Intermit problems with registered session variables

grail

Thanks in advance to anyone who can help me with this:

For some reason, the site I have been working on has lost the ability to pass the registered session variables from one page to another. The site is contained in frames, and for several months was working fine. The code that registers the variables is old tried and true code so I dont think the bug is there. The only thing that has changed is new javascript links code. Ever since its installation Ive had problems accessing pages on the site after logging in. Sometimes I can get to everything, a larger proportion of the time I cannot.

Ive also tried to switch to using the setcookie() functions. Ive tested it successfully on a simple frames page with the same javascript link code, but cannot for anything get it to work on main site. I cant figure out why either, Ive even copied the working code to the main site's page, commented out all the original code, and it stops working go figure.

If anyone has any advice reguarding this OR would go so far as to help me troubleshoot this problem by going through the code with me, it would be greatly apprecated.

ranam

PHP is server side and JS is client side, so the two really shouldn't interferwe with each other. Do you get any errors on the PHP pages?

grail

Yes:

Undefined variable and or index depending on the page. Mostly the former.

Two variables are registered after the user logs in, $valid_user and $server_num(Ill explain the vars if needed). Even though the session_start() is called on the next page visited, those two variables do not get passed(but sometimes they do!, thats the wierd part).

The User logs in on the Login page, those variables are taken to the main page where they are checked for validity in a database. Then those two variables mentioned before are registered as session variables and then checked with session_is_registered().
I get no errors on the main page after login.

grail

It seems session_start() is creating a new session id everytime I go to a new page, instead of picking up the session id from the prior page as its supposed to (and used to quite effeciently).

Still workin on the problem, any thoughts are greatly appreciated.

Steffel

the function session_start() ALWAYS starts a new session
so u should use it only once

if u wanna put vars in a session u got to register those first like:

session_register("ses_data");

$ses_data = "mydata";

and u got to register tham in EVERY page u need them

grail

Yes I use it only once per page.

You have to call session_start() on everypage you want to have access to variables registered through session_register(). The site has been WORKING like this for the better part of 6 months or more, for some reason now, though, Im loosing the session variables values when I go to a new page.

Tell me if Im wrong, but this is the way I thought this type of variable passing worked.

Steffel

no, not use it only once per page, but once per session
u start the session ONCE than u can put your variables in it
if u use it again you'll loose your variables

grail

Being this is true, what function should be called to access the registered variable on subsequent pages?

Do they need to be refered to from the Array $HTTP_SESSION_VAR["foo"]?

Steffel

u get always access to session data if u write
session_register("ses_data");

than u can use the variable
$ses_data which will be available in everypage where this one is registered.

so with
session_register("myvar");
u can use $myvar as well
the name ses_data was only to tell u whats in it ;-)

grail

Calling the session_start() on subsequent pages DOES continue that same session and gives you access to the registered variables within that session.

Im looking at it on part of my site right now. I have the session_id echoed on three pages, from the first page that starts the session to two pages afterward that call session_start() and they are all echoing the same session_id.

So we need to look at something else that would be causing me to loose my variables....... any ideas?

Steffel

What session_start does is looks for an existing session, and if none exists, it creates a new one. What it also does (that wasn't fully eplained above by the statement "initializes variables" is looks for any session variables, and sets them globally on the page that start got called from. If you have any variables already set (say from a get/post from the previous page) they will get overwritten. Also, changing a variable on a page will not update its session counterpart.

grail

"What session_start does is looks for an existing session, and if none exists"

This is the rub right here: There IS a session already started when the user logs in. The variables that are registered in this session, have NO WAY for the user to deleted/overwrite/ or any such thing on subsequent pages.

Here is some code for you to look at:

This code starts the session after the user logs in::

<?
require_once("ipp_fns.php");
session_start();

if (@$username && $password && $server_num)
{
if (login($username, $password, $server_num))
{
$server_num = $server_num;
$valid_user = $username;

session_register("valid_user");
session_register("server_num");

do_html_header(" ");

}
else
{
echo "You could not be logged in. Try to login again.";
exit;
}

check_valid_user(); //This function sets the registered variables as global
$permissions = get_rights($valid_user, $server_num);

if ($permissions < 1)
{
echo "This account has been disabled.<p>";
exit;
}
}

This next code is on a subsequent page where the variables for session started above should be available::

<?
require_once("ipp_fns.php");
session_start();
//------------------------LOG PAGE ACCESS-----------------------
$file = "e:/httproot/php-bin/post_pic.php";
$page_size = filesize("$file");
$page_get = "$file";

log_page($page_get, $page_size);
//---------------------------------------------------------------------
do_html_header(" ");

check_valid_user();

$userid = get_userid($valid_user, $server_num);
$permissions = get_rights($valid_user, $server_num);
if ($permissions < 3)
{
do_html_header("Access Denied:");
echo "You do not have the proper access rights to view this page.<p>";
exit;
}

$tree_name = tree_name($server_num);
?>

As you can see, $valid_user and $server_num are the registered variables that have been made global by the check_valid_user() funtion:

//-------------------Here is the check_valid_user() function -----
function check_valid_user()
{
global $valid_user, $server_num;

if (session_is_registered("valid_user") && session_is_registered("server_num"))
{
echo "<table border=0 width=100%>";
echo "<tr><td align=right>Welcome <b><font color=\"#6666cc\">$valid_user</font></b>.<br>";

echo "</td></tr></table>";
}
else
{
do_html_heading("You must Login");
echo "You are not logged in. Please click the login link on the main page to access this resource.<br>";
exit;
}
}
//---------------------------------------------------------------------------------

So by being registered variables for the session they should be available by simply calling the variable on the next page. For some reason the session is "dying" before it gets to the next page, which was not happening before. As stated above, the links to the subseqent pages are within another frame, but that has never bothered the session up to this point. I also stated above that the only thing to change was the code to present the links (some javascript)....

I dont know if this makes it any clearer.

Steffel

u dont have to make the variables global
but at first u have to register them and then use them so just the other way round as u did:

$server_num = $server_num;
$valid_user = $username;

session_register("valid_user");
session_register("server_num");

also i wrote:
"If you have any variables already set (say from a get/post from the previous page) they will get overwritten"

so just say ONCE session_start per session and not on every page...

grail

when I take session_start() out of the second page and then try session_register("valid_user") on the next page it just gives me an undefined variable error.

According to what you said I should have get what $valid_user contained...

but its not being passed.

grail

Its the frames screwin it up. Thanks for the dialouge none the less.

ranam

Basically session_start()l starts a new session if there is no old session or continues the session if there is a old one. But to understand that there exists an old session the browser must accecpt the session cookie. If it does not you have to pass the session through URL to every page or the session will not work. like:

Also you must have session_start(); in every page of the framed page for session to work on those pages, not only the first. You can also tell PHP to use a particular session by the command:

if($session) {session_id ($session);}

where $session is the session.