Sessions aren't working

Question

toxicandy 2 Junior Poster

10 Years Ago

By default the page after login.php is authorize.php which just checks the information then sends it off to index.php. From index.php I cannot get to my page 'volunForm.php', it just redirects me back to the login page. This is my first ever login system and my first time using sessions. Am I doing it all wrong? Is there a way I can make my sessions expire after certain time automatically and more importantly getting them to work across pages.

index: http://pastebin.com/Rc5zUJMA
volunForm: http://pastebin.com/Z65L7dZu
authorize: http://pastebin.com/aHfdYwLM

php

3 Contributors
5 Replies
196 Views
3 Days Discussion Span
Latest Post 10 Years Ago Latest Post by toxicandy

Borzoi 24 Posting Whiz

10 Years Ago

You have the following if statment in your volunForm.php page:

if(!isset($_SESSION['sess_user_id']) || (trim($_SESSION['sess_user_id']) == '')) {
        header("location: login.php");
        exit();
}

This is redirecting anyone who doesn't have the session cookie sess_user_id set. Make sure this is being set when the user logs in.

mattster 195 Practically a Master Poster

10 Years Ago

You code looks okay, so check that you have session_start();'s on all pages and that $row['uid'] value is actually being set.

Sessions are needed to maintain security, thats for sure.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

toxicandy 2 Junior Poster · Answer 1 · 2014-09-05T19:43:10+00:00

Don't I have it being set correctly in the authorize.php page?

if ($bcrypt->verify($_POST['password'], $row['password'])){
        session_regenerate_id();
    $_SESSION['sess_user_id'] = $row['uid'];
    $_SESSION['sess_email'] = $row['email'];
        $_SESSION['sess_name'] = $row['fname'] . " " . $row['lname'];
    session_write_close();
        header("Location: index.php");

toxicandy 2 Junior Poster · Answer 2 · 2014-09-05T20:20:48+00:00

EDIT:

I got cookies working but I am unsure if that is a good thing to keep or if I should focus getting sessions to work.

toxicandy 2 Junior Poster · Answer 3 · 2014-09-08T19:43:01+00:00

I had session_start(); at the top of all the pages I Was testing with but it still didn't work. After setting the sessions information in the authorize.php page, I call header("Location: index.php"); which works, they have to be logged in to get there, but upon getting there I was unable to use my navagation list to navigate to volunForm.php, it requested I log in.