New to Sessions

rivka

Okay, I need some help, as I'm not sure why this isn't working:

I have a header page that is called with every function/page, which calls config information, the database info, and the session_start(); so that all that stuff only needs to mentioned once for the various functions:

adminheader.php

<?php
session_start();
$level = $_SESSION['level'];
$admin = $_SESSION['admin'];

include ("config.php");
include ("data/dbconfig.php");

//other html junk here

?>

I have a login page that calls the above header page, and looks like so:

Login Page (admin.php)

<? 

include ("adminheader.php");
if(!$submit) {
	echo "<center><b>Admin Login</b></center>";
	echo "<table><tr><td>
	<form method=\"POST\" enctype=\"multipart/form-data\" action=\"admin.php\">
	Login:
	</td><td>
	<INPUT name=\"admin\">
	</td></tr><tr><td>
	Password:
	</td><td>
	<INPUT type=\"password\" name=\"password\">
	</td></tr><tr><td colspan=\"2\">
	<INPUT type=\"submit\" name=\"submit\" value=\"submit\">
	</form>
	</td></tr></table>";
	}
else
{
	$query = "SELECT * FROM fanfiction_admins WHERE admin='$admin'";
	$result = mysql_query($query)
       or die("Query failed at userid retrieval stage.");
    $encryptedpassword = md5($password);

    $row = mysql_fetch_array($result);
    $passwordfromdb = $row[password];

    if ($encryptedpassword == $passwordfromdb)
    {


		$_SESSION['aid'] = $row['aid'];
		$_SESSION['level'] = $row['level'];
		$_SESSION['admin'] = $row['admin'];
		$_SESSION['email'] = $row['email'];
		$_SESSION['contact'] = $row['contact'];

		echo "You're logged in <a href=\"addstory.php\">go</a>";
	}
	else
	{
		echo "That didn't work.";
	}
}
?>

Finally, I have a third page that you can go to after you've logged in:

Third Page (addstory.php)

<?php

global $level, $admin;
include ("adminheader.php");

if (($level != '1') && ($level != '2') && ($level != '3'))
{
	echo "You are not allowed to be in this area.<BR><BR>";
}
else
{
	echo "Hello, $admin. Your level is: $level";
}
?>

Now, here's the problem: the third page is only sometimes remembering the session variables. Sometimes after logging in, it will know the level and admin variables, and sometimes it won't. And going onto a fourth or fifth page from there, it almost never knows the variables, even though they're calling the same adminheader.php that the earlier pages are. So what am I doing wrong?

philhale

To enable session for a page, call session_start() before any of the document has been generated:

<?PHP
session_start();
?>

This assigns a new session ID if it has to, possibly creating a cookie to be sent to the browser, and loads any persistent variables from the store.

Use:
session_register('bob');

to register a session variable $bob to be used anytime later. You only do this once.

I have used these techniques and have not had any problems with session variables throughout my website.

Best of luck!

Phil.