Hi. So I’ve been learning Php Sql on my own. Most of the projects I do are never published and only run on my local host. My boss asked me to creat a survey for him just to get basic feedback from his customers. I have finished the project and all works great on my local host. However when I upload the files too his site the sessions are not. I can’t post code at this time as I am on my mobile. But I’ll try to explain my code and put basic script for the time being.
One my index page the customer is asked for their valid ten digit code given to them at the time of visit. When they enter the code it is checked against the database(is the code valid, has it been used) if the code is valid I use session_start(). I assign $_SESSION[‘code’]), and redirect to the next page. When I check if(!isset($_SESSION[‘code’])) { die('error message ')} else { run code }. It does not see the session as set and kills the script. What can I be missing? The site is hosted through yahoo small business and everything that I have read says that if you have a sub directory named tmp that all session data is kept their. I can see the session being created and stored in tmp.
Are you running session_start() on the second script?
Thanks K. Wolfe
Yes I am running session_start() on the second page. I called yahoo customer support and tried to explain the situation. The guy I talked to was not very knowledgable when it came to php (not to say I’m an expert) but he said a co worker said something about needing to direct the session to the directory that the session is stored. I not sure but I don’t see this as solving the problem. Since when I start the session one the first page and set the session I can echo the session and all is fine. The problem is on the pages after.
Make sure session_start() is called before ANYTHING is sent to the browser… not even a space before the opening <?php tag.
Thanks Drumming
Not sure what you mean though, like this <?phpsession_start() ?> <HTML>
I will be home in like 20 minutes and can post the current code then.
he means don’t add any spaces before the <?php begging tag. it needs to be on the first line of code. the next line of code is session_start();. then you can start sending stuff to the screen if you need to.
<?php
session_start();
// do stuff here
?>
<!-- any other stuff here->
No, what I was referring to is any space before your opening tag. Without a good way to show it I will put a :mad: where a space might be.
:mad:<?php
session_start();
You don’t want any output to the browser.
Edit: well that didn’t exactly show as I expected but the point is nothing before the opening tag,
It doesn’t have to be your first line of code but it does have to be called before output and before accessing session cookie.
Okay can post the code I am working with now.
index.php
else {
session_start();
$_SESSION['code'] = $code;
print "<script language='Javascript'>document.location.replace('visitdate.php');</script>";
}
I can echo $_SESSION[‘code’]; on this page and comment out the line that redirects and it displays the the session.
on page 2
<?php
session_start();
if(!isset($_SESSION['code'])){
die('<div align="center"><h1>Error! Access denied.</h1><input type="button" value="Go back" onclick="goBack()"></div>');
}
else {
else {
session_start();
$_SESSION['code'] = $code;
print "<script language='Javascript'>document.location.replace('visitdate.php');</script>";
}
Do yourself a favor and move that session_start() to the top of the page. Not sure what other code you have going above but it must be before output, print(), echo, html or white-space.
Just because you can echo $_SESSION[‘code’] on the same page where you define the value, doesn’t mean it is stored to session. At this point it’s like a variable or array that you have set a value for.
Thank You! Drummin, bbolte and K. Wolfe. I moved seesion_start(); to the top of the page and all is working. But it is not clearing the session on the last page after the survey is inserted. Code that I think should be working is below.
$updatequery = 'UPDATE codes SET status = "1", redeemCode = "'.$redeemcode.'" WHERE code = "'.$code1.'" ';
$add_member = mysql_query($updatequery);
if(!mysql_query($updatequery)){
die('error updateing');
}
session_destroy();
}
Do i have to destroy every session individually?
You’ll need to use unset() to unset any session variables or they will still be there when you call session_start() again. So you should do both.
unset($_SESSION['code']);
session_destroy();
Thanks again Drummin! All is working fine now. Can I just get you opinion on one thing. I am saving all the answers to the survey to a session like $_SESSION[‘q1’] = $_POST[‘q1’]; $_SESSION[‘q2’'] = $_POST[‘q2’]; I am doing this because after the first set of questions they might be redirected to a couple of different pages depending on their answer to a question. And instead of making multiple inserts to the db or using $_GET from the url I am saving all to session. Does this seem like an okay way to handle this?
Yes, saving data to session gathered through multiple questions and /or pages is fine (never use get) but make sure you escape your data with mysql_real_escape_string() before insert. IT IS highly recommended to move away from mysql to mysqli or PDO. I like PDO myself.
Thanks again most of the data collected is from radio selections (check yes or no/ rate 1-5). But I do use mysql_real_escape_string($_POST['q10 ']. When it is a user supplied answer. Since I provide the value for the radio options I should be fine just posting them to the session then to the DB right?
Instead of answering if I think that’s OK, let me offer a PDO example which will automatically escape and quote values when you Bind the parameter. It’s really very simple.
conn.php
<?php
$host = "localhost";
//MySQL Database user name.
$login = "";
//Password for MySQL.
$dbpass = "";
//MySQL Database name.
$dbname = "";
//Establish a connection
$db = new PDO("mysql:host=localhost;dbname=$dbname", "$login", "$dbpass");
//Add session_start to top of each page//
session_start();
?>
Sample INSERT query
<?php
require_once("conn.php");
if (isset($_POST['Add_Data'])){
$query = $db->prepare("INSERT INTO questions (q1,q2,q3,q4) VALUES(:q1,:q2,:q3,:q4)");
$query->bindParam(":q1", $_SESSION['q1']);
$query->bindParam(":q2", $_SESSION['q2']);
$query->bindParam(":q3", $_SESSION['q3']);
$query->bindParam(":q4", $_SESSION['q4']);
$query->execute();
}
?>
At first I had all of mysql as mysqli all worked fine but when I uploaded my files I was not even able to connect to the database. After a couple of hours of messing around and researching I tried changing to mysql and it all work fine. I am still working on finding out why mysqli was working on my localhost but not when i uploaded it. This is the config.php file i was trying to use
<?php
$db = new mysqli("host", "root", "", "database");
/* check connection */
if ($db->connect_errno) {
printf("Connect failed: %s\
", $mysqli->connect_error);
exit();
}
date_default_timezone_set('America/Denver');
?>
This is the first script i have tried in mysqli and could not make it work so I switched back until i figure it out.
You need to create a user with a password for this database on your hosted site. Even for local, you should do this and not use root default user.
Yes I had all the correct host/user/pass/database when it was uploaded. I didn’t post here though.
mysqli may not be enabled. if you have access, you’ll have to enable the extension, otherwise you’ll need to have your hosting company enable it for you.