Session Errors: USING BOOK CODE!

FULLAHiMHARD

Hey guys, i have been trying to code an authentication script for the admin area of my cms

I keep on getting these errors

Warning: session_start(): open(/tmp\sess_31ef0b5203d144a4287e4d9691bc16e1, O_RDWR) failed: No such file or directory (2) in c:\documents and settings\dev\my documents\root\webdevexamples\chapter20\authmain.php on line 2

Warning: session_start(): Cannot send session cookie - headers already sent by (output started at c:\documents and settings\dev\my documents\root\webdevexamples\chapter20\authmain.php:2) in c:\documents and settings\dev\my documents\root\webdevexamples\chapter20\authmain.php on line 2

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at c:\documents and settings\dev\my documents\root\webdevexamples\chapter20\authmain.php:2) in c:\documents and settings\dev\my documents\root\webdevexamples\chapter20\authmain.php on line 2

i googled it and it seems session_start(); needs to be at the start of the document, which it is

I tried using the script provided in the book "Php and Mysql web development" and the code on the cd does the exact same error!

heres the code

<?php
session_start();

if (isset($HTTP_POST_VARS['userid']) && isset($HTTP_POST_VARS['password']))
{
  // if the user has just tried to log in
  $userid = $HTTP_POST_VARS['userid'];
  $password = $HTTP_POST_VARS['password'];

  $db_conn = mysql_connect('localhost', 'webauth', 'webauth');
  mysql_select_db('auth', $db_conn);
  $query = 'select * from auth '
           ."where name='$userid' "
           ." and pass=password('$password')";
  $result = mysql_query($query, $db_conn);
  if (mysql_num_rows($result) >0 )
  {
    // if they are in the database register the user id
    $HTTP_SESSION_VARS['valid_user'] = $userid;    

  }
}
?>
<html>
<body>
<h1>Home page</h1>
<? 
  if (isset($HTTP_SESSION_VARS['valid_user']))
  {
    echo 'You are logged in as: '.$HTTP_SESSION_VARS['valid_user'].' <br />';
    echo '<a href="logout.php">Log out</a><br />';
  }
  else
  {
    if (isset($userid))
    {
      // if they've tried and failed to log in
      echo 'Could not log you in';
    }
    else 
    {
      // they have not tried to log in yet or have logged out
      echo 'You are not logged in.<br />';
    }

// provide form to log in 
echo '<form method="post" action="authmain.php">';
echo '<table>';
echo '<tr><td>Userid:</td>';
echo '<td><input type="text" name="userid"></td></tr>';
echo '<tr><td>Password:</td>';
echo '<td><input type="password" name="password"></td></tr>';
echo '<tr><td colspan="2" align="center">';
echo '<input type="submit" value="Log in"></td></tr>';
echo '</table></form>';
  }
?>
<br>
<a href="members_only.php">Members section</a>
</body>
</html>

Any ideas?

phprock

Try this

open php.in file
(may its here) c:/Windows/php.ini

And Change
session.save_path =/temp

session.save_path = C:/WINDOWS/temp

FULLAHiMHARD

Wow thanks alot phprock!

Obviously this does not work by default! Is there anyway around this so that it works on different setups with default php.ini? I have put the effort to develop without register globals as im learning php at the moment so one day i can develop for multiple installations on different hosting setups. If someone using my script uploads to a different host the script will not work for them if their host is on windows 🙁

Is there a better way to do this?

Thanks again mate

FiH

phprock

Bro I am a beginer.. 🙂

If someone using my script uploads to a different host the script will not work for them if their host is on windows

You don't have to worry about that.Your script will work on both windows and linux..world.

If the server is windows platform who ever setup php in that machine they have to change php settiong accroding to php setup instruction.. not YOU.

so start coding withought worrying about server platform...

I am sorry If i couldn't explained it well

FULLAHiMHARD

what i mean is i want to code my scripts to default webserver setups

If sessions do not work by default on windows servers than is there a better way of authentication to use? ie if your script users are clueless or do not have access to php.ini they cant exactly edit it.

Weedpacket

Originally posted by FULLAHiMHARD
what i mean is i want to code my scripts to default webserver setups

A default web server setup would have to be properly configured, wouldn't it? That's why there is a configuration file. It's a basic part of installation.

If your script users are clueless or do not have access to php.ini then either they shouldn't be trying to host a site, or whoever does have access to php.ini should have properly set it up.

FULLAHiMHARD

Ouch my ego hurts 🙁

I must have missed the docs on that part of configiration.

Thanks for the help guys