session", 1);
Then u can use your session variables.
I hope that help u.
Related
I have 1 SESSION variable that will load when a login form is inserted and it passes the test. But, the variable will only work in one page and when I click on a different page that includes the same file which gives me the SESSION, it doesn't work. It will only work for pages that are linked to the form. I am using the post method. sample.php <- site that is in action="sample.php" therefore its linked.
Beginning code for sample.php
<?php
session_start();
require 'php/login_admin.php';
if (isset($_SESSION['admin']))
echo ' all html code ';
Code for login_admin.php
if ($username == $row['username'] && $password == $row['password'])
{
session_set_cookie_params(3000, "/");
$_SESSION['admin'] = 'open';
} else {
session_close();
echo "Wrong password and username!";
}
NOTE I have this same set up for all pages and I do not know why only the pages linked directly to the form in the action attribute work.
On all your OTHER pages you only need to test for the admin session and if that fails then redirect to the login page... or display it... whatever you decide. But let's assume we go to a dedicated admin login page for fun...
So on All your other pages...except the login page...
<?php
session_start();
// Is the admin logged in?
if (!isset($_SESSION['admin']))
{
header("location:admin_login.php");
exit();
}
echo ' all html code ';
I am developing a web application using PHP in which a user initially has to sign in and view his content. I am using PHP sessions to maintain state. I encountered following problems:
Although I started the session on each page and after relevent session variables are set, the session is destroyed each time the page is refreshed or when I browse the same URL on a different tab.
I need the user to be redirected to his content page when the user browsed login page with he has already logged in.
I'm really new to PHP, So I have no idea how to solve these problems. I referred several questions in the stackoverflow, but they all say that sessions are not destroyed on page refresh. I could not understand what's wrong with my page. Any solution with explaination is greatly appreciated.
Login page
<?php
session_start();
class Sessions{
public static function setSessionState($userdata){
unset($userdata['password']);
unset($userdata['timestamp']);
$_SESSION['user']=$userdata;
}
}
if(isset($_POST['username']) && isset($_POST['password'])){
$dbcon = new DBConnection();
$dbcon->connect();
$username= strip_tags(stripslashes(trim($_POST['username'])));
$password = strip_tags(stripcslashes($_POST['password']));
echo "<script>alert($username);</script>";
$result = $dbcon->getUser($username,$password);
if(mysqli_num_rows($result)==1){
$user = $dbcon->getUserData($result); #getUserData function accepts mysqli result as an input and returns a row(array) of user details.
if(isset($user)){
Sessions::setSessionState($user);
header("location:index.php");
}
else{
echo "user variable is not set!!!";
}
}
else if(mysqli_num_rows($result)==0){
echo "Login error! Username or Password incorrect!";
}
else{
die("Unknown Error occured!");
}
}
............
Index page(in which user's private content is visible)
<?php
session_start();
if(isset($_SESSION['user'])){
print_r($_SESSION['user']);
}
else{
echo "session variable not set";
}
?>
Thank you.
I finally found the answer which is actually my bad. I didn't mention the last part of the index.php file as I though that part is irrelevant.In that part I have a part,
<form action="<?php session_destroy(); ?>">
After commenting that session_destroy() method call, I could solve my problem and keep session alive.
Sorry for incomplete code.
try this
class Sessions{
public static function setSessionState($userdata){
if ( !isset($_SESSION['user']) ) {
$_SESSION['user'] = $userdata;
}
}
}
Hi iam new to wordpress and I have created a plugin at which I need to print all the session data.First I have created a file in plugin folder and added code like
function myplugin_classname() {
print_r($_SESSION);
}
And I put an click event for two button with class tags like
$('.tags').on('click',function(){
$.post('my_page.php',{val:$(this).val()});
});
and in my_page.php I kept like
$_SESSION['tag'] = $_POST['val'];
but when it comes to printing the session variables at myplugin_classname (by refreshing the page)it doesnt prints the newly assigned session variable....How to solve this..??I have started session through theme-my-login login.
You need to add <?php session_start(); ?> at beginning of my_page.php
After that for destroying session you can use wp_logout action in wordpress. code is as follows
<?php function custom_unset_session() {
// your code
unset($_SESSION['tag']);
}
add_action('wp_logout', 'custom_unset_session');
?>
// On your plugin functions.php
function register_session() {
if (!session_id())
session_start();
}
add_action('init', 'register_session');
function your_function() {
//Here you can unset your session variabl
}
add_action('wp_logout', 'your_function');
//Now you can use
$_SESSION['tag'] = $_POST['val'];
Those two articles are helpful as well:
http://www.frank-verhoeven.com/using-session-in-wordpress/
http://devondev.com/2012/02/03/using-the-php-session-in-wordpress/
I am editing wp-login.php to create a custom login screen. Maybe there's a better way to do this, so if anyone has experience with that any comments are welcome.
Within my theme's functions.php I start a session:
function init_sessions() {
if (!session_id()) {
session_start();
}
}
add_action('init', 'init_sessions');
Within my theme file I set a session variable:
// Check if we've submitted a language
if($_GET['id'] == 'en') {
$_SESSION['bam_lan'] = 'en';
}
if(!isset($_SESSION['bam_lan'])) {
$_SESSION['bam_lan'] = 'es';
}
// Set language
$bam_lan = $_SESSION['bam_lan'];
Within wp-login.php, echo $_SESSION['bam_lan']; doesn't echo anything.
How do I get a global session variable which is set in my theme's functions.php from wp-login.php??
Thanks!
wp-login.php executes before functions.php and before 'init' action.
i am using a session variable to authenticate, acc to my knowledge the session variable is supposed to be stored at the server even when new pages are loaded.
I am using the following code:
<?php
session_start();
echo $_POST['path'];
if($_POST['path']=="index")
{
$_SESSION['rightPath']=1;
if(isset($_SESSION['rightPath']))
echo "it is set";
?>
<script type="text/javascript">parent.location='UI.php'</script>
<?php
}
else
{?>
<script type="text/javascript">parent.location='index.php'</script>
<?php
}
?>
here this isset function tells me that the variable is set but in the next page ui.php is it not giving me the same result.
<?php
if(!isset($_SESSION['rightPath']))
{
echo "it not is set";?>
<?php }
?>
this is the ui.php page snippet. here the if statement is executing.
what am i doing wrong ?
you need to start session here is well
<?php
session_start();
if(!isset($_SESSION['rightPath']))
{
echo "it not is set";?>
<?php }
?>
You are not starting the session in UI.php. The code should be like this, with session_start at the top:
<?php
session_start();
if(!isset($_SESSION['rightPath']))
{
echo "it not is set";?>
}
?>
The session_start() creates a session or resumes the current one. So, while you are creating the session earlier, it is NOT resumed unless you do a session_start() again on every page where you intend to use the session variables.