Login page:
<?php
session_start();
#echo session_id ();
$_SESSION["auth"]= "yes";
echo 'portal page link. Auth set to: {$_SESSION["auth"]}';
?>
Portal page:
<?php session_start();
echo "auth = {$_SESSION["auth"] } <BR />";
echo session_id ();
?>
The auth session is lost between the two pages somehow!
Edit
Here is a test url:
http://proserv01.services.lyris.com/NFPInsurance/UnsegmentedMemberReport/logintest.php
When trouble-shooting sessions, there are a few things I tend to do, but let's start with your code.
Here is an updated version of your page code so you actually see the value stored in $_SESSION['auth'] (your quotes were causing some trouble):
<?php
session_start();
$_SESSION["auth"] = "yes";
echo 'portal page link. Auth set to: ' . $_SESSION["auth"] . '';
?>
Here is the updated version of the portal page, which removes the additional space after the closing curly bracket:
<?php
session_start();
echo "auth = {$_SESSION["auth"]} <BR />";
?>
Now, if you don't see the auth with these revisions, you can try:
Changing the code in portal so it just dumps out the session so you can see what you've got: session_start(); var_dump($_SESSION);
Checking to make sure the error reporting is enabled, as PHP helps you identify many potential issues quite quickly (e.g., index doesn't exist, the headers were already sent, etc.): ini_set('display_errors','1'); error_reporting(E_ALL);
You can check your PHP config file (php.ini) to make sure that there are no settings causing session issues directly.
NOTE: For testing purposes only.
I am unsure as to what the expected results are, yet I will submit this as an answer with explanations set inside PHP comments.
Give this a try:
<?php
session_start();
$_SESSION["auth"]= "yes";
// will echo: portal page link. Auth set to: yes
echo 'portal page link. Auth set to: ' . $_SESSION["auth"] . '';
echo "<br>";
// will echo: auth = yes
echo "auth = {$_SESSION["auth"] } <BR />";
?>
Related
I would like to maintain 3 $_Session variables after login. My login modal submits to my index.php page and this seems to be the only place I can access the session variables I set when the user logs in. How do I pass these variables to the next page the user visits? I know I can use hidden inputs in forms but what if the brows the site using the menu? I would like to store a users session variables in a session include file but I have the same issue passing the values of the variables from page to page.
-Mike
File a.php:
<?php
session_start();
$_SESSION['saveme'] = 'from file A';
?>
File b.php:
<?php
session_start();
echo $_SESSION['saveme']; // if you visited a.php previously, you will see "from file A"
?>
Setting a session variable in any file makes it available anywhere else.
You can store you values in session on one page(index in your case as you mentioned) then later on you can get those values on any page if session in started on that page. Session store those value till same session alive.
code to set values in session:
<?php
// Start the session
session_start();
?>
<?php
// Set session variables
$_SESSION["xyz"] = "xyz";
$_SESSION["abc"] = "abc";
echo "Session variables are set.";
?>
Code to get session values:
<?php
// Echo session variables that were set on previous page
echo "value of xyz is " . $_SESSION["xyz"] . ".<br>";
echo "value of abc is " . $_SESSION["abc"] . ".";
?>
The form of your modal
<form action="index.php" method="post">
Username <input type="text" name="username" />
Password <input type="password" name="password" />
</form>
Then you catch it in your index.php
<?php
session_start();
if (isset($_POST['username']) && isset($_POST['password'])) {
// Check if user exists and password matches
$_SESSION['username'] = $_POST['username'];
$_SESSION['logintime'] = time();
$_SESSION['something'] = 'else';
}
In any other page you can use the values like
<?php
session_start();
if (isset($_SESSION['username'])) {
echo 'Welcome ' . $_SESSION['username'];
}
All who have provided answers thank you. This overlooked detail was all on me and though I have been out of the dev game for a while I should have known better.
My hosting service by default makes all file permissions read/write only...to access session variables I changed to read/write/execute and was successful.
Again thanks!
I've got an issue, I've looked everywhere and can't find an answer.
On one of my pages I have it set so users can change there firstname/lastname etc, once the change is done, they can't see there firstname change, the only way they can at the moment is to logout then login again.
I've tried session refresh, but that doesn't help, although it does change the session ID.
If someone could link me a tutorial or even post a snippet of code that does that, it would be great! Thank you. My current script for displaying the user's data is via session.
<?php
error_reporting(E_ERROR);
?>
<?php
session_start();
if(!isset($_SESSION["user"]) or !is_array($_SESSION["user"]) or
empty($_SESSION["user"])
)
// redirect to index page if not superuser
header('Location: index.php');
mkdir('users/'.$_SESSION["user"]["id"])
?>
<?php
$old_sessionid = session_id();
session_regenerate_id();
$new_sessionid = session_id();
echo "Old Session: $old_sessionid<br />";
echo "New Session: $new_sessionid<br />";
print_r($_SESSION);
?>
<h3 align="left"><?= $_SESSION["user"]["firstname"] ?></h3>
<h3 align="left"><?= $_SESSION["user"]["id"] ?></h3>
My php website flows like this:
Page1.php has an html form which POSTs to Page2.php
Page2.php stores all the POST data into SESSION variables and has a button leading to Page3.php
Page3.php has another form which POSTs its data to Page4.php
Page4.php then stores all its POST data into SESSION variables
My problem is that it may be nessicary for a user to click the back button on Page4.php to go back to Page3.php and change some input. AS im sure your all aware when they get back to Page3.php the form will be blank as the entire page is re-rendered in its default state.
To get around this and re-display the user's previous input im doing this:
<input value="<?php echo $_POST["guest1Ticket"];?> " type="text" name="guest1Ticket" id="guest1Ticket" onblur="isTicketNumber(this)" size ="22"/>
This being the important part - <?php echo $_POST["guest1Ticket"];?>
This works but creates another problem for me. If the user goes back to Page1.php (before colsing their browser) and starts the process over again when they get to Page3.php the data from their last run through will be loaded into the form.
What I figure I need to do is clear all of the sdession variables when the user visists Page1.php. I tried to to that like this:
<?php
session_start();
session_unset();
session_destroy();
?>
(The above is at the very top of my file with no whitespace before the first character.)
No Warnings are generated when Page1.php loads but the session variables are not getting unset. When I get to Page3.php the data from the last run is still being entered into the form.
How can I clear my session data correctly?
BTW I only need this to work in Chrome and thats where im testing.
Only use session_unset() for older deprecated code that does not use $_SESSION.
see session_destroy manual
example you can try and see how it works
session.php
<?php
session_start();
$_SESSION = array('session1'=>1,'session2'=>2);
echo $_SESSION['session1']; //1
$_SESSION['session1'] = 3;
echo "<pre>";
print_r($_SESSION); //session one now updated to 3
echo "</pre>";
$_SESSION = array();
if ($_SESSION['session1']) {
echo $_SESSION['session1']; // IS NOW EMPTY
} else {
echo "woops... nothing found";
}
?>
<p>
<a href="destroyed.php">NOW GOING TO DESTROYED PHP<a/>
</p>
<?php
session_destroy();
?>
destroyed.php
<?php
session_start(); // calling session start first on destroyed.php
print_r($_SESSION); // prints Array ( )
?>
From the documentation:
If $_SESSION (or $HTTP_SESSION_VARS for PHP 4.0.6 or less) is used,
use unset() to unregister a session variable, i.e. unset ($_SESSION['varname']);
And take care about session_destroy:
session_destroy destroys all of the data associated with the current session. It does not unset any of the global variables associated with the session
Use session_unset(). Like this:
<?php session_start(); ?><!DOCTYPE html>
<html>
<body>
<?php
$_SESSION["variabletounset"] = "I am going to be unset soon along with all of the other session variables.";
print '<pre>' . "\n";
print_r($_SESSION);
print ' </pre>' . "\n";
session_unset();
print ' <pre>' . "\n";
print_r($_SESSION);
print ' </pre>' . "\n";
?>
</body>
</html>
This would output:
Array
(
variabletounset => I am going to be unset soon along with all of the other session variables.
)
Array
(
)
I am new to php, and very new to sessions, so I have no idea what I am doing wrong. I followed the tutorial on tizag, and put this code on my site:
<?php
session_start();
echo SID . "<br><br>";
if(isset($_SESSION['views'])) {
$_SESSION['views'] = $_SESSION['views'] + 1;
} else {
$_SESSION['views'] = 1;
echo "views = ". $_SESSION['views'];
}
?>
The SID changes whenever I refresh, and the number does not count up.
Update: Url: http://121.73.150.105/PIA/
FIXED BY: Putting session_start() before my doctype, title etc.
Are cookies enabled in you're browser ? phpsessid is stored as a cookie , you can set different parameters for it , one that could be usefull in you're case could be session_get_cookie_params() , and see if everithing is oki with the session cookie params .
If anything is wrong like expiration date you can set the params with session_set_cookie_params()
Your PHP setup may have been configured to not save sessions in cookies.
To verify if this is the case, you can take a look at session.use_cookies in your php.ini, or using ini_get, like so:
<?php echo ini_get('session.use-cookies'); ?>
You can correct it at runtime, as well, using ini_set, like so:
<?php ini_set('session.use-cookies', '1'); ?>
either you are outputting something to the browser before calling session start, or you have cookies disabled.
You don't output the $_SESSION['view'] after the if statement. I think that's why it doesn't change.
Try:
<?php
session_start();
echo SID . "<br><br>";
if(isset($_SESSION['views'])) {
$_SESSION['views'] = $_SESSION['views'] + 1;
} else {
$_SESSION['views'] = 1;
}
echo "views = ". $_SESSION['views'];
?>
So you always output the new $_SESSION['views'] value.
EDIT:
I think the right answer is that the session is not set. But I'm curious, how can the code always outputs "view = 1"? Can I open a new question referencing this question or just discuss it here?
in your code if you cant see session ID you can write
session_id() in place of SID.
ini_set("session.use_cookies",1);
ini_set("session.use_only_cookies",1);
this two parameter must set to gether if you want it work
I'm trying to do a simple test php script for sessions. Basically it increments a counter (stored in $_SESSION) every time you refresh that page. That works, but I'm trying to have a link to destroy the session which reloads the page with the ?destroy=1 parameter. I've tried a couple of if statements to see if that parameter is set and if so to destroy the session but it doesn't seem to work.
I've even put an if statement in the main body to pop-up a message if the parameter is set - but it doesn't seem to be picked up.
I know I'm doing something silly (I'm a PHP newbie) but I can't seem to find what it is...
See code here:
<?php
if ($_POST['destroy']) {
session_destroy();
} else {
session_start();
}
?>
<html>
<head>
<title>Session test</title>
</head>
<body>
<?php
if (isset($_POST['destroy'])) {
echo "Destroy set";
}
$_SESSION['counter']++;
echo "You have visited this page " . $_SESSION['counter'] . " times" . "<BR>";
echo "I am tracking you using the session id " . session_id() . "<BR>";
echo "Click here to destroy the session.";
?>
I think you put
$_POST['destroy']
Instead of
$_GET['destroy']
You need to use a form if you'd like to use a $_POST variable. $_GET variables are stored in the URL.
By the way you can use
$_REQUEST['destroy']
which would work regardless if the data is passed in a POST or a GET request.
In the PHP Manual it has code snippet for destroying a session.
session_start();
$_SESSION = array();
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time()-42000, '/');
}
session_destroy();
Yeah, you're going to want to do
if( $_GET['destroy'] == 1 )
or
if( isset($_GET['destroy']) )
I know I'm doing something silly (I'm a php newbie) but I can't seem to find what it is...
that is how you are going to learn a lot ;) enjoy it ...