Problem with sessions

nickk

Hi,

This is the first time I use sessions, and I can't figure out why it doesnt work. I have 2 scripts, login.php and view.php. A user enters a password in login.php, which is saves in $SESSION['password']. In view.php, $SESSION['password'] is checked again. This doesnt seem to work, I keep getting a bad password error. Check below for the important parts of both scripts.

			if(!check_pass($password)) {
				echo "<b>Wrong password, please go back and try again</b>";
			} else {
				$_SESSION['password'] = $password;
				print_classes();
			}

view.php:

		function check_sess($sess_pass) {
			if($sess_pass == "password") {
				return 1;
			} else {
				return 0;
			}
		} //end check_sess

.
.
.
.

if(!check_sess($sess_pass)) {
				echo "<b><a href=login.php>Login here (bad password)</a></b>";
			} else {
				$class = $_GET['class'];
				display($class);
			}

I keep getting "Login here (bad password)" so I assume the password isnt passed properly through the session. Both pages have sessions initialized properly with the following, so thats not the problem:

<?php
	session_start();
	header("Cache-control: private"); // IE 6 Fix. 
?>

Kudose

Where is your password checking function?

Where are you setting a value to $sess_pass?

Please provide more complete code...

Kudose

Also, you should be looking for the return on your function, not if it is true.

i.e.

if(check_sess($sess_pass) == 1) {
                echo "<b><a href=login.php>Login here (bad password)</a></b>";
            } else {
                $class = $_GET['class'];
                display($class);
            }

Riddick

Hi, try this maybe it’s your problem.

if(!check_pass($password)) {
echo "<b>Wrong password, please go back and try again</b>";
} else {
session_start();
session_register(password);
$password = $password;
print_classes();
}

nickk

I narrowed down the problem to the following: the session variable "password" is set properly, as I can see it at login.php, but it is not sent properly, as it is not available on view.php. Thanks for the replies. Kudose, I corrected the function, but that wasn't the problem. Riddick, session_start(); has to be the first thing that is on yuor page, you cannot put it in halfways down, etc. This is my password checking function, allthough I don't think it makes much of a difference:

		function check_sess($sess_pass) {
			if($sess_pass == "password") {
				return 1;
			} else {
				return 0;
			}
		} //end check_sess

Any other suggestions would be appreciated.

Kudose

$sess_pass = $_SESSION['password'];
function check_sess($sess_pass) {
            if($sess_pass == "password") {
                return 1;
            } else {
                return 0;
            }
        } //end check_sess