Any reason the session variable isn't getting set?

pug

The echo $_SESSION['valid_user'] does out put but when I go to other pages it says I'm not logged in also if I refresh this page it says I'm not logged in. So I figure it isn't getting set. I know this script works cause I use it on another site. The only thing I changed was the $query

<?
    session_start();
    require_once("../includes/common.php");
    db_connect();
?>
<HTML>
<HEAD>
<TITLE> Process Login </TITLE>
<link rel="stylesheet" href="../includes/adminstylesheet.css" type="text/css">
</HEAD>
<BODY>
<?
    if(!isset($_SESSION['valid_user']))    

    {        

        $username = $_POST["username"];
        $password = $_POST["password"];

    if($username && $password)
    {
        $query = "SELECT * FROM attendees WHERE handle = '$username' and password = password('$password') and crewMember = '1'";
        $result = mysql_query($query);
		if(!$result)
            echo "Error running query";
        $num_rows = mysql_num_rows($result);
        if($num_rows == '1')
        {
            $row = mysql_fetch_array($result);			
			$_SESSION['valid_user'] = $username;
            echo "<center>";
			echo "Logged in as: <i><b>";
			echo $_SESSION['valid_user'];
            echo "</b></i>";                                
			echo "<br><a href='main.php'>Please click here to see admin links</a>";
			echo "</center>";
        }
        else 
            echo "username or password incorrect, please <a href='index.html'>try again</a>";
    }
    else
        echo "You didn't enter a username and/or password, <a href='index.html'>try again</a>";
}
else    
{
	echo "<center>";
	echo "Logged in as: <i><b>";
	echo $_SESSION['valid_user'];
	echo "</b></i>";                                
	echo "<br><a href='main.php'>Please click here to see admin links</a>";
	echo "</center>";
}
?>
</BODY>
</HTML>

pug

The link on the page above links to this code below. It always says I'm not logged in

<?
	session_start();
	 if(!isset($_SESSION['valid_user']))
	 {
		echo "You are not <a href='index.html'>logged in</a>.";
	 }
	 else
	 {
		echo "<link rel='stylesheet' href='../includes/adminstylesheet.css' type='text/css'>";
	 	echo "<FRAMESET FRAMEBORDER=1 COLS='200px, *' BORDER='0' FRAMESETBORDER='0'>";
		echo "<FRAME SRC='adminlinks.php' NAME='left' SCROLLING=no NORESIZE>";
		echo "<FRAME SRC='right.php' NAME='right'>";
		echo "</FRAMESET>";
	 }
?>

Weedpacket

To just clarify things in my mind: I take it you're able to fill in the form, submit it, and get back a response saying "Logged in as username:...Please click here"? (That would indicate that the point where the session variable is supposed to be getting set is being reached.) But after that, protected continue to claim you're not logged in?

Can you look at the session file that's created and see what's in it?

There is some possibility that your browser isn't holding on to the session ID. Try a link like
echo "<br><a href='main.php?".SID."'>Please click here to see admin links</a>" to pass the session ID through by hand and see if you get a different result. If the browser isn't accepting cookies and php.ini has session.use_trans_sid turned off then you'll have to pass the session ID around your pages by hand (much as this site does via the "s=" thingy in the URL.

You can probably guess by now that I don't see anything in the code that's obviously wrong...

As a digression:
If you're wanting to see how many username/password combinations are in a database, and that's all - as you're doing here - it's generally a better approach to say
"SELECT COUNT(*) from ..."
This will return a single-row result containing one field - containing the desired number. In other words, you can then get the number of rows by
list($num_rows) = mysql_fetch_row($result)
(With the list there of course to take the first element of the array, not the array itself.)

pug

Well I have found out that it is some kind of server setting. Running on my local machine it does not work but on my site it does...Wish I knew what that setting could be...Oh well

pug

<bump> anyone know the server setting I need to change so it will work on my local machine?

dustbuster

What OS are you using on your local machine and what are you using on your hosting machine?

roadrunner

Hi,
If you use Windows, you can put in a new php4ts.dll.
That sorted out my problem with not registred variables in $_SESSION.