session variable is lost

Hey. What I am trying do is select rows from a database where a particular column is equal to a variable, which is set to the value of a session variable.

Example query...

$author = $_SESSION['name'];
$query = "SELECT * FROM table_name WHERE column='$author';


However for some reason on this form, $author has no value. So the select does not return anything.

The purpose of my script, well this page at least is to allow users to leave feedback for posts I make. That all works but I cannot get this to work.

This is header.php, it shows different content depending on if you are logged in

<?php
// check if logged in
if (isset($_SESSION['name'])) {
include("db.php");
$author = $_SESSION['name'];
$query = "SELECT * FROM users WHERE username='$author' ORDER BY id";
echo $query;
echo $author; // this comes out as blank
$result = mysql_query($query);
$numrows = mysql_num_rows($result);
echo $numrows;
if ($numrows == "0") {
echo "No codes to display.<br /><br />";} // I get this message
else {
while($row = mysql_fetch_array($result))
{
$profilelink= "<a href='viewprofile.php?id=" . $row['id'] . "'>Your profile</a><br><br>";
}}
?>


And I include that file on feedback.php

Code:

<?php
include("header.php");
?>


So its like the script forgets the session variable value, even though I do have

<?php
session_start();
header("Cache-control: private");
?>
on each page that uses sessions.

Any ideas?

your setting your session variable backwards, try this one.


$_SESSION['name']=$author;

your setting your session variable backwards, try this one.


$_SESSION['name']=$author;

He's trying to put the value from $_SESSION['name'] into $author, not the other way around. The session is obviously set otherwise that entire code block wouldn't run:
<?php
// check if logged in
if (isset($_SESSION['name'])) {

Try and echo $_SESSION['name'] from within the if block and make sure it's not empty. Just because it's set doesn't mean it contains any data. If the session is empty, look back to where the session is being set and how this happens.

If the session does contain data (and I suspect it probably doesn't) then try changing your query to:

$query = "SELECT * FROM table_name WHERE column='" . $_SESSION['name'] . "'";

Did you do session_start()?

Yeah. I have session_start at the top of the page.

As I say this is to remained logged on when one of my logged in users goes to the feedback.php page, so it is not essential but optional.

I have tried echoing out $author and $_SESSION['name'] but nothing is shown. However it is set...

If you want a more detialed view, goto http://bfsog.co.uk/code/register.php
Sign up, then log in. If you are logged in the link at the top will be Log out and not log in

Then, click on a code example, and click "leave feedback for ...." on the feedback page is where the error occurs.
So from code.php to feedback.php Im guessing the session variable is lost?

Thanks in advance

As I said previously, just because it is set does not mean it contains data. If I did the following:
$blah = '';
$_SESSION['name'] = $blah;
if(isset($_SESSION['name'])) {
echo "Session is set";
} else {
echo "Session is not set";
}
The result would be "Session is set", even though it contains no data it's still set because I declared it previously, but as soon as you try and use it in your query or assign it to another variable you encounter problems because it's empty.

This means if you're just using an "isset" test to determine if the user is logged in it will tell you you are logged in even though it has no session data relating to you. This is why, for such tests, I always do an isset followed by a test to see if the field's not empty, like:

if(isset($_SESSION['name']) && !empty($_SESSION['name'])) {
echo "You are logged in, click here to log out";
} else {
echo "You are logged out, click here to log in";
}

It looks to me like the initial code that actually gets the logged-in user's name and assigns it to the session is where your script is failing, can we see the code that handles this?