View Full Version : PHP/Programming Newbie
mregister
February 20th, 2009, 04:28 PM
Hello All,
I am trying to learn PHP from a book and I am going through an example that I can't get to work. I have gone over it several times and from what I have read I am starting to think that maybe there is a setting in a .ini file somewhere I am missing?
What I am trying to do is have a user login and create a session.
So, the user logs in and $userid and $password are given to the script with a post. The script assigns then checks a mysql db to see if the user is valid:
$result = $db_conn->query($query);
if ($result->num_rows > 0)
{
$_SESSSION['valid_user'] = $userid;
}
I know the validation works bc I modified the script without trying to create a session and the login works fine I just can't establish a sesssion. I start the script with:
session_start();
Thanks to all for any advice.
Mark
konqueror7
February 20th, 2009, 04:31 PM
did you put the session_start() method above all html elements?
Reiger
February 20th, 2009, 04:32 PM
Where does $userid get set?
mregister
February 20th, 2009, 05:01 PM
yes session_start() is the very first line. $userid is set from:
$userid = $_POST['userid'];
konqueror7
February 20th, 2009, 05:13 PM
is your cookie enabled in your browser? if i remember correctly, sessions works similar to a cookie...
can you perhaps post your html pages, so we can inspect it...
mregister
February 20th, 2009, 05:25 PM
This is the script entirely:
<?php
session_start();
if (isset($_POST['userid']) && isset($_POST['password']))
{
$userid = $_POST['userid'];
$password = $_POST['password'];
$db_conn = new mysqli(localhost,webauth,webauth,auth);
if (mysqli_connect_errno())
{
echo 'Connection to database failed: '.mysqli_connect_error();
exit();
}
$query = 'select * from authorized_users '
."where name = '$userid' "
." and password=sha1 ('$password')";
$result = $db_conn->query($query);
if ($result->num_row > 0)
{
$_SESSION['valid_user'] = $userid;
}
$db_conn->close();
}
?>
<html>
<body>
<h1>Home Page</h1>
<?
if (isset($_SESSION['valid_user']))
{
echo 'Your are logged in as: ' .$_SESSION['valid_user'].' <br />';
echo '<a href="logout.php">Log Out</a><br />';
}
else
{
if(isset($userid))
{
echo 'Could not log you in. <br />';
}
else
{
echo 'You have not tried to login. <br />';
}
echo '<form method="post" action="authmain1.php">';
echo '<table>';
echo '<tr><td>Userid:</td>';
echo '<td><input type="text" name="userid"></td></tr>';
echo '<tr><td>Password:</td>';
echo '<td><input type="password" name="password"></td></tr>';
echo '<tr><td colspan="2 align="center">';
echo '<input type="submit" value="Log in"></td></tr>';
echo '</table></form>';
}
?>
<br />
<a href="members_only.php">Members Section</a>
</body>
</html>
After trying to sign in the script returns the message "Could Not Log You in" which seems to indicate that the login works but not the session. And as I said, I can get a login to work if I am just doing that but no session.
konqueror7
February 20th, 2009, 05:32 PM
it seems that the session hasn't been initialized in the second page...try adding a session_start() in the second page(if i remember correctly, that is:))...
also, try putting first an "echo $userid" in your first page, just to make it sure that it does get something...
mregister
February 20th, 2009, 05:43 PM
I added the line suggested by konqueror
'You are logged in as: ' .$userid and that does print out the user name. I know the login portion works, it's just the session part that does not work??
konqueror7
February 20th, 2009, 05:53 PM
have tried adding a session_start() in the second page? because you need to initialize a session first...
mregister
February 20th, 2009, 06:04 PM
yes session_start() is at the top. So confusing. The login worked. After I put that echo statment in you suggested it reads "You are logged in as test" which is right, but when I go to the next page it tells me "You are not logged in". This is the code on the 2nd page:
<?php
session_start();
echo '<h1>Members Only</h1>';
// check session variable
if (isset($_SESSION['valid_user']))
{
echo '<p>You are logged in as: ' .$_SESSION['valid_user'].'<p>';
echo '<p>Members only content goes here</p>';
}
else
{
echo '<p>You are not logged in.</p>';
echo '<p>Only logged in members may see this page.</p>';
}
echo '<a href="authmain1.php">Back to Main Page</a>';
?>
JK3mp
February 20th, 2009, 06:09 PM
possibly validation of the session problem
konqueror7
February 20th, 2009, 06:13 PM
btw, in my code, its very similar,,,,you stored in your $userid variable is integer (based on the primary key on the db),,,use
($_SESSION['valid_user'] != 0)
instead, assuming that you don't have an ID of 0...
mregister
February 20th, 2009, 06:35 PM
No the userid is stored as a varchar. I am starting to think it is a cookie issue. Maybe I need to set a cookie to track the session? I added this to the bottom of the first page:
$cookie = session_get_cookie_params();
foreach ($cookie as $key => $value)
echo '<br />';
echo $key . '=> ' .$value. '<br />';
to see if anything comes back. And the only thing I get is:
httponly=>
with no value. My browser accepts cookies so I guess I need to setup a cookie in the script?
konqueror7
February 20th, 2009, 06:41 PM
varchar? trying putting
($_SESSION['valid_user'] != "" || isset($_SESSION['valid_user']))
mregister
February 20th, 2009, 08:21 PM
I dont' understand. Put that where? The only place that $_SESSION is set is = $userid.
Maybe I don't understand you suggestion?
konqueror7
February 21st, 2009, 03:57 AM
in your second page...i also think that maybe the condition is the one that's giving you problems...
Powered by vBulletin® Version 4.2.2 Copyright © 2024 vBulletin Solutions, Inc. All rights reserved.