At first, my sessions kept resetting so I wrote out a simple script to test out my sessions.
<?php
session_start();
// Show banner
echo '<b>Session Support Checker</b><hr />';
// Check if the page has been reloaded
if(!isset($_GET['reload']) OR $_GET['reload'] != 'true') {
// Set the message
$_SESSION['MESSAGE'] = 'Session support enabled!<br />';
// Give user link to check
echo 'Click HERE to check for PHP Session Support.<br />';
} else {
// Check if the message has been carried on in the reload
if(isset($_SESSION['MESSAGE'])) {
echo $_SESSION['MESSAGE'];
} else {
echo 'Sorry, it appears session support is not enabled, or you PHP version is to old. Click HERE to go back.<br />';
}
}
?>
Needless to say, I got "Sorry, it appears session support is not enabled..." (my php version is 5.2 if memory serves, so it's definitely not too old). I checked my php.ini file and PHP is writing session files in the folder the php.ini file points to with what appears to be correct data, yet, I can't pass any data from one page to the other. Anybody have any idea on what is going wrong?
Here's the pertinent part (session) of phpinfo()...
http://pastebin.com/vnv7J26T
Related
So, I'm using a simple login-script for a few pages, using sessions to identify the user, by putting the users name in a $_SESSION variable and then checking if the variable is set on each page. This worked fine when I ran the script locally through a WAMP-server - but when I uploaded it to a webhotel I ran into a weird issue.
The login-script, which sets the $_SESSION variable if the username and password matches up with information from a MySQL-database, somehow won't start the session. I have session_start(); at the top of every page, including the login-script, so I don't understand why it wont start.
Now, I found a script on here that is used to check for session-support:
<?php
// Start Session
session_start();
// Show banner
echo '<b>Session Support Checker</b><hr />';
// Check if the page has been reloaded
if(!isset($_GET['reload']) OR $_GET['reload'] != 'true') {
// Set the message
$_SESSION['MESSAGE'] = 'Session support enabled!<br />';
// Give user link to check
echo 'Click HERE to check for PHP Session Support.<br />';
}
else {
// Check if the message has been carried on in the reload
if(isset($_SESSION['MESSAGE'])) {
echo $_SESSION['MESSAGE'];
}
else {
echo 'Sorry, it appears session support is not enabled, or you PHP version is to old. Click HERE to go back.<br />';
}
}
?>
The really weird thing is that this script tells me that session-support is enabled - and after running it, it suddenly works across all the pages.
So I have to run this script (in its own file) every time I access the site, because the login-script won't set the $_SESSION variable without running this script first.
JUST TO MAKE SURE: I am NOT asking how to check if session-support is enabled or not; the issue is why sessions are not enabled untill AFTER I run the script above.
Why is this happening, and how do I fix it?
Session is automatically started when session_start() function runs. To check if a session is set, you do not need that long code. Try this.
if(session_start())
{
echo session_id();
}
If session is started, session id will be printed. Else, it won't.
I try myself a single page login (form + validation). It works slightly good. I'm using SESSION for checking all the conditions (for whether user exists, password correct or not).
My code here:
if(isset($_SESSION['loggedin']))
{
header("Location:member_page.php");
}
if(!isset($_POST['submit']))
{
if(isset($_SESSION['result']))
{
if($_SESSION['result']=="false")
echo "<font color=white>Invalid Credentials. Try again!!! </font>";
if($_SESSION['result']=="false1")
echo "<font color=white>User doesn't exist. Try again!!!</font>";
}
}
else
{
/* check user Authentication in DB*/
}
It works good. But When i reload the page, the session remains exist, so same error is showing in the page. I think this may be annoying to the Users. IS there any modifications can be made in this code to solve this?
Also tell me whether this code is good for single page login form?
After you echo out the error you need to remove the variable from the session.
Add unset($_SESSION['result']); under:
if($_SESSION['result']=="false")
echo "<font color=white>Invalid Credentials. Try again!!! </font>";
if($_SESSION['result']=="false1")
echo "<font color=white>User doesn't exist. Try again!!!</font>";
I am working on this CodeIgniter project, and I want to provide the 'Remember Me' feature for logging in. and for that I am setting a cookie like this.
if(strtolower($loggedin) == 'on') {
//set cookie for 30 days.
setcookie('teacher_login', $teacher_id, time()+60*60*24*30);
}
redirect();
I have checked by using,
echo setcookie('teacher_login', $teacher_id, time()+60*60*24*30);
and the output was '1'. But after the redirect to the home controller, there when I check use the following:
if (isset($_COOKIE["teacher_login"])) {
echo $_COOKIE["teacher_login"];
} else {
echo 'cookie not set';
}
and the output here is 'cookie not set'.
I don't know what is going on here, I checked the PHP manual and the instructions seemed simple enough. Moreover I tried to use the CodeIgniter cookie helper. set_cookie($cookie) didn't work either.
What could possibly be the problem?
So problem is as the title says php session is being created for every page. So when I want to get a variable from session like this
session_start();
echo $_SESSION['error'];
It says "undefined index".
The problem is, in fact 'error' index defined but not in the current session since php creates new session for every page.
How can I solve this?
Note: I put session_start(); to every pages' first line, and before header("location:error.php") I put session_write_close(); and after the header there is die(); method too. I'm working on localhost. Using Latest version of WAMP and JETBRAINS PHPSTORM.
EDIT---------------------
This is where I define my session for error(this is from login.php page)
session_start();
$_SESSION['error'] = "Enter both username and password";
header('Location:error.php');
exit;
When the code above run, a session named "sess_amvrseubtusk0dpuo4fs35r0q1" is created and it has this line in it
error|s:32:"Enter both username and password";
And this is where I want to read session (this is from error.php page)
session_start();
echo 'SESSION: ' . $_SESSION['error'];
When the code above run, a session named "sess_m08lf25stbhg75gj2h0n0vose0" is created and it is empty.
I have all two of the created session files in my Session directory so 1 session file for each page.
EDIT 2----------------------------------
Here my php.ini file
http://pastebin.com/JNsPdzjH
EDIT 3----------------------------------
New php.ini file with changes "c:/wamp/tmp" to "C:/Users/nerzid/PhpstormProjects/Deneme/Session"
http://pastebin.com/Zaz37UPC
This posted as per your originally posted question should people wonder.
You may not have defined anything to $_SESSION['error'], least not with what you posted for code:
session_start();
echo $_SESSION['error'];
You would first need to assign something to it.
For example:
session_start();
$_SESSION['error'] = "Error.";
echo $_SESSION['error'];
Then on subsequent pages, you check if the session is set => isset() and/or empty => empty() or not.
I.e.:
if(isset($_SESSION['error']) && !empty($_SESSION['error'])){
echo $_SESSION['error'];
}
else{
echo "Session is not set";
// set a new one
}
If session is set from a variable example:
session_start();
$_SESSION['error'] = "Error.";
$error_x = $_SESSION['error'];
echo $error_x;
Also, when using header, add exit;
header("location:error.php")
exit;
always.
Sidenote:
Since you're working off of localhost, make sure the folder is writeable.
I'm devolping an application in PHP where I need to use sessions.
I've developed my application with a three layer architecture.
I use only one PHP page and dummy forms to submit user actions and all the processing is being made throught entities/function specific classes.
When the page is first opened I check the variables, if it was never opened earlier I present the login form.
When I receive the post from this form I check the user and if the user is ok I start the session
if(isset($_POST['login']))
{
if($_POST['login']=='login')
{
//valida user
$accoes=$du->login($_POST['username'],$_POST['password']);
if($accoes===false)
{
echo "<SCRIPT LANGUAGE=\"JavaScript\" TYPE=\"text/javascript\">";
echo "alert('Erro no Login');";
echo "</SCRIPT>";
unset($accoes);
}
else
{
//utilizador valido
echo "<SCRIPT LANGUAGE=\"JavaScript\" TYPE=\"text/javascript\">";
echo "alert('Utilizador vĂ¡lido');";
echo "</SCRIPT>";
session_start();
$user="teste";
$screen="logged";
$_SESSION['user']=$user;
}
}
}
Although when this page is refreshed via a user action I can't see the session id nor the session variables.
Am I missing something like session_commit or other instruction?
Should session_start() also appear before trying to chech session variables?
Could it be something missing in PHP.ini file?
When I reload the first thing I do is the check for session variables
if(session_id() != '') {
$user=$_SESSION['user'];
}
I know I should know how to resolve this, but til now my experience with PHP was throw Flex/Flash so session management wasn't really necessary.
Thanks for the help
one thing that I can surely point out .. your session_start() should be the first line after opening php tahg
<?php
session_start();
And it should be called on every page where $_SESSION is to be called ..
otherwise session will not be properly accessible