...

View Full Version : Session Variables Resetting Due to Code - Help Please



dacoder96
01-24-2010, 01:40 AM
Hi,

I am currently coding a Blog for multiple users and I am having problems with session variables.

Here is my problem;

I have several pages for logging in and then an index.
No matter what you are (guest, admin, mod or user) there is always session variables available for the server to use to make my site work.
Here are the default values of the session variables (these are used for guests)


$_SESSION['skin'] = "1";
$_SESSION['access'] = "0";
$_SESSION['username'] = "Guest";
$_SESSION['group'] = "0";

That's all fine...
Once I log in it changes the variables depending on the user, so for example
I log in as admin

$_SESSION['skin'] = "1";
$_SESSION['access'] = "1";
$_SESSION['username'] = "admin";
$_SESSION['group'] = "1";
The 'access' variable tells the web pages that they are logged in
'group' is the user group and permission (administrators are valued at 1)

Once I visit my index page all the variables reset because the variables are reset but...
How can I get it to keep the logged in user's variables to stay??

Thanks,
Dacoder96. :thumbsup:

JAY6390
01-24-2010, 02:02 AM
Firstly are you using session_start()
secondly, you say that those session variables are the defaults, are you checking if they're set already before assigning those?
For examplee


<?php
session_start();
if(!isset($_SESSION['access'])) {
$_SESSION['skin'] = "1";
$_SESSION['access'] = "0";
$_SESSION['username'] = "Guest";
$_SESSION['group'] = "0";
}

That will only set the variables if $_SESSION['access'] isn't set
Also, what is the time limit on your sessions? It could be that you are running out of time (although unlikely)

dacoder96
01-24-2010, 02:07 AM
Yes, I'm using session_start()

Time limit, um...
i got this;
Timeouts Connection: 10 - Keep-Alive: 5
and
session.gc_maxlifetime 1440 1440

So just doing $_SESSION[' '] = ""; isn't setting the variable?

JAY6390
01-24-2010, 02:13 AM
If you show the code that sets the session vars and the code that checks it we can verify where you're going wrong. Yes it will be in the phpinfo under session cookie lifetime

dacoder96
01-24-2010, 02:19 AM
ok

just incase ill post the login page code
this is the form the login page uses

login.php

<form action="loginAction.php" method="post" name="login">
<table width="298" cellspacing="1" cellpadding="1">
<tr>
<td height="25"><p>Username:</p></td>
<td height="25"><input name="username" type="text" size="25" maxlength="16" class="loginRegisterForm" /></td>
</tr>
<tr>
<td height="25"><p>Password: </p></td>
<td height="25"><input name="password" type="password" size="25" maxlength="16" class="loginRegisterForm" /></td>
</tr>
<tr>
<td><input name="login2" type="submit" value="Login" class="loginRegisterForm" /></td>
<td>&nbsp;</td>
</tr>
</table>
</form>

now it goes to loginAction.php
loginAction.php

$myusername = $_POST['username'];
$mypassword = $_POST['password'];
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql = "SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

$count=mysql_num_rows($result);

if($count==1){
include('loginSuccess.php');
}
else {
header('location:login.php?error=1');
}
yes, i realise there is no sql connection but that is on a seperate page. dont worry, i got that working

now it goes to loginSuccess.php if its all ok
loginSuccess.php

$_SESSION['access'] = "1";
$_SESSION['group'] = "1";
$_SESSION['username'] = "admin";
echo('logged in');

then i go back to index (as u do) and all the session variables go back to...

$_SESSION['skin'] = "1";
$_SESSION['access'] = "0";
$_SESSION['username'] = "Guest";
$_SESSION['group'] = "0";
that code is on everypage

fatecaresx13
01-24-2010, 04:47 AM
if(!($_SESSION['access'] == "1")){
$_SESSION['skin'] = "1";
$_SESSION['access'] = "0";
$_SESSION['username'] = "Guest";
$_SESSION['group'] = "0";
}

put that instead so if you're logged in we won't set the session vars over top of the login set vars.

dacoder96
01-24-2010, 05:06 AM
ahh, thank you! so obvious! that should work (hopefully)
Thanks everyone for your help! much appreciated.


----------------------------------------------------------------------------------------------------

second post;

ok I got it working but there is still 1 variable that isn't staying! its the access one, i dont know why but here is some updated codes

loginAction.php this is now the main login script - there is no more loginSuccess.php


<?php
$myusername = $_POST['username'];
$mypassword = $_POST['password'];
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql = "SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

$count=mysql_num_rows($result);

if($count==1){
//$_SESSION['group'] = "1";
$_SESSION['username'] = $myusername;
echo('Skin: '.$_SESSION['skin']. '<br>');
echo('Access: '.$_SESSION['access']. '<br>');
echo('Username: '.$_SESSION['username']. '<br>');
echo('Group: '.$_SESSION['group']. '<br>');
$_SESSION['access'] = '1';
header('location: index.php');
}
else {
header('location: login.php?error=1');
}
?>

this works fine from what i can see

now it redirects u to index.php instantly
the contents of index.php isn't anything yet so im not posting it

i think this is our problem... i use global headers and footers to create the webpages and my global header might be messing it up
here is the code
globalHeader.php

<?php
session_start();
$_SESSION['skin'] = "1";
if ($_SESSION['access'] = '0') {
$_SESSION['skin'] = "1";
$_SESSION['username'] = "Guest";
$_SESSION['group'] = "0";
}

$host=""; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name=""; // Database name
$tbl_name=""; // Table name

mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

if ($_SESSION['skin'] != "0") {
include("skins/".$_SESSION['skin']."/pageHeader.php");
}
include('navigation.php');
?>


i am spotting the error out by this;
i am writing all the values of the variables to each page so i can see wat they currently are using this code

echo('Skin: '.$_SESSION['skin']. '<br>');
echo('Access: '.$_SESSION['access']. '<br>');
echo('Username: '.$_SESSION['username']. '<br>');
echo('Group: '.$_SESSION['group']. '<br>');

and when u r logged in the navigation should have profile and logout for options NOT login and register
to do this im using this code
navigation.php

<p ="navigation"><a href="index.php">Home</a> |
<?php
session_start();
$_SESSION['username'] = "guest";
$_SESSION['access'] = "0";
if(!$_SESSION['username'] = 'guest' || !$_SESSION['access'] = "0") {
echo('<a href="profile.php">Profile</a> | <a href="logout.php">Logout</a>');

}
else
{
echo('<a href="login.php">Login</a> | <a href="register.php">Register</a>');

}
?>
</p>

fatecaresx13
01-24-2010, 06:46 PM
the part where you have



if($_SESSION['access']="0"){
...
}

is actually setting access to 0 and then executing what's inside the if statement.

if you want to check the value of access you need this


if($_SESSION['access']=="0"){
...
}

And I thought about it. Also, about what I said before I think maybe you should check if username is set. Something like


if(isset($_SESSION['username'])){
//If they logged in.
}else{
//If they didn't.
}

etc.

Good luck.

dacoder96
01-24-2010, 11:13 PM
so whats the difference between = and ==?
is the single symbol just equal to even if there is capitalize differences (eg; test = Test = true)
is the double symbol mean exactly equal to (eg; test = test = true BUT test = Test = false)

yet again, thank you for your help!

fatecaresx13
01-24-2010, 11:41 PM
= means to set the value and == means to test the equality of the values.

http://us.php.net/manual/en/language.types.boolean.php

dacoder96
01-25-2010, 12:47 AM
ok thanks
now that i got that working i need to be able to pull data from my database (sql)
Each user will have an option to which skin they want - there selection is stored in the database but I can't get it to pull the data back from the db
here is my code - wats wrong with it? please help


$_SESSION['username'] = $myusername;
$sqlSkin = mysql_query("SELECT 'skin' FROM 'accounts' WHERE 'username'={$_SESSION['username']}");
$_SESSION['skin'] = mysql_fetch_array($sqlSkin);

ive googled it abit and I read that you put {} around the session variable and then ' ' around the names of columns in the db

fatecaresx13
01-25-2010, 12:55 AM
I suspect it's because you're trying to set one value 'skin' to an entire array.
try adding the name of the field to the end of the variable.

Like this maybe,




$skin_array = mysql_fetch_array($sql_query);
$_SESSION['skin'] = $skin_array['skin_name'];

//Where the skin is stored in the SQL database as skin_name.

dacoder96
01-25-2010, 01:05 AM
so $sql_query is my $sqlSkin?

$sqlSkin = mysql_query("SELECT 'skin' FROM 'accounts' WHERE 'username'={$_SESSION['username']}");

so the code would look like this...

$sqlSkin = mysql_query("SELECT 'skin' FROM 'accounts' WHERE 'username'={$_SESSION['username']}");
$skin_array = mysql_fetch_array($sqlSkin);
$_SESSION['skin'] = $skin_array['skin'];


$_SESSION['skin'] = $skin_array['skin_name'];
//Where the skin is stored in the SQL database as skin_name.
- replaced with 'skin' because that is the column in the db

fatecaresx13
01-25-2010, 01:11 AM
as long as each username only has one skin that should work. try it out and let me know how it goes. for future reference you should start a new thread next time in case someone else has this problem :)

dacoder96
01-25-2010, 01:21 AM
ok sorry - for convience i thought i would just continue this thread
- just quickly, its not working. its still not working... it appears it isn't even receiving the value

fatecaresx13
01-25-2010, 02:42 AM
post all of your code again



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum