SitePoint Sponsor

User Tag List

Results 1 to 10 of 10
  1. #1
    SitePoint Member
    Join Date
    Oct 2008
    Posts
    24
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Problem with session

    Hello everybody,

    I have weird situation with starting session on my site. Locally, everything works fine, but on remote server, when I try to login, session is not started. Actually, when I put a message to see session id, it was not empty, but $_SESSION variables are empty.

    Here is my code:

    Code:
    <?php session_start();
    session_regenerate_id();
    $logovan = $_GET['ime'];
    $proizvod = $_GET['proizv'];
      if ($logovan != '')
      {
      $_SESSION['sesija_sesname'] = session_id();
      $_SESSION['sesija_loguser'] = $logovan;
      $_SESSION['sesija_tekuca_kat'] = 0; 
      $_SESSION['sesija_artikal'] = $proizvod;
      $_SESSION['sesija_korpa'] = ''; 
      $_SESSION['sesija_ukupna_cena'] = 0;
      $_SESSION['sesija_ukupno_artikala'] = 0;
      if ($proizvod == '')
      {go page1}
      else
      {go page2}
    
      }
    ?>

    Any help would be apriciated.

    Tnx in advance,
    Nati

  2. #2
    SitePoint Wizard bronze trophy
    Join Date
    Jul 2008
    Posts
    5,757
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Turn up error reporting
    PHP Code:
    <?php
    // top of script
    ini_set('display_errors'1);
    error_reporting(E_ALL);
    As far as {go page1} goes, is this a redirect, or an include? Provide details.

  3. #3
    SitePoint Member
    Join Date
    Oct 2008
    Posts
    24
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Two lines of my code "go page1" and "go page2" should be header commands for going on certain pages depending on condition, but SitePoint didn't allow me to post links .

    I put a code for error reporting and nothing happend, no errors at all.

    I still don't understand why session variables are empty.

  4. #4
    SitePoint Member
    Join Date
    Oct 2008
    Posts
    24
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi again,

    I've added two echo commands (with error reporting), to see if I'll get some information.

    Here is my new code:

    PHP Code:
    <?php
    ini_set
    ('display_errors'1); 
    error_reporting(E_ALL);  
    session_start();
    session_regenerate_id();
    $logovan $_GET['ime'];
    $proizvod $_GET['proizv'];
      if (
    $logovan != '')
      {
      
    $_SESSION['sesija_sesname'] = session_id();
      echo 
    "Session id: ".session_id();
      echo 
    "Variable session is: ".$sesija_sesname;
      
    $_SESSION['sesija_loguser'] = $logovan;
      
    $_SESSION['sesija_tekuca_kat'] = 0
      
    $_SESSION['sesija_artikal'] = $proizvod;
      
    $_SESSION['sesija_korpa'] = ''
      
    $_SESSION['sesija_ukupna_cena'] = 0;
      
    $_SESSION['sesija_ukupno_artikala'] = 0;
      if (
    $proizvod == '')
      {
    header('Location: index.php');}
      else
      {
    header('Location: detail.php');}
      }
    ?>
    And what I get is:

    Session id: b5fabfc37ac58788f89641fb28db0ffb
    Notice: Undefined variable: sesija_sesname in /home/fuzzy/domains/djordjeweb.nl/public_html/compshop/sesija.php on line 12
    Variable session is:
    Warning: Cannot modify header information - headers already sent by (output started at /home/fuzzy/domains/djordjeweb.nl/public_html/compshop/sesija.php:11) in /home/fuzzy/domains/djordjeweb.nl/public_html/compshop/sesija.php on line 20

    Header warning is because of echo command, so it doesn't metter.

    What is important is that session_id exists, but $_SESSION variables are empty.

    Any conclusion?

    Tnx,
    Nati

  5. #5
    SitePoint Member
    Join Date
    Oct 2008
    Posts
    24
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Here I am one more time .

    I found what made my session didn't work, but I still don't understand why .

    Firstly I've changed a line of code in my previous post:

    PHP Code:
    echo "Variable session is: ".$sesija_sesname
    With next line:

    PHP Code:
    echo "Variable session is: ".$_SESSION['sesija_sesname']; 
    And I've got a session variable is not empty. Then I made changes to other pages which use session variables and wrote $_SESSION['blabla'] instead of $blabla and now it works!

    What I am confused about is that I thought (obviously wrong ) session variables should be declared as $_SESSION['blabla'] once and lately could be referenced to as $blabla. That worked fine at my local enviroment.

    What can cause that works in one enviroment and doesn't work in another?
    And what is correct way to do?

    Tnx a lot!
    Nati

  6. #6
    SitePoint Wizard bronze trophy
    Join Date
    Jul 2008
    Posts
    5,757
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    when register_globals is on, $_SESSION['blabla'] and $blabla behave as the same variable. Changing one changes the other.

  7. #7
    SitePoint Member
    Join Date
    Oct 2008
    Posts
    24
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Thumbs up

    So, as I don't have access to php.ini on remote server and I don't know if register_globals is on or off, it's clear I should always use $_SESSION['blabla'].

    Tnx for help !
    Nati

  8. #8
    Theoretical Physics Student bronze trophy Jake Arkinstall's Avatar
    Join Date
    May 2006
    Location
    Lancaster University, UK
    Posts
    7,062
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Correct.

    Please turn off Register_Globals on your sever; for your sake.
    Jake Arkinstall
    "Sometimes you don't need to reinvent the wheel;
    Sometimes its enough to make that wheel more rounded"-Molona

  9. #9
    SitePoint Wizard frank1's Avatar
    Join Date
    Oct 2005
    Posts
    1,392
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    i have a pages which is hit by around 100 user at a given instance..
    is it ideal to use...
    session_regenerate_id();
    blindly as done in this script..
    what will be its effects to the server performance...

    ok it may step to mitigate session hijacking but...

  10. #10
    SitePoint Addict Latox's Avatar
    Join Date
    Dec 2008
    Location
    Australia
    Posts
    389
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You don't need server access to turn off RegisterGlobals.

    You can do it serverside by editing .htaccess -

    Code:
    php_flag register_globals 0
    <-- IF THAT DOESN'T WORK -->

    Code:
    php_flag register_globals off
    Add that to your htaccess file.

    Also, if your SESSION variables are empty, check it is getting the info from the URL.

    PHP Code:
    <? echo $proizvod?>
    :-)


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •