Newbie Sessions Question

**WALoeIII** · Jun 11, 2001 22:30

I am just getting into sessions, and I have a problem where my login page, just tells me I have an illegitimate user and it keeps asking me to login endlessly. I don't really know what I did wrong, and I am getting kind of frustrated by my lack of understanding as to what is going on. Heres what I have so far:

PHP Code:


<?php

$title="JuniorSailing.com » Programs » Bucktown » Admin » Login";

include("$DOCUMENT_ROOT/includes/header.php");

?>

<font class="main_header">Bucktown Administration</font><br>

<font class="standard">Please Login</font><br><br>

<form action="/programs/bucktown/admin/login.php" method="post">

<table cellpadding="3" cellspacing="0" border="0">

    <tr>

    <td valign="middle" align="left">Username:</td>

    <td valign="middle" align="left"><input type="text" name="username"></td>

    </tr>

    <tr>

    <td valign="middle" align="left">Password:</td>

    <td valign="middle" align="left"><input type="password" name="password"></td>

    </tr>

    <tr>

    <td valign="middle" align="left">&nbsp;</td>

    <td valign="middle" align="left"><input type="submit" value="Login"> <input type="reset" value="Reset"></td>

    </tr>

</table>

</form>

<?php

include("$DOCUMENT_ROOT/includes/footer.php");

?>

Thats the simple login page, here's the login script:

PHP Code:


<?php

include("$DOCUMENT_ROOT/includes/global.php");

dbconnect("bucktown");

// check login and password

// connect and execute query

$result = safe_query("SELECT id, name, password from admin WHERE name ='".$username."' AND password = '".$password."'");

if (mysql_num_rows($result) == 1)

    {

    // initiate a session

    session_start();



    // register the user's ID

    session_register("SESSION_UID");

    list($id, $username, $password) = mysql_fetch_row($result);

    $SESSION_UID = $id;



    // redirect to main page

    header("Location:/programs/bucktown/admin/trailer_admin.php");

    }

else

    // login/pass check failed

    {

    // redirect to error page

    header("Location:/programs/bucktown/admin/index.php");

    exit;

    }

?>

This page in theory should authorize the person if there is a matching row, or take them back to the little login page.

Then on the top of every page I want authenticated I have this:

PHP Code:


// check to ensure valid session, else redirect

session_start();

if (!session_is_registered("SESSION_UID"))

{

header("Location:/programs/bucktown/admin/index.php");

exit;

}

Any ideas where I went wrong? I looked in the php manual, but it didn't really help me, it just listed the functions. Where can I find a good tutorial on this? Sitepoint doesn't have very much at all.

**slighltywhacked** · Jun 11, 2001 22:37

You have...

session_start();

session_register("SESSION_UID");
...STUFF....
$SESSION_UID = $id;

I think you have to give the variable a value ($session_uid) a value before u register it, you can hten later change it like a normal variable, but it has to be defined before u reister it.. I might be wrong in this though

good luck

**WALoeIII** · Jun 11, 2001 22:40

I think thats what register does, and it give it some random number.

**nguip** · Jun 12, 2001 00:06

I'm new to session also...

But, as far as I know.. snozzy u r right.

I don't see anything wrong with your session.. maybe there is other error somewhere..

Sorry.. cann't really help...

**nguip** · Jun 12, 2001 00:34

Just some quickies for troubelshooting session I read from a php book...

1. Make sure that your session support exists and is doing what you think it is.

2. If sessions are not working and giving errors, check the pathname returned by session_save_path(), and make sure it exists and is PHP writable. If not, you should make it so or change the value of 'session.save_path' in php.ini.

BTW, can you get a value for session_id() ?

Hope this help..

**WALoeIII** · Jun 12, 2001 06:51

I am pretty sure they are working, I have vB installed, and that runs with no problems, and I also have a small script that I used to test them:

PHP Code:


<?php

session_register ("count");

$count++;

?>



Hello visitor, you have seen this page <?php echo $count; ?> times.<p>



To continue, <A HREF="test.php?<?=SID?>">click here</A>

**WALoeIII** · Jun 12, 2001 07:42

Ok, I played around with it a little bit, and I think that the variable SESSION_UID isn't being set, I had login.php page redirect to a dummy page that would echo the SESSION_UID, and when I did, nothing happened. I also watched the status bar very closely, and it seems that it is the final page with the small little blurb on top that keeps sending me back to login agian, and this would confirm the lack of SESSION_UID. So does anyone know how to set that?

**WALoeIII** · Jun 12, 2001 19:26

Someone please help me!

**slighltywhacked** · Jun 12, 2001 19:28

like I said..I think u have declare the var before u register it.. thats what it was in my case

**WALoeIII** · Jun 12, 2001 21:13

I don't know what you mean, can you give an example?

**slighltywhacked** · Jun 12, 2001 21:32

session_start();
$SESSION_UID = $id;
session_register("SESSION_UID");

**timnz** · Jun 13, 2001 01:18

Unless session_uid is a constant variable, which it isn't, it should read this:

session_register("$SESSION_UID");

Notice the $ in front of SESSION_UID.

And you don't need to assign anything to a variable first. I think you have to in PHP3, but in PHP4 you can get away with eg:

session_register("$variable");

$variable = 'hello';

Hope this helps.

**WALoeIII** · Jun 13, 2001 06:32

I'm on PHP4, I'll try that

**WALoeIII** · Jun 13, 2001 06:45

Does anyone know where I can find a good sessions tutorial? I can't make this work.

**slighltywhacked** · Jun 13, 2001 09:12

dont think u put $ in the session_register()

**freddydoesphp** · Jun 13, 2001 10:15

You don't put the $ in front of the var name in the the session_register

it should be

session_register('SESSION_UID');

And you can assign a value to the session value after you have registered it. I suggest you have the login redirect to a dummy page like you did before and on that pag echo the session id ususallly $PHPSESSID by default. Then find the file that is holding the session data usually in the /tmp folder and open it up there you will be able to see whether or not the value is getting written to the session file.

**zoordaan** · Jun 13, 2001 12:25

Try phpbuilder for tutorials on sessions:
http://www.phpbuilder.com/columns/mattias20000312.php3

Newbie network:
http://www.newbienetwork.net/section...ticle&artid=14

Sitepoint:
http://www.webmasterbase.com/article.php?aid=319

Devshed:
http://www.devshed.com/Server_Side/PHP/Commerce2/

**timnz** · Jun 13, 2001 21:05

Sorry about the session_register() thing, should have checked before I commented, teach me right for thinking I'm a genius when I'm not

**WALoeIII** · Jun 14, 2001 09:14

OK, I'm playing with kev's tutorial. I'll see how that goes.

**WALoeIII** · Jun 15, 2001 21:23

Its not me! there is something with the server, that isn't letting me use sessions, I am working on it right now, so thanks for the help, I think I had it right the first time!

User Tag List

Thread: Newbie Sessions Question

Thread Tools

Display

Newbie Sessions Question

Sorry

YEAH!

Bookmarks

Bookmarks

Posting Permissions