index.php
<?php
session_start();
header("Location: somewhere.php");
?>
<html>
<head></head>
<body>
<?php $_SESSION['foo'] = 'bar'; ?>
</body>
</html>
somewhere.php
<?php
session_start();
echo $_SESSION['foo'];
?>
I set a session variable in the body after a header call in index.php. Then it's found in somewhere.php. This happens even after restarting the browser. How is this happening?
Well, why not?
// starts session, sets cookie with session id
session_start();
// outputs Location header
header("Location: somewhere.php");
// rest of code keeps executing!
// sets session value foo
$_SESSION['foo'] = 'bar';
Just because you're outputting a Location header doesn't mean the rest of the script doesn't execute.
The session value is set and saved on the server, this is completely independent of whether headers have already been sent or not. The only header that needs to be send to the client is a cookie containing the session id, this can happen before or after populating the session values in the server's memory.
EDIT: Erhm. I'm tired. I misunderstood your question. Feel free to ignore this post
Session variables are superglobals. A cookie gets set in the client's browser with a session id. Whatever you set in $_SESSION get's stored on the server linked to the client's session id. When the user browses to a web page, PHP automatically populates $_SESSION with any previous data, until the session has expired.
try this and see if you are getting the same results:
<?php
session_start();
unset($_SESSION['foo']);
header("Location: somewhere.php");
?>
Edit:
<?php
session_start();
unset($_SESSION['foo']);
header("Location: somewhere.php");
exit;//maybe this will stop the script from setting that session
?>
Becuase when you compiler rached on 4th line "header("Location: somewhere.php");"
your control goes to somewhere.php
You can use this.
index.php
< ?php
session_start();
$_SESSION["foo"] = "bar";
header("Location: somewhere.php");
?>
Surely It will run
Related
I have a page, index.php, which includes another page, session.php. In session.php, I would like a session to start, and to set a session variable.
Upon running index.php, I would like the session variable set in session.php to be displayed.
I expected my code to work, but I have found that it does not.
index.php:
<?php
include "path/to/session.php";
echo $_SESSION['var'];
?>
session.php:
<?php
session_start();
$_SESSION['var'] = "yes";
?>
I expected the output to be yes, and instead return no output.
EDIT:
I have tried this on Firefox and Chrome, to no discernible difference.
Upon inserting error handling as suggested below, it has not printed any errors.
Putting an echo "hi"; on session.php will output hi on index.php, so there's no obvious issue with the include or the pathing.
If I run session.php, having it echo the session_id(), the output will be the same each time I refresh the page; if I have the index.php echo the session_id(), it will not produce an output, and the output sent from session.php will be different each time I refresh the page, and does not appear to be reflective of session.php's session_id() when run from that page.
You have to include session_start() at the top of the index.php file
<?php
session_start();
include "path/to/session.php";
echo $_SESSION['var'];
?>
Why I am getting an empty array of the session when I am trying a var_dump in another page?
In the server, the session is stored without any content, only with the name of the id.
With cookies all works well. Sometimes (yes, sometimes), I restart the server, and then, the sessions works well too. What may cause this issue?
Maybe a bug of the php 5.1.6? or a problem in the config of the server?
index_2.php
<?php
session_start();
$_SESSION['xxx'] = "tessstsse";
var_dump($_SESSION);//here show the correct session
header( 'Location: index_3.php');
index_3.php
<?php
session_start();
var_dump($_SESSION);
The output of this will be:
array
empty
Give this a try.. if this works I'd re examine your code else it is probably an issue with your server...
page1.php
<?php
session_start();
$_SESSION['auth'] = "true";
$_SESSION['superhero'] = "batman";
?>
Click here
page2.php
<?php
session_start(); // start the session before using it
//echo $_SESSION['auth']; // will output 'true'
print_r($_SESSION);
?>
destroy.php
<?php
session_start(); // start the session before using it
session_destroy(); // deletes the current session..
?>
I have the web server without space to store the session content.
0% of free space. Delete some data and the problem is solved.
I have a problem with my login script:
I have this 3 scripts
index.php
ob_start();
session_start();
include ('config.php');
include ('home.php');
ob_end_flush();
home.php
if($_SESSION['logged_in']) {
echo $_SESSION['nome'];
} else { ?>
<form name="login" action="checklogin.php";>
...
<?php } ?>
checklogin.php
ob_start();
session_start();
include("config.php");
if(isset($_POST['Submit'])) {
...
$_SESSION['logged_in'] = TRUE;
header("Location: http://$root");
die();
}
ob_end_flush();
My problem is this: When I try to log for the first time my page refresh without show the session. Why?? If a try to close and re-open my browser or log for the second time it will show the session. Why? What should I do?
The problem you're having is that your PHP session is still active due to the lifespan of the session cookie from PHP. See this discussion here for ways to expire your sessions using a $_SESSION variable to hold a timestamp and then checking that timestamp to see if a certain amount of time has past.
Alternatively, that same discussion also gives detailed information on modifying the PHP server to set the default session lifespan using the garbage collection and cookie lifetime settings.
I am new to learning Php. I have created the following code.
<?php
/*
* Testing Sessions with PHP
*/
session_start();
$_SESSION['user_id'] = 'Testing User';
session_destroy();
?>
<html>
<head>
<title> Sessions Page</title>
</head>
<body>
<?php
echo $_SESSION['user_id'];
?>
</body>
</html>
Now the echo $_SESSION['user_id'] echos testing user. In my opinion it should not, as i have destroyed the session. what is the reason?
You need to unset the session vars.
See http://php.net/manual/de/function.session-unset.php
Means, put session_unset() before you destroy the session.
The function session_destroy() will indeed destroy your session. The session is in this case the file (or db) on the server, holding your data. That means you cannot access this session on other pages afterwards.
The globale $_SESSION[] variable is a different story. It is filled from the session file, before the code on your page starts processing. Therefore it holds a copy of the data and stays in memory until your page has finished processing. You can clear this variable with session_unset(), but as well you can wait until the page has finished and all it's variables are destroyed anyway.
This appears to be (for whatever reason) by design. The correct way to do what you wish is.
session_start();
$_SESSION['user_id'] = 'Testing User';
session_unset();
session_destroy();
This code will remove all session variables from $_SESSION and then destroy the session.
Need to be more comprehensive as PHP sessions can really behave differently.
The following works perfectly in all browsers to kill/destroy/unset all session info. Perfect to be used in sign-out file.
<?php
session_start();
session_unset();
session_destroy();
session_write_close();
setcookie(session_name(),'',0,'/');
session_regenerate_id(true);
?>
My website doesn't start a session when I visit, I don't know why but my website works like this:
<?php
session_start();
$title = "Home";
include("include/header.php");
include("include/functions.php");
?>
...HTML stuff here...
<?php
include("footer.php");
?>
But when I check with Cookies (add-on for Firefox) there are no sessions started... I used session_regenerate_id(); but it doesn't work at all.
It fails to log in since there are no sessions, I do not have any session_destroy() in my website, only in the logout.
But funny thing is, when I login (without refreshing or navigating just yet) and then click on the logout button, there is a session on my website, then when I log in again, it tells me that I am logged in BUT if I login and navigate or refresh, it doesn't tell me that I'm logged in since there are no sessions...
Logout:
<?php
session_start();
session_destroy();
setcookie("cookie-name", "", time()-60, "", "", 0);
header("Location: ../index.php");
exit;
?>
What do I do?
You must have session_start() at the beginning of every file that is being accessed and uses sessions. The name is misleading, session_start() actually doesn't start a new session but initialzes PHP session menagment.
Not sure if it's related, but there was a strange PHP quirk that required the SESSION_START() to be on the line immediately below the <?php tag. Something about whitespace and extra things above the session used to make it go haywire for me. I've been using Zend of late, which avoids that issue with its own session handling system.
You might try doing a print_r($_SESSION) to see if there's anything in the session array at all.
It's probably because you are not setting a session in either of the examples you have given, you have to have a line like the one below to actually create a session, and then to access the session variables on all subsequent pages you need session_start();
$_SESSION['example'] = 'something';
It doesn't look like your setting anything in the session or the cookie.
If you want to pass information around in the session you'll need to assign the necessary values in the $_SESSION variable.
For example on your main page you can do:
<?php
session_start();
$_SESSION['myVariable'] = "my text";
?>
And then on any subsequent pages you can access the variable you've set.
<?php
session_start();
echo $_SESSION['myVariable']; //This will print "my text"
?>