Sessions (2 Problems)

[killaklown]

I cant seem to get the data to display from the session, the code im using is below.


The header file contains the session_start(); and db information.

Heres my full login.php:

<? include'inc/header.php'; ?>
<div id="home">
<b>Please Login</b>
<hr noshade>
<p>
<center>
<? if(session_id()!=''){
echo'Your already logged in.';
}else{
?>
<?
if($_GET['i'] == "2") {
$email = stripslashes($_POST['email']);
$password = md5(stripslashes($_POST['password']));

$sql = mysql_query("SELECT * FROM members WHERE email='$email' AND password='$password'");
$login_check = mysql_num_rows($sql);
if($login_check > 0){
    while($row = mysql_fetch_array($sql)){

        $_SESSION['fullname'] = $row['fullname'];
        $_SESSION['address1'] = $row['address1'];
        $_SESSION['address2'] = $row['address2'];
        $_SESSION['city'] = $row['city'];
        $_SESSION['state'] = $row['state'];
        $_SESSION['country'] = $row['country'];
        $_SESSION['email'] = $row['email'];
        $_SESSION['paypal'] = $row['paypal'];
        $_SESSION['offers'] = $row['offers'];
        $_SESSION['completedoffers'] = $row['completedoffers'];
        $_SESSION['pendingoffers'] = $row['pendingoffers'];
        $_SESSION['pendingbalance'] = $row['pendingbalance'];	
        $_SESSION['balance'] = $row['balance'];
		
        mysql_query("UPDATE members SET lastlogin=now() WHERE email='$email'");
		
		echo'Login Successful';
		 }
}else{
		echo 'The information you entered is not correct.';
}

	

}else{
?>
<form action="login.php?i=2" method="POST">
Email<br /> <input size="20" type="text" name="email" class="signup"> <br />
Password<br /> <input size="15" type="password" name="password" class="signup"> <br /><br />
<input type="submit" value="Login">
</form>
<?
}
}
?> 
</center>
</p>
</div>
<? include'inc/footer.php'; ?>

And heres a page where I want to show data from the session: (I tried with echo's to, but still didnt work)

<? include'inc/header.php'; ?>
<div id="home">
<? if(session_id()!=''){ ?>
<? include'inc/menu.php'; ?><br />
<hr noshade>
<br />
Full Name: <? $_SESSION['fullname']; ?> <br />
Address 1: <? $_SESSION['address1']; ?> <br />
Address 2: <? $_SESSION['address2']; ?><br />
City: <? $_SESSION['city']; ?><br />
State: <? $_SESSION['state']; ?><br />
Country: <? $_SESSION['country']; ?><br />
Zip Code: <? $_SESSION['zip']; ?><br /> <br />
<br />

<input type="submit" value="Change">
<?
}else{
echo'Your Not Logged In.';
}
?>
</div>
<? include'inc/footer.php'; ?>

My next problem is that the session_destroy() isnt working... heres the code

<? include'inc/header.php';  ?>
<div id="home">
<b>Logging Out</b>
<hr noshade>
<p>
<center>
<? if(session_id()!=''){ 

session_destroy();

?>
You have been logged out.
<?
}else{
?>
Your not logged in.
<?
}
?>
</center>
</p>
</div>
<? include'inc/footer.php'; ?>

 

[Peter]

In login.php you have a while loop. You do not need this loop as you are retrieving 1 row and I believe this is causing your problem (the session is not being populated)

Regarding the session destroy. In which way is it not working? Just a note depending on what is in header (ie how it decides on whether to create a session) your else statement in the last piece of code will never be invoked as session_id() will always contain a session id.

I tend to set a constant that declares whether someone is signed in or not. When it comes to the sign out script I check whether that constant is true or false.

Although not related to your problem, you are using short tags I highly advise that you stop using them and use the full tags. Some servers have short tags disabled. Standard PHP tags are the only ones guaranteed to work on any server running PHP.

 

[killaklown]

Regarding the session destroy. In which way is it not working?

its doing this code

session_destroy();

?>
You have been logged out.

but its still logged into the areas where i need the session


My header just contains:

<? session_start();
include'inc/db.php'; ?>

What do you mean by short tags? I used the code a tutorial had, because Ive never done sessions before... :/


I cant test what you said for the login, because i dont know how to logout :P

I tend to set a constant that declares whether someone is signed in or not. When it comes to the sign out script I check whether that constant is true or false.

How would i do this? Would it be something like (in the login.php)

$_SESSION['login'] = true;

and then if the page requires a session, you do

if($_SESSION['login'] == true){
//Stuff
}else{
// Not Logged In
}

and would the logout be

unset($_SESSION['login']);

 

[Peter]

short tags are <? ideally you should always use <?PHP

A problem you have in your pages is that if(session_id()!='') is never going to be met as at the start of every page load you call session_start() so a session id will always be present.

 

[killaklown]

short tags are <? ideally you should always use <?PHP

Oh, i guess thats just a habit now...

A problem you have in your pages is that if(session_id()!='') is never going to be met as at the start of every page load you call session_start() so a session id will always be present.

How would i fix that?

 

[Peter]

How would i do this? Would it be something like (in the login.php)

$_SESSION['login'] = true;

a constant is defined in a manner such as:-

define('LOGGED_IN',true);

but the code you showed is a possible method. If you do this then you can check if the person is logged in by doing:-

if($_SESSION['login'])

to logout you would still simply do session_destroy

 

[killaklown]

Thanks, +rep


Gonna try that way, and see what happens.

Yep, that fixed the data showing problem, and the logout problem.

(getting rid of the 'while' part gave me a white page, so i put it back in, and it worked)

Thanks again! (i think i was going to pull some hair out if i couldnt get it fixed today )



I just have one question, would doing "$_SESSION['login'] = true;" limit the number of people who can be online at a time?



Would it better to use "define('LOGGED_IN',true);" instead?

 

[killaklown]

im confused...

It worked yesterday, I didnt touch anything and today i went to login and it says it was successful, but the session isnt starting..

 

[Peter]

pm'd you