Member Avatar for timhysniu

Hi guys,

I have 3 pages where 1 of them (last one) is in secure server.
I use sessions in all of them and these sessions work fine in first two pages (using session_start()), but when I get switched to secure server (https://xxx.xx.../site/page3.php) a new session comes in.

I can see what the problem might be here. So instead I decided to use hidden input forms. I have no idea whether there is a limit on amount of data I can put in it and how big this limit is, but it won't work!

No I am stuck because I can't use neither $_POST, nor $_SESSION. Can someone please guide me on what should I do? I thought of using cookies but I have no idea how and I have tight deadlines for this thing.

Is there a way to retrieve the same session even after I switch to secure server. If you have any recommendations, sources I can look at, I'd appreciate them.

Tim

  • 2 Contributors
  • 1 Reply
  • 98 Views
  • 1 Day Discussion Span
  • Latest Post Latest Post by puddin
Member Avatar for puddin

I understand your upset. I went crazy with sessions I have it working but still I do not completely understand it.

I will just show you what I have linking each page through my site and I have like 7 pages, I hope it helps you. I also have my pages setup , that if you try and enter, the page tells you, you must login in or signup... This worked for me:

If you look you will see it has two parts:

<?
include 'db.php';


// get the variables from home page
$password = $_SESSION;
$email_address = $_SESSION;



$sql_check = mysql_query("SELECT username FROM gallery_photos WHERE password='$password' AND email_address='$email_address'");


$username = mysql_fetch_array($sql_check,
MYSQL_ASSOC); //MYSQL_ASSOC;
$sql_check_num = mysql_num_rows($sql_check);
if($sql_check_num == 0){


echo ("");
} else {
echo ucfirst($username);
}

and

// Define post fields into simple variables
$email_address = $_SESSION;
$password = $_SESSION;


/* Let's strip some slashes in case the user entered
any escaped characters. */


$email_address = stripslashes($email_address);
$password = stripslashes($password);


/* Do some error checking on the form posted fields */


if((!$email_address) || (!$password)){
echo '<STRONG><br><br>Enter required fields as indicated below
<br>If you are a member!</STRONG><a
href="login_form.php"><u> Login Here</u></a>
<br><STRONG>To become a member!</STRONG><a
href="join_form.php"><u> Join Here</u>
</a><BR><br />';
if(!$email_address){
echo "<font color='#000000'>Email address is a required
field.</font><br />";
}
if(!$password){
echo "<font color='#000000'>Password is a required
field.</font><br />";
}
exit(); // if the error checking has failed, we'll exit the script!
}
?>
</p>

P.S And of course at the very top of the page you have

<?php
session_start();
?>

Now this is stopping anyone from just entering the site. BUT it also carries the user once in through all the site nice and personalized talking to the user saying hello on one page Welcome on the next etc... It say's the usersname all the time, it's GREAT! I hope this helps you... Good Luck!

Edited by happygeek because: fixed formatting
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.