hi there,
i have started session in my first page(login page). on fulfilling the validations the user is taken to the next page. in the second page, first i check whether session is set or not, and if it is not set the flash an error message to the user that he/she shlould login first. while validating in my login page if all the validations are successful i set a session variable and this variable i check in the next page. now my problem is that even after succesful login my next page is showing that session is not set. please help me fast.thanks in advance

can u give us the code that u have so that we can see where u are getting it wrong

are you putting session_start() at the top of all the pages that require the session?

Are you starting the session in page2 ? If your answer is yes, then you need to show us your code. If your answer is no, then start the session ! :)

are you putting session_start() at the top of all the pages that require the session?

You beat me by few seconds :P

You beat me by few seconds :P

lol sorry about that:)

i have done session_start() in my pages

Then code please !

login1.php

<?php
session_start();
ob_start();
?>
<?php
mysql_connect("IP addr","username","password") or die(mysql_error());



mysql_select_db("login") or die(mysql_error());

//if login form is submitted

if(isset($_POST['submit'])) { //if form is submitted

//check whether all the fields are filled or not

if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill all the fields.');
}

//verifies against database
$_POST['username']=md5($_POST['username']);
if(!get_magic_quotes_gpc()) {
$_POST['username']=addslashes($_POST['username']);
}



$check=mysql_query("SELECT * FROM users WHERE username='".$_POST['username']."'") or die(mysql_error());
//gives error if user doesnot exist
//{

$check2=mysql_num_rows($check);

if($check2==0) {
die('User does not exist');
}
while($info=mysql_fetch_array($check))
{


$_POST['pass']=stripslashes($_POST['pass']);


$info['password']=stripslashes($info['password']);
$_POST['pass']=md5($_POST['pass']);


//gives error if password is wrong

if($_POST['pass'] !=$info['password']) {
die('incorrect password,please try again.');
}
else
//if login is ok then direct them to options page
{
$_SESSION['views'] = 1;	
header("Location:option1.php");	
ob_flush();

?>
<!META HTTP-EQUIV="Refresh" CONTENT="0; URL=option1.php">
<?php
}
}
}
else
{
//if they are not logged in

?>

<form action="<?PHP echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="50">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}
?>

option1.php

<?php 
session_start();
ob_start();
if(isset($_SESSION['views']))
$_SESSION['views']=$_SESSION['views']+1;
else
{
//header("Location:message.php"); 
echo "session not set"."</br>";	
print_r($_SESSION);
}
?>

a long code :-)

I don't see anything wrong with the code apart from this line. if(!$_POST['username'] | !$_POST['pass']) { It should have been if(!$_POST['username'] || !$_POST['pass']) { . Thats just a syntax error. The code isn't long ! lol.. it has just 80+ lines. Anyway, Check if its entering the else { $_SESSION part. If its entering the else part, remove the meta tag and try again..

Edit: And btw, <!META HTTP-EQUIV="Refresh" CONTENT="0; URL=option1.php"> is wrong. What is "!" doing there ?

Edit 2: And, you are not printing $_SESSION in page 2 :)

I don't see anything wrong with the code apart from this line. if(!$_POST['username'] | !$_POST['pass']) { It should have been if(!$_POST['username'] || !$_POST['pass']) { . Thats just a syntax error.

that part is not throwing any error

The code isn't long ! lol.. it has just 80+ lines. Anyway, Check if its entering the else { $_SESSION part. If its entering the else part, remove the meta tag and try again..

Edit: And btw, <!META HTTP-EQUIV="Refresh" CONTENT="0; URL=option1.php"> is wrong. What is "!" doing there ?

since i have used header(), so i have commented that syntax

Edit 2: And, you are not printing $_SESSION in page 2 :)

i had tried doing that but it doesn't print any value.

I have modified your code to test it and it works. Here's the code. Modify it again to meet your requirements.

<?php //login1.php
session_start();
ob_start();
?>
<?php
//if login form is submitted

if(1==2) {
die('incorrect password,please try again.');
}
else
//if login is ok then direct them to options page
{
$_SESSION['views'] = 1;	
header("Location:option1.php");	
ob_flush();

?>
<META HTTP-EQUIV="Refresh" CONTENT="0; URL=option1.php">
<?php
}
?>

And here is option1.php

<?php 
session_start();
ob_start();
if(isset($_SESSION['views'])) {
$_SESSION['views']=$_SESSION['views']+1;
echo $_SESSION['views'];
}
else
{
//header("Location:message.php"); 
echo "session not set"."</br>";	
print_r($_SESSION);
}
?>

i a sorry but i am not able to see the modifications?btw i am using php-4.4.4 and apache-1.3.37

php and apache versions doesn't matter.
Check the loop, I have added if(1==2) which will always fail. Replace it with your validation part.

php and apache versions doesn't matter.
Check the loop, I have added if(1==2) which will always fail. Replace it with your validation part.

sorry to bother you agn naveen, but how is that related to session?

Replace if(1==2) with

if(!$_POST['username'] || !$_POST['pass']) {
die('You did not fill all the fields.');
}

and leave the else part as it is.

i think its not working for me. even tried out with a simple upload script.
upload_index.php

<?php                                                                                                                                        
session_start();                                                                                                                             
$_SESSION['views']=1;                                                                                                                        
?>                                                                                                                                           
<form enctype="multipart/form-data" action="upload.php" method="POST">                                                                       
Please choose a file: <input name="uploaded" type="file"/><br/>                                                                              
<input type="submit" value="Upload"/>                                                                                                        
</form>

upload.php

<?php
session_start();
if(isset($_SESSION['views']))
{
        echo "Session variable".$_SESSION['views']."</br>";
        echo "session is set"."</br>";
}
else
echo "Session is not set"."</br>";
$target_path="/usr/local/apache/htdocs/upload/";
$target_path=$target_path.basename($_FILES['uploaded']['name']);
 
echo "target path ".$target_path."</br>";
 
$ok=1;
 
$uploaded_size=ini_get('upload_max_filesize');
$post_max=ini_get('post_max_size');
echo "maximum upload_size $uploaded_size and post_max_size $post_max "."</br>";
if($ok==0)
{
        echo "Sorry your file was not uploaded";
}
else
{
        if(move_uploaded_file($_FILES['uploaded']['tmp_name'],$target_path))
        {
                echo "The file ".basename($_FILES['uploaded']['name'])." has been uploaded";
        }
        else
        {
                echo "Sorry, there was a problem uploading your file."."</br>";
                echo "the error is ".$_FILES['uploaded']['error']."</br>";
        }
 
}
 
print_r($_FILES);
 
 
?>

still the same problem

hmm..Your above script should definitely work.. Check your php.ini file for session.
Check for these lines and if its commented, uncomment it.

session.save_handler = files
session.use_cookies = 1

.
If this doesn't work, then I can't do much about it.

hmm..Your above script should definitely work.. Check your php.ini file for session.
Check for these lines and if its commented, uncomment it.

session.save_handler = files
session.use_cookies = 1

.
If this doesn't work, then I can't do much about it.

this lines are not commented. i guess i m having a hard luck with this forum.
can you suggest me of other way so that i can prevent the users from opening the option1.php page without logging.

my php.ini says that session.save_path=/var/lib/php/session.
but there was no php dir . so i created a php dir and session dir and gave 0777 permissions to session dir. now everything is ok.
thanks

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.