The problem is, when I load a particular page (user.php) the session variable not work. But on the other pages it works fine. Even in my local host user.php also works fine. Only user.php on remote server is occuring this problem.

This is login script

<?php    
require_once 'inc/functions.php';
require_once 'inc/mysql_cnct.php';
if(loggedIn()){header("Location:user.php");exit;}
$msg = '';
if(isset($_POST['submit'])){
            $u_name = mres($_POST['username']);
            $pass = mres($_POST['password']);
            $pass = md5($pass);
            $remember ='';
            if(isset($_POST['remember'])){$remember = $_POST['remember'];}
            if($u_name&&$pass){
            $login = mysql_query("SELECT * FROM customer WHERE u_name = '$u_name' ") or die();
            while ($row = mysql_fetch_assoc($login)) {
                $db_pass = $row['u_pass'];
                $active = $row['active'];
                if($pass == $db_pass && $active == '1') $loginok = TRUE;
                else $loginok = FALSE;
                if($loginok == TRUE){
                    if($remember == 'on')   setcookie("u_name",$u_name,time()+604800);
                    else if(!isset($remember) || $remember == '' )  $_SESSION['u_name'] = $u_name;
                    $date = date("Y-m-d h:m:s");
                    $query = 'UPDATE customer SET last_login = "'.$date.'" WHERE u_name = "'.$u_name.'"';
                    mysql_query($query) or die("Something wrong happend when trying to logging in you");
                    header("Location:index.php");
                    exit;
                }
                else {
                    if($active != '1')$msg .= "<h3 style='color:red'>Please activate your account<h3/>";  
                    else $msg .= "<h3 style='color:red'>Invalid Username or Password<h3/>";
                }
            }
        }
    }
?>

* ***mres() is applying some security check on data ****

I think it's working fine because as I said that, session variable is working fine on all pages except user.php

Here is the code which I used to retrive username and to check if user logged in or not. These 2 function is defined in functions.php and at very top of this functions.php file I declered php seession_start();

    //user logged in ?
    function loggedIn(){
        if(isset($_SESSION['u_name']) || isset($_COOKIE['u_name'])){
            return TRUE;
        }
    }

    //get username
    function user(){
        if(isset($_SESSION['u_name']))  return $_SESSION['u_name'];
        else if(isset($_COOKIE['u_name'])) return $_COOKIE['u_name'];
    }

Then at user.php I have following codes

<?php
    require_once 'inc/functions.php'; 
    require_once 'inc/mysql_cnct.php';
?>
<?php
    $f_name = '';
    $l_name = '';   
    $u_name = '';   
    $pass = '';
    $email = '';
    $date = '';
    if(loggedIn() != TRUE){header('Location:login.php');exit;}  
    $user = user();
    $query = "SELECT * FROM customer WHERE u_name='".$user."'"; 
    $result = mysql_query($query) or die (mysql_error()); 
    while ($row = mysql_fetch_array($result)) {
         $f_name .= $row['first_name'];
        $l_name .= $row['last_name'];   
        $u_name .= $row['u_name'];  
        $pass .= $row['u_pass'];
        $email .= $row['u_email'];
        $date .= $row['reg_date'];
    };
    $user_info = 
    '<ul>
        <li><p class="p_big">'.$f_name.'</p></li>
        <li><p class="p_big">'.$l_name.'</p></li>
        <li><p class="p_big">'.$email.'</p></li>
        <li><p class="p_big">'.$date.'</p></li>
   </ul> ';
?>

Here is phpinfo() of my remote server for session

Session Support enabled
Registered save handlers files user sqlite
Registered serializer handlers php php_binary wddx

Directive Local Value
session.auto_start Off
session.bug_compat_42 On
session.bug_compat_warn On
session.cache_expire 180
session.cache_limiter nocache
session.cookie_domain no value
session.cookie_httponly Off
session.cookie_lifetime 0
session.cookie_path /
session.cookie_secure Off
session.entropy_file no value
session.entropy_length 0
session.gc_divisor 100
session.gc_maxlifetime 1440
session.gc_probability 1
session.hash_bits_per_character 4
session.hash_function 0
session.name PHPSESSID
session.referer_check no value
session.save_handler files
session.save_path /home/users/web/b2976/ipg.limpu/cgi-bin/tmp
session.serialize_handler php
session.use_cookies On
session.use_only_cookies Off
session.use_trans_sid 0

If I failed to make you understand please let me know.
Any Idea???

Member Avatar for Zagga

Hi tahsin.rahit,

If you are not able to retrieve session data it sounds like the session is not starting correctly on that page.
You say you declare session_start() at the very top of functions.php, If it is declared inside a function you will only be able to use session data inside that function. Try starting the sessions on every page, not inside the included functions.php page.

Hi Zagga,
I did it when I first face this problem today. It is actually working fine for every page except user.php. I started the session on top of the functions.php page not in any function. I started it there cause I included this file in every page.

Whatever, here is a thing I noticed just now. I included functions.php at user.php where I have session_start() on top. But I also added session_start() at top of user.php. So now session is attempt to start twice which obviously should gives a notice like this:

Notice: A session had already been started - ignoring session_start() in C:\xampp\htdocs\mysite\inc\functions.php on line 2

But you see, this notice is generated in my localhost. When I tried this on my remote server, unfortunately no notice has been shown.

And there is another thing the session I created while login ($_SESSION[u_name]) become blank (not unset or session destroy) when I run user.php.

Member Avatar for Zagga

Hi again Rahit,

Firstly, the reason you only get the Notice in your localhost is probably because the error reporting levels are set differently on your remote server. This can be changed in your php.ini file.

When you say the session variable doesn't work what actually happens? Are you always redirected back to the login page because the loggedIn function always returns false?

Yes. u'r right. error reporting is set diffrently.

session variable may be work but it doesn't contain it's previous value. Like, if I write,echo 'Hello,'.user(); it should echo back Hello,username but in this case it shows Hello,
If session become destroyed then user.php shouldn't run because I put an if condition there.

if(isset($_SESSION['u_name'])) return $_SESSION['u_name'];
else if(isset($_COOKIE['u_name'])) return $_COOKIE['u_name'];

is it possible $_SESSION['u_name'] could be set to ''?

@Biiim Yes, it is.

Fortunately, my problem is solved. I think the conflict is made by the variable name and index name I used in user.php. I used u_name several times as array index and variable name. Corrected it...Problem solved.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.