Sessions (2 Problems)

killaklown · 11-09-2007, 03:13 PM

I cant seem to get the data to display from the session, the code im using is below.

The header file contains the session_start(); and db information.

Heres my full login.php:

PHP Code:

  <? include'inc/header.php'; ?>

<div id="home">

<b>Please Login</b>

<hr noshade>

<p>

<center>

<? if(session_id()!=''){

echo'Your already logged in.';

}else{

?>

<?

if($_GET['i'] == "2") {

$email = stripslashes($_POST['email']);

$password = md5(stripslashes($_POST['password']));

 
$sql = mysql_query("SELECT * FROM members WHERE email='$email' AND password='$password'");

$login_check = mysql_num_rows($sql);

if($login_check > 0){

    while($row = mysql_fetch_array($sql)){

 
        $_SESSION['fullname'] = $row['fullname'];

        $_SESSION['address1'] = $row['address1'];

        $_SESSION['address2'] = $row['address2'];

        $_SESSION['city'] = $row['city'];

        $_SESSION['state'] = $row['state'];

        $_SESSION['country'] = $row['country'];

        $_SESSION['email'] = $row['email'];

        $_SESSION['paypal'] = $row['paypal'];

        $_SESSION['offers'] = $row['offers'];

        $_SESSION['completedoffers'] = $row['completedoffers'];

        $_SESSION['pendingoffers'] = $row['pendingoffers'];

        $_SESSION['pendingbalance'] = $row['pendingbalance'];    

        $_SESSION['balance'] = $row['balance'];

        

        mysql_query("UPDATE members SET lastlogin=now() WHERE email='$email'");

        

        echo'Login Successful';

         }

}else{

        echo 'The information you entered is not correct.';

}

 
    

 
}else{

?>

<form action="login.php?i=2" method="POST">

Email<br /> <input size="20" type="text" name="email" class="signup"> <br />

Password<br /> <input size="15" type="password" name="password" class="signup"> <br /><br />

<input type="submit" value="Login">

</form>

<?

}

}

?> 
</center>

</p>

</div>

<? include'inc/footer.php'; ?>

And heres a page where I want to show data from the session: (I tried with echo's to, but still didnt work)

PHP Code:

  <? include'inc/header.php'; ?>

<div id="home">

<? if(session_id()!=''){ ?>

<? include'inc/menu.php'; ?><br />

<hr noshade>

<br />

Full Name: <? $_SESSION['fullname']; ?> <br />

Address 1: <? $_SESSION['address1']; ?> <br />

Address 2: <? $_SESSION['address2']; ?><br />

City: <? $_SESSION['city']; ?><br />

State: <? $_SESSION['state']; ?><br />

Country: <? $_SESSION['country']; ?><br />

Zip Code: <? $_SESSION['zip']; ?><br /> <br />

<br />

 
<input type="submit" value="Change">

<?

}else{

echo'Your Not Logged In.';

}

?>

</div>

<? include'inc/footer.php'; ?>

My next problem is that the session_destroy() isnt working... heres the code

PHP Code:

  <? include'inc/header.php';  ?>

<div id="home">

<b>Logging Out</b>

<hr noshade>

<p>

<center>

<? if(session_id()!=''){ 

 
session_destroy();

 
?>

You have been logged out.

<?

}else{

?>

Your not logged in.

<?

}

?>

</center>

</p>

</div>

<? include'inc/footer.php'; ?>

Peter · 11-09-2007, 03:55 PM

In login.php you have a while loop. You do not need this loop as you are retrieving 1 row and I believe this is causing your problem (the session is not being populated)

Regarding the session destroy. In which way is it not working? Just a note depending on what is in header (ie how it decides on whether to create a session) your else statement in the last piece of code will never be invoked as session_id() will always contain a session id.

I tend to set a constant that declares whether someone is signed in or not. When it comes to the sign out script I check whether that constant is true or false.

Although not related to your problem, you are using short tags I highly advise that you stop using them and use the full tags. Some servers have short tags disabled. Standard PHP tags are the only ones guaranteed to work on any server running PHP.

killaklown · 11-09-2007, 04:02 PM

Quote:

Originally Posted by peter@flexiwebhost

Regarding the session destroy. In which way is it not working?

its doing this code

PHP Code:

  session_destroy();

 
?>

You have been logged out.

but its still logged into the areas where i need the session

My header just contains:

PHP Code:

  <? session_start();

include'inc/db.php'; ?>

What do you mean by short tags? I used the code a tutorial had, because Ive never done sessions before... :/

I cant test what you said for the login, because i dont know how to logout :P

Quote:

I tend to set a constant that declares whether someone is signed in or not. When it comes to the sign out script I check whether that constant is true or false.

How would i do this? Would it be something like (in the login.php)

PHP Code:

  $_SESSION['login'] = true;

and then if the page requires a session, you do

PHP Code:

  if($_SESSION['login'] == true){

//Stuff

}else{

// Not Logged In

}

and would the logout be

PHP Code:

  unset($_SESSION['login']);

Peter · 11-09-2007, 04:09 PM

short tags are <? ideally you should always use <?PHP

A problem you have in your pages is that if(session_id()!='') is never going to be met as at the start of every page load you call session_start() so a session id will always be present.

killaklown · 11-09-2007, 04:13 PM

Quote:

Originally Posted by peter@flexiwebhost

short tags are <? ideally you should always use <?PHP

Oh, i guess thats just a habit now...

Quote:

Originally Posted by peter@flexiwebhost

A problem you have in your pages is that if(session_id()!='') is never going to be met as at the start of every page load you call session_start() so a session id will always be present.

How would i fix that?

Peter · 11-09-2007, 04:13 PM

Quote:

Originally Posted by killaklown

How would i do this? Would it be something like (in the login.php)

PHP Code:

  $_SESSION['login'] = true;

a constant is defined in a manner such as:-

PHP Code:

  define('LOGGED_IN',true);

but the code you showed is a possible method. If you do this then you can check if the person is logged in by doing:-

if($_SESSION['login'])

to logout you would still simply do session_destroy

killaklown · 11-09-2007, 04:18 PM

Thanks, +rep

Gonna try that way, and see what happens.

Yep, that fixed the data showing problem, and the logout problem.

(getting rid of the 'while' part gave me a white page, so i put it back in, and it worked)

Thanks again! (i think i was going to pull some hair out if i couldnt get it fixed today

)

I just have one question, would doing "$_SESSION['login'] = true;" limit the number of people who can be online at a time?

Would it better to use "define('LOGGED_IN',true);" instead?

killaklown · 11-10-2007, 08:33 AM

im confused...

It worked yesterday, I didnt touch anything and today i went to login and it says it was successful, but the session isnt starting..

Peter · 11-10-2007, 08:44 AM

pm'd you

11-09-2007, 03:13 PM	#1 (permalink)
killaklown Senior Member Join Date: Oct 2003 Location: Winnipeg, Canada Posts: 3,472 5.31 NP$ (Donate)	Sessions (2 Problems) I cant seem to get the data to display from the session, the code im using is below. The header file contains the session_start(); and db information. Heres my full login.php: PHP Code: <? include'inc/header.php'; ?> <div id="home"> <b>Please Login</b> <hr noshade> <p> <center> <? if(session_id()!=''){ echo'Your already logged in.'; }else{ ?> <? if($_GET['i'] == "2") { $email = stripslashes($_POST['email']); $password = md5(stripslashes($_POST['password'])); $sql = mysql_query("SELECT * FROM members WHERE email='$email' AND password='$password'"); $login_check = mysql_num_rows($sql); if($login_check > 0){ while($row = mysql_fetch_array($sql)){ $_SESSION['fullname'] = $row['fullname']; $_SESSION['address1'] = $row['address1']; $_SESSION['address2'] = $row['address2']; $_SESSION['city'] = $row['city']; $_SESSION['state'] = $row['state']; $_SESSION['country'] = $row['country']; $_SESSION['email'] = $row['email']; $_SESSION['paypal'] = $row['paypal']; $_SESSION['offers'] = $row['offers']; $_SESSION['completedoffers'] = $row['completedoffers']; $_SESSION['pendingoffers'] = $row['pendingoffers']; $_SESSION['pendingbalance'] = $row['pendingbalance']; $_SESSION['balance'] = $row['balance']; mysql_query("UPDATE members SET lastlogin=now() WHERE email='$email'"); echo'Login Successful'; } }else{ echo 'The information you entered is not correct.'; } }else{ ?> <form action="login.php?i=2" method="POST"> Email<br /> <input size="20" type="text" name="email" class="signup"> <br /> Password<br /> <input size="15" type="password" name="password" class="signup"> <br /><br /> <input type="submit" value="Login"> </form> <? } } ?> </center> </p> </div> <? include'inc/footer.php'; ?> And heres a page where I want to show data from the session: (I tried with echo's to, but still didnt work) PHP Code: <? include'inc/header.php'; ?> <div id="home"> <? if(session_id()!=''){ ?> <? include'inc/menu.php'; ?><br /> <hr noshade> <br /> Full Name: <? $_SESSION['fullname']; ?> <br /> Address 1: <? $_SESSION['address1']; ?> <br /> Address 2: <? $_SESSION['address2']; ?><br /> City: <? $_SESSION['city']; ?><br /> State: <? $_SESSION['state']; ?><br /> Country: <? $_SESSION['country']; ?><br /> Zip Code: <? $_SESSION['zip']; ?><br /> <br /> <br /> <input type="submit" value="Change"> <? }else{ echo'Your Not Logged In.'; } ?> </div> <? include'inc/footer.php'; ?> My next problem is that the session_destroy() isnt working... heres the code PHP Code: `<? include'inc/header.php'; ?> <div id="home"> <b>Logging Out</b> <hr noshade> <p> <center> <? if(session_id()!=''){ session_destroy(); ?> You have been logged out. <? }else{ ?> Your not logged in. <? } ?> </center> </p> </div> <? include'inc/footer.php'; ?>`

11-09-2007, 03:55 PM	#2 (permalink)
Peter Senior Member Join Date: Nov 2003 Location: Scotland Posts: 4,900 0.60 NP$ (Donate)	In login.php you have a while loop. You do not need this loop as you are retrieving 1 row and I believe this is causing your problem (the session is not being populated) Regarding the session destroy. In which way is it not working? Just a note depending on what is in header (ie how it decides on whether to create a session) your else statement in the last piece of code will never be invoked as session_id() will always contain a session id. I tend to set a constant that declares whether someone is signed in or not. When it comes to the sign out script I check whether that constant is true or false. Although not related to your problem, you are using short tags I highly advise that you stop using them and use the full tags. Some servers have short tags disabled. Standard PHP tags are the only ones guaranteed to work on any server running PHP. __________________ Manage your portfolio using my new Domain Portfolio Management script. Securing Your Domain Name From Theft

11-09-2007, 04:09 PM	#4 (permalink)
Peter Senior Member Join Date: Nov 2003 Location: Scotland Posts: 4,900 0.60 NP$ (Donate)	short tags are <? ideally you should always use <?PHP A problem you have in your pages is that if(session_id()!='') is never going to be met as at the start of every page load you call session_start() so a session id will always be present. __________________ Manage your portfolio using my new Domain Portfolio Management script. Securing Your Domain Name From Theft

11-09-2007, 04:18 PM	#7 (permalink)
killaklown Senior Member Join Date: Oct 2003 Location: Winnipeg, Canada Posts: 3,472 5.31 NP$ (Donate)	Thanks, +rep Gonna try that way, and see what happens. Yep, that fixed the data showing problem, and the logout problem. (getting rid of the 'while' part gave me a white page, so i put it back in, and it worked) Thanks again! (i think i was going to pull some hair out if i couldnt get it fixed today ) I just have one question, would doing "$_SESSION['login'] = true;" limit the number of people who can be online at a time? Would it better to use "define('LOGGED_IN',true);" instead? Last edited by killaklown; 11-09-2007 at 04:47 PM.

11-10-2007, 08:44 AM	#9 (permalink)
Peter Senior Member Join Date: Nov 2003 Location: Scotland Posts: 4,900 0.60 NP$ (Donate)	pm'd you __________________ Manage your portfolio using my new Domain Portfolio Management script. Securing Your Domain Name From Theft

11-10-2007, 08:33 AM	#8 (permalink)
killaklown Senior Member Join Date: Oct 2003 Location: Winnipeg, Canada Posts: 3,472 5.31 NP$ (Donate)	im confused... It worked yesterday, I didnt touch anything and today i went to login and it says it was successful, but the session isnt starting..

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)