I've a problem with PHP sessions.
This is my code:
login.php
<?php
session_start();
...
...
...
$_SESSION['id'] = $user['id'];
$_SESSION['name'] = $user['nome'];
$_SESSION['ruolo'] = $user['ruolo'];
$_SESSION['auth'] = true;
header("location: index.php");
exit();
...
...
index.php
<?php
session_start();
var_dump($_SESSION);
...
...
?>
result is array(0) { }
I've already seen other similar posts, but no proposed solutions are helpful to me (session_start, exit after header, etc)
Some suggestions?
Try adding this to the top of your script:
ini_set("session.cookie_domain", ".domain.com");
Related
I have a session set up like this:
<?php
session_start();
include 'conconfig.php';
$con = new mysqli(DB_HOST,DB_USER,DB_PASS,DB_NAME);
$email = $_POST['email'];
$pass = $_POST['pass'];
$query = "SELECT * FROM tempusers WHERE user='$email' AND pass='$pass'";
$result = mysqli_query($con,$query)or die(mysqli_error());
$num_row = mysqli_num_rows($result);
$row=mysqli_fetch_assoc($result);
if( $num_row >=1 ) {
echo 'true';
$_SESSION['uName'] = $row['uName'];
}
else{
echo 'false';
}
?>
and in my logout.php I have
<?php
session_start();
session_unset();
unset($_SESSION['uName']);
session_destroy();
header("Location:index.php");
?>
but none of the session_unset(); , unset() and session_destroy(); seems to be not working because after getting to the page I am still able to use browser Back button and back to the restricted page! besides the header() is not changing the page into index.php can you please let me know what I am doing wrong and how I can fix it?
Basically, I have a Log out Link in Restricted page which is like this
<a href="logout.php" >Logout</a>
Thanks
Update:
Here is the Session code which I have at the top of restricted page
<?php
session_start();
if(empty($_SESSION['uName'])){
header('Location: login.php');
}
?>
Try regenerating the session id and destroying all the data.
<?php
session_start();
session_unset();
session_destroy();
session_write_close();
setcookie(session_name(), '', 0, '/');
session_regenerate_id(true);
header("Location:index.php");
exit();
?>
I have been beating my my head over this. My code is virtually identical to other projects where this DOES work. Here is how I do it:
session_start();
set_up_session($username);
redirect_to('index.php');
And the two functions:
function redirect_to($location=null) {
if($location!=null) {
header("Location: {$location}");
exit;
}
}
function set_up_session($username) {
session_start();
$_SESSION['user_id']=$id;
$_SESSION['logged_in']=true;
$_SESSION['username']=$username;
}
if I comment out the redirect and echo any of the $_SESSION var's, the var reads correctly. But after the redirect, the session ends.
This is what's on the next page.
<?php if (!isset($_SESSION['logged_in'])) { ?>
// do stuff <-- this is what gets shown showing session is no longer active
<?php } else { ?>
<p>Hi, <?php echo $_SESSION['username']; ?></p>
<?php } ?>
make sure the page you are redirecting to has session_start() at the top of the document
if(!isset($_SESSION)){
session_start();
}
My first step I would do is try this on the next page:
<?php
if (isset($_SESSION['logged_in'])) {
echo $_SESSION['username'];
} else {
//do stuff
}
?>
I had a problem a posted earlier in dealing with sessions. My resolution to the problem was to set a $_SESSION[]; to a variable. EX:
<?php
$Username = "Guest"; //Set your variable before you actually need it. (This is what fixed my problem)
if (isset($_SESSION['logged_in'])) {
$Username = $_SESSION['username'];
}
?>
NOTE: You might want to change the if (isset($_SESSION['logged_in'])) to instead check for if the username is set. For example:
<?php
$User = "Guest";
if (isset($_SESSION['username'])) {
$User = $_SESSION['username'];
} else {
//do stuff
}
?>
Also, as stated by the other user, make sure the page you redirect to has a session_start(); function in it. Otherwise, this will not work.
I'm trying to create a simple member login site, and I was following along with a tutorial online. However, a deprecated function is used. Here is the code.
<?php
session_start();
session_destroy();
if(isset($_COOKIE['id']))
{
//remove cookie
setcookie("$id_cookie", '', time() - 50000);
setcookie("$pass_cookie", '', time() - 50000);
}
if(!session_is_registered('username'))
{
header("Location: index.php");
}
else
{
exit('Sorry we could not log you out');
}
?>
I also tried !isset($_SESSION['username']), but every time I try to log out, I just receive the 'Sorry we could not log you out' text.
Here is the part of my login.php file code where I set the sessions:
//member does exist, start sessions
$_SESSION['password'] = $password;
while($row = mysql_fetch_array($query))
{
$username = $row['username'];
$id = $row['id'];
}
$_SESSION['username'] = $username;
$_SESSION['id'] = $id;
Any help would be great!
Don't use
session_is_registered
use
if (isset($_SESSION['SESSION_VARIABLE_NAME']))
You may add "session_unset();" before "session_destroy();"
session_destroy() delete the session file and release the session id, but keep the $_SESSION variable in memory.
use this with isset
if(!isset($_SESSION['username']))
Try this
echo "<pre>";
print_r($_SESSION);
echo "</pre>";
if(!isset($_SESSION['username']))
{
header("Location: index.php");
}
Check where the the SESSSION is stored or not.
Try this code in your log out script
<?php
session_start();
if(isset($_SESSION['id']))
{
unset($_SESSION['username']);
unset($_SESSION['id']);
}
if(!isset($_SESSION['username']))
{
header("Location: index.php");
}
else
{
exit('Sorry we could not log you out');
}
?>
I'm using the following code. Session is working on the same page; on the next page it is not showing the session variable value. Please let me know what I'm doing wrong?
<?php
session_start();
$_SESSION['emailaddress']=$emailAddress;
header("Location: $success "); /* Redirect browser */
exit;
?>
use session_start() in the page that you are redirecting to, as well ($success), before accessing the session values there
So that the "success.php" page looks something like:
<?
session_start();
print_r($_SESSION);
?>
<?php
if(some_condition is true)
{
session_regenerate_id();
session_start();
$_SESSION['emailaddress']=$emailAddress;
header("location: member-index.php");
exit();
}
on secure page:
<?php
//Start session
session_start();
//Check whether the session variable is present or not
if(!$_SESSION['emailAddress'])
{
header("location: access-denied.php");
exit();
}
?>
<p>This is secured page with session: <b><?php echo $_SESSION['emailAddress']; ?></b>
I like to know how to use a condition on php sessions
in this code if the user is not loged in page will redirect to login.php.
<?
session_start();
if(!session_is_registered(username)){
header("location: login.php");
}
?>
what i want is to redirect user to another php if the user is loged in. if not stay on the same page. like if user is not loged in keep the user in index page and if user is loged in redirect the user to user.php
for the login script im using a code fount in this site :http://www.phpeasystep.com/phptu/6.html
thanks in advance.
Set a variable in $_SESSION when you have logged in.
i.e. in login.php:
if ( $passWordCorrect ) {
session_start();
$_SESSION['loggedIn'] = true;
}
in index.php:
session_start();
if ( !empty( $_SESSION['loggedIn'] ) ) {
// User logged in; do magic.
} else {
header('Location: user.php');
}
<?
session_start();
if(!$_SESSION['username]){
header("location: login.php");
}
?>
And in login page you asign the variable like this:
<?php
session_start();
$_SESSION['username']='JohnDoe';
?>
The code is on the same page as the tutorial you linked to:
<?php
session_start();
if(!session_is_registered(myusername)){
header("location:main_login.php");
}
?>
But really you should be using the $_SESSION variable. On the login page:
<?php
session_start()
$_SESSION['username'] = $username;
?>
And then on the other pages:
<?php
session_start()
if (!isset($_SESSION['username'])) {
header('location: login.php')
}
?>
UPDATE
It is better to not use short tags (i.e. <?php instead of ?>)