Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
sessio_start() doesn't work 1
- Thread starter nataly333
- Start date
-
1
- #2
sleipnir214
Programmer
How do you know? What's your testing methodology?
Want the best answers? Ask the best questions: TANSTAAFL!!
Want the best answers? Ask the best questions: TANSTAAFL!!
sleipnir214
Programmer
For example, given the following two scripts:
a.php:
b.php:
a.php:
Code:
<?php
session_start();
$_SESSION['a'] = 'foo';
print '<html><body><a href="b.php">click</a></body></html>';
?>b.php:
Code:
<?php
session_start();
print '<html><body>' . $_SESSION['a'] . '</body></html>';
?>[code]
If you create the two files, point your browser to a.php, then click on the link, what happens?
[i]Want the best answers? Ask the best questions:[/i] [URL unfurl="true"]http://www.catb.org/~esr/faqs/smart-questions.html[/URL]
TANSTAAFL!!- Thread starter
- #4
Thank you! This is a good test.
Unfortunately now my site isn't working now(something happened to this stupid host)and i can not check it.
This is short version of my "login" page :
<?
session_start();
// MySQL connection
?>
<html>
<head><title>Login</title></head>
<body>
<?
if(!isset($usernameU) | !isset($passwordU)) {
?>
<form action="<?=$PHP_SELF?><?if($QUERY_STRING){ echo"?". $QUERY_STRING;}?>" method="POST">
<table><tr><td>
<table>
<tr><td Password :</td>
<td><input type=password name=passwordU></td></tr>
<input type=submit value=Submit></td></tr>
</form>
</td></tr></table>
</td></tr></table>
</body>
</html>
<?
exit();
}
session_register("usernameU"
;
session_register("passwordU"
$sql = mysql_query("SELECT password FROM login WHERE username = '$usernameU'"
$fetch_em = mysql_fetch_array($sql);
$numrows = mysql_num_rows($sql);
if($numrows != "0" & $passwordU == $fetch_em["password"]) {
$valid_user = 1;
}
else {
$valid_user = 0;
}
if ($valid_user)
{//return to main page
}
if (!($valid_user))
{
session_unset(); // Unset session variables.
session_destroy();
?>
<form action="<?=$PHP_SELF?><?if($QUERY_STRING){ echo"?". $QUERY_STRING;}?>" method="POST">
<table><tr><td>
<table >
<tr><td>
Incorrect login information, please try again.
</td></tr>
<tr><td>User Name :</td><td>
<input type=text name=usernameU></td></tr>
<tr><td>Password :</td>
<td><input type=password name=passwordU></td></tr>
<tr><td>
<input type=submit value=Submit></td></tr>
</form>
</td></tr></table>
</td></tr></table>
</body>
</html>
<?
exit();
}
?>
In every page using sessions i check :
<?
session_start();
if(!isset($usernameU) | !isset($passwordU)) {
?>
If "Yes" - open the member page,
if "No" - open "login" form
It was important : use session_start() for each page(i used it only at the first )
But now i have a new problem : only second "Submit" of the Login form starts the session.
What did i do wrong?
Unfortunately now my site isn't working now(something happened to this stupid host)and i can not check it.
This is short version of my "login" page :
<?
session_start();
// MySQL connection
?>
<html>
<head><title>Login</title></head>
<body>
<?
if(!isset($usernameU) | !isset($passwordU)) {
?>
<form action="<?=$PHP_SELF?><?if($QUERY_STRING){ echo"?". $QUERY_STRING;}?>" method="POST">
<table><tr><td>
<table>
<tr><td Password :</td>
<td><input type=password name=passwordU></td></tr>
<input type=submit value=Submit></td></tr>
</form>
</td></tr></table>
</td></tr></table>
</body>
</html>
<?
exit();
}
session_register("usernameU"
;session_register("passwordU"
; $sql = mysql_query("SELECT password FROM login WHERE username = '$usernameU'"
;$fetch_em = mysql_fetch_array($sql);
$numrows = mysql_num_rows($sql);
if($numrows != "0" & $passwordU == $fetch_em["password"]) {
$valid_user = 1;
}
else {
$valid_user = 0;
}
if ($valid_user)
{//return to main page
}
if (!($valid_user))
{
session_unset(); // Unset session variables.
session_destroy();
?>
<form action="<?=$PHP_SELF?><?if($QUERY_STRING){ echo"?". $QUERY_STRING;}?>" method="POST">
<table><tr><td>
<table >
<tr><td>
Incorrect login information, please try again.
</td></tr>
<tr><td>User Name :</td><td>
<input type=text name=usernameU></td></tr>
<tr><td>Password :</td>
<td><input type=password name=passwordU></td></tr>
<tr><td>
<input type=submit value=Submit></td></tr>
</form>
</td></tr></table>
</td></tr></table>
</body>
</html>
<?
exit();
}
?>
In every page using sessions i check :
<?
session_start();
if(!isset($usernameU) | !isset($passwordU)) {
?>
If "Yes" - open the member page,
if "No" - open "login" form
It was important : use session_start() for each page(i used it only at the first )
But now i have a new problem : only second "Submit" of the Login form starts the session.
What did i do wrong?
- Thread starter
- #5
sleipnir214
Programmer
Sessions work in my code, but not in yours?
Yep, it's a problem in your code. I'd look at your code, but the "context switch" style of PHP progamming gives me a headache.
Want the best answers? Ask the best questions: TANSTAAFL!!
Yep, it's a problem in your code. I'd look at your code, but the "context switch" style of PHP progamming gives me a headache.
Want the best answers? Ask the best questions: TANSTAAFL!!
- Thread starter
- #7
If I run my code (login.php):
<?
session_start();
// MySQL connection
if(!isset($usernameU) | !isset($passwordU)) {
?>
<html>
<head><title>Login</title></head>
<body>
<form action="<?=$PHP_SELF?><?if($QUERY_STRING){ echo"?". $QUERY_STRING;}?>" method="POST">
<table><tr><td>
<table>
<tr><td Password :</td>
<td><input type=password name=passwordU></td></tr>
<input type=submit value=Submit></td></tr>
</form>
</td></tr></table>
</td></tr></table>
</body>
</html>
<?
exit();
}
session_register("usernameU"
session_register("passwordU"
...
if ($valid_user)
{
print"<script languagua=javascript>\n";
print"window.location=\"page.php\";\n";
print"</script>\n";
}
--------------------------------------------
Then on page.php I try
<?
session_start();
if(isset($usernameU) && isset($passwordU))
{
print" Welcome back ".$usernameU."!";
}
I don't see any "welcome", and same with all pages, started from session_start();
But if I run login.php second time - all pages are OK.
<?
session_start();
// MySQL connection
if(!isset($usernameU) | !isset($passwordU)) {
?>
<html>
<head><title>Login</title></head>
<body>
<form action="<?=$PHP_SELF?><?if($QUERY_STRING){ echo"?". $QUERY_STRING;}?>" method="POST">
<table><tr><td>
<table>
<tr><td Password :</td>
<td><input type=password name=passwordU></td></tr>
<input type=submit value=Submit></td></tr>
</form>
</td></tr></table>
</td></tr></table>
</body>
</html>
<?
exit();
}
session_register("usernameU"
;session_register("passwordU"
; ...
if ($valid_user)
{
print"<script languagua=javascript>\n";
print"window.location=\"page.php\";\n";
print"</script>\n";
}
--------------------------------------------
Then on page.php I try
<?
session_start();
if(isset($usernameU) && isset($passwordU))
{
print" Welcome back ".$usernameU."!";
}
I don't see any "welcome", and same with all pages, started from session_start();
But if I run login.php second time - all pages are OK.
sleipnir214
Programmer
I see several things that disturb me.
I this line:
if(!isset($usernameU) | !isset($passwordU)) {
You are both using bitwise-or ("|" when logical-or ("||" would be more appropriate.
You also seem to be referencing a form field your own code does not produce.
It also appears that you have register_globals turned on and that your code depends on that value. Read here in the PHP online manual: for reasons why you should instead be making references to $_POST and $_GET. In addition to the reasons specified in the manual, using the superglobals also makes your code easier to read -- you may not know six months from now where the value in $foo came from, but $_POST['foo'] is obvious.
The line should probably read:
if(!isset($_POST['usernameU']) || !isset($_POST['passwordU'])) {
These lines:
session_register("usernameU"
session_register("passwordU"
Again, because of the whole register_globals thing, the PHP online manual entry for session_register() recommends not using session_register() but in stead using references to the $_SESSION superglobal array. Your code should look something like:
$_SESSION['usernameU'] = <some value>;
$_SESSION['passwordU'] = <some value>;
Also, since the form you're producing doesn't have an entry for an element named "usernameU", the behavior of the first line above is going to be weird.
In page.php, you have similar problems with register_global dependent code.
Notice that the test code I posted made explicit use of the $_SESSION superglobal arrays. The superglobal arrays are your friends -- use them.
Want the best answers? Ask the best questions: TANSTAAFL!!
I this line:
if(!isset($usernameU) | !isset($passwordU)) {
You are both using bitwise-or ("|"
when logical-or ("||" would be more appropriate.You also seem to be referencing a form field your own code does not produce.
It also appears that you have register_globals turned on and that your code depends on that value. Read here in the PHP online manual: for reasons why you should instead be making references to $_POST and $_GET. In addition to the reasons specified in the manual, using the superglobals also makes your code easier to read -- you may not know six months from now where the value in $foo came from, but $_POST['foo'] is obvious.
The line should probably read:
if(!isset($_POST['usernameU']) || !isset($_POST['passwordU'])) {
These lines:
session_register("usernameU"
;session_register("passwordU"
; Again, because of the whole register_globals thing, the PHP online manual entry for session_register() recommends not using session_register() but in stead using references to the $_SESSION superglobal array. Your code should look something like:
$_SESSION['usernameU'] = <some value>;
$_SESSION['passwordU'] = <some value>;
Also, since the form you're producing doesn't have an entry for an element named "usernameU", the behavior of the first line above is going to be weird.
In page.php, you have similar problems with register_global dependent code.
Notice that the test code I posted made explicit use of the $_SESSION superglobal arrays. The superglobal arrays are your friends -- use them.
Want the best answers? Ask the best questions: TANSTAAFL!!
- Thread starter
- #9
- Status
Similar threads
- Locked
- Question