SitePoint Sponsor

User Tag List

Results 1 to 5 of 5

Thread: Session Help

  1. #1
    SitePoint Addict
    Join Date
    May 2008
    Location
    Missouri, USA
    Posts
    273
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Session Help

    I'm working on getting a login script to work. In the function below it is supposed to get the session_id and save it to the database. However, when i look in the database the session field is blank (but the ip is saving properly). Any ideas on why a session id is not being generated?

    PHP Code:
            public function _setSession(&$values$remember$init true) {
                    
    $this->id $values['user_id'];
                    
    $_SESSION['uid'] = $this->id;
                    
    $_SESSION['username'] = htmlspecialchars($values['username']);
                    
    $_SESSION['cookie'] = $values['cookie'];
                    
    $_SESSION['logged'] = true;

                    if (
    $remember) {
                            
    $this->updateCookie($values['cookie'], true);
                    }

                    if (
    $init) {
                            
    $session session_id();
                            
    $ip $_SERVER['REMOTE_ADDR'];

                            
    $this->db->saveRecord('users', array('session' => $session'ip' => $ip), array('user_id' => $this->id));
                    }
            } 
    This is a sample array of the information as it is being sent to the method.

    PHP Code:
    Array ( [user_id] => [username] => bar338 [password] => my password in sha1 [cookie] => [session] => [ip] => my ip address [email] => my email address [user_level] => 10 [addDate] => 0000-00-00 00:00:00 [changeDate] => 2009-07-29 14:10:20 
    and remember is set to true.

    Thanks for the help.
    The original script im modifying can be found here:
    http://www.mtdev.com/2002/07/creatin...p-login-script

  2. #2
    SitePoint Wizard cmuench's Avatar
    Join Date
    Jul 2005
    Location
    At my computer
    Posts
    2,251
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Can you replace this line of code?
    $session = session_id();
    with the following block? then let me know what it echoed.
    PHP Code:
    if(session_id() == "")
    {
    session_start();
    echo 
    "new session";
    echo 
    session_id();
    }
    else
    {
    $session session_id();
    echo 
    "existing session";
    echo 
    session_id();



  3. #3
    SitePoint Addict
    Join Date
    May 2008
    Location
    Missouri, USA
    Posts
    273
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    this is what prints:
    new sessionf8b7079a27a763341006f55fceaae54b

    I honestly don't know much about sessions. I've done login scripts before but they've been very insecure. So this time around i'm trying to learn a more secure way of going about it.

    From this debug it appears as if the session is not being created initially. Looking through the login code i don't see anywhere that starts the new session. And i don't have session_start(); anywhere in my code. This is most likely the problem right? Where do i need to start the session? or is something else causing the problem.

    Thanks for your help.

  4. #4
    SitePoint Wizard cmuench's Avatar
    Join Date
    Jul 2005
    Location
    At my computer
    Posts
    2,251
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    session_start() has to be at the top of your page.
    And that is definetly the problem. Just be sure to take out the code I gave you and put your line back in.

  5. #5
    SitePoint Addict
    Join Date
    Oct 2008
    Posts
    295
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You need to start the session in the very beginning of each file that is going to use session variables.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •