I'm losing the data in $_SESSION when I do a header redirect. When I walk through this with a debugger I can see all my data in $_SESSION before I exit();
Login.php :
...
if($result == 1){
header("Location: /myaccount.php");
session_write_close();
exit();
} else {
header("Location: /login.php?invalid=yes");
exit();
}
Then I put a breakpoint after the session_start() conditional below and $_SESSION is completely empty.
myaccount.php:
<?php
if(!isset($_SESSION['user_id'])) { session_start(); }
$docRoot = getenv("DOCUMENT_ROOT");
...
Where did my session go?
Make sure you are using the function session_start(); before the if-statement on myaccount.php
You should call session_start() on every page accessing (that is, reading or writing) $_SESSION, and call it before any access to the session array. So, be sure you call session_start() on both pages.
Yes don't delete post ... I had EXACTLY the same issue, and this post caused me to involuntarily smack palm firmly against forehead. And it fixed the problem (with my code that is, not my dumbness). Cheers!
Related
I have a simple page to check if the session are set or no
session_start();
if (!isset($_SESSION['id'])) {
$_SESSION['checkin'] = 'yes';
header("Location: https://blabla.php");
exit();
} else {
// do something here
}
<HTM>
web page
</HTML>
everytime i the session is not set, i would not load the page. i have try to delete the exit() funciton, page load correctly, but i cannot redirect it to the url
EDIT :
I am forget to write session_start(); here, but in my real code, they already inputed
It is likely that you have a non-header output before the header line.
Try adding an ob_start() after the session_start().
i will handling scurity file with session, but i have problem.
i have filea.php with session.
session_start();
if ($_SESSION['login']){
include('fileb.php');
}
i have fileb.php with session.
session_start();
if ($_SESSION['login']){
} else {
// redirect to login
}
i will include fileb.php in filea.php using include file
my filea.php
session_start();
if ($_SESSION['login']){
include('fileb.php');
}
anyone can help me?
Instead of just using session_start() on fileA and fileB, you could use:
if (session_status() === PHP_SESSION_NONE){session_start();}
This will ensure that session will be started only if it is not already set, else will be skipped.
Similarly to see if SESSION variables are set or not, consider using:
if(isset($_SESSION['login'])) {
// Your codes here
}
Where, I assume that you have managed the session variables somewhere else and is working properly.
I am trying to verify that a user has logged in before showing them the page, using the method below, while the if/else method works when wrapped around plain html, it is failing when there is php involved. I am a novice by the way. What happens is the page simply loads as if the two tags below weren't there...which would be fine had I previously logged in, but I hadn't.
<?php
session_start();
if(isset($_SESSION['user'])) {
?>
HTML/PHP Page goes here.
<?php
} else {
header("Location: cms/admin/loginreadmode.php");
}
?>
Thanks in advance,
You can debug just below your session_start(); by printing your session:
echo '<pre>';
print_r($_SESSION);
die();
If $_SESSION['user'] isn't showing up in your array it isn't be set.
You can do this like this:
session_start();
$_SESSION['user'] = true;
Are you sure that you have add session support in every page?
if (!isset($_SESSION)) {
session_start();
}
This code should be working, so mistake is probably somwhere else I suggest checking if you set $_session["user] after login.
You should also replace your not-working code part with simple
echo "hello";
to chek it.
1) That is not a great method of checking whether a user is logged in, purely checking whether a user sessions exists can end up causing a lot of problems. Storing the ID in the sessions and then checking whether the ID is valid may be a better way,
2) When I copy the code above into a test document it goes straight to the redirect page in the else statement. This is down to the user session not being set, as soon as I set the user session before the code is executed it works fine. I see 'HTML/PHP Page goes here.'.
Setting the user session:
$_SESSION['user'] = 'TestUser';
You can change the code at the top of the page to be
<?php
session_start();
if(!isset($_SESSION['user'])) {
header("Location: cms/admin/loginreadmode.php");
die();
}
?>
I would like to know if anyone can help me with this $_SESSION variable problem. I want to add a script to a signup page that will allow someone that is already logged in to access the page from the backend and for someone who is not logged in to be redirected to the index page. Currently what is happening is that the page, when accessed from outside is redirected to index which is perfect, but from within the backend, when clicked on add user, it stays on the same page. Please excuse all the mistakes = still very new to PHP.
require 'function.php';
session_start();
if (isset($_SESSION['authenticated']) && !empty($_SESSION['authenticated'])) {
header('Location: ../../scripts/backend_login/signup.php');
} else {
header('Location: ../../scripts/backend_login/index.php');
}
You should start your session on every page where you use $_SESSION
session_start()
before the rest of your code
Start off by ensuring you have a session_start() on every page needing the session variable.
Next, change your code to this:
if (isset($_SESSION['authenticated']) {
if ($_SESSION['authenticated'] == true) {
header('Location: ../../backend_login/index.php');
} else {
header('Location: ../../backend_login/signup.php');
}
}
Try that and see
The true will only work if that is the value of the authenticated session
----EDIT----
The ($_SESSION['authenticated'] == true) is not vital, it is just another fail-safe to be double sure the correct session state is active, can be completed without this
I fixed my own problem. Here is the solution.
require_once('function.php');
session_start();
if (!is_user()) {
redirect('index.php');
}
thank you all for helping!
This seems really simple, and I see a lot of documentation about it, but I can't get it to work. Basically, I have a page "download-software.php" that we want only to be accessed from "download-registration.php" On the second page "download-registration.php" I have this:
<?php
session_start();
$_SESSION['authenticated'] = 'yes';
?>
and on the first page "download-software.php" I have this:
<?php
session_start();
if($_SESSION['authenticated'] != 'yes') {
header("Location: http://kinetick.com/V3/download-free.php");
};
?>
I need to kick the browser to the "download-free.php" page if they dont come from the first page. Can anyone help me out pls?
**Edit**
added session_start(); still doesn't work.
You need to add another session_start() to the beginning of download-software.php to resume the session you started from download-registration.php.
You forgot session_start() on download-software.php
You must always call session_start() before any html data to be able to use $_SESSION in your script