Session handling

radicalmammal

Having some major problems with sessions, seached so many scripts and found one person with the sme prob, but no solutions.

Basically i am making a login system.

index.php loads login.php which has a script to check verified=yes from the session and if yes displays the users name and a log out link. If verified isnt yes it displays the login form which sends the data to checkuser.php

checkuser.php is fully working in regards to querying the database and performing one code if user and pass is ok, and another code if its wrong.

if the user is ok checkuser.php then sets verified=yes into the session variable and sends you back to index.php

index.php should now show your name and the logout link.

But it doesnt!

heres the code(simplified)
index.php
<?php
session_start();
header("Cache-control: private");
?>
<html>
<head>
<title></title>
</head>
<body>
<?include('login.php');
</body>
</html>

login.php
<?php

$authorized=$session["authorized"];
if ($authorized == "yes") {
echo'Hello <?echo $session["name"]?><br>';
echo'<a href="logout.php">Log out</a><br>';

}else{
echo'<form method="POST" action="checkuser.php" align="center">';
echo'<table width="100" border="1">';
echo'<tr><td>';
echo'<strong><u>Members Login</strong></u>';
echo'</td></tr>';
echo'<tr><td>';
echo'Username:<br>';
echo'<input name="username" type="text" value="" maxlength="20">';
echo'</td></tr>';
echo'<tr><td>';
echo'Password:<br>';
echo'<input name="password" type="password" value="" maxlength="20">';
echo'</td></tr>';
echo'<tr><td>';
echo'<a href="index.php?signup">Sign up</a>';
echo'</td></tr>';
echo'<tr><td>';
echo'<input type="submit" value="Login">';
echo'</td></tr>';
echo'</table>';
echo'</form>';
}

checkuser.php
<?php
session_start();
header("Cache-control: private");

//all check user/pass code - WORKING

if ($pass == "$row[1]"){

$session["authorized"]="yes";
$session["username"]="$row[0]";
$_session["name"]="$row[2]";

$returnpath = $_SERVER['HTTP_REFERER'];

session_write_close();

header("Location: index.php" );

}else{

wrong pass code}
?>

Have tested it with echos and within this page the value is stored.
However even using the identical echo code on index nothing is found within $_session['authorized']

The problem is somewhere in passing the session i assume but havent a clue on the solution.

btw no cookies are being stored on my computer from this page although cookies are enabled, dunno if this will help identify the problem.

Cheers,
Mark

thorpe

you dont call session_start() on your login page.

radicalmammal

it gave me the session already started error when i did that.
the login page is loaded into index using include() and i called session_start on index.

Also thats not the main problem, if one at all as ive tried placing echo $_session["authorize/name"] on the top of index.php with no result. The same line on checkuser.php works.

n2m

your $session is not in capital letters..
It MUST be in capital letters.. $SESSION
or else it will not work

radicalmammal

yea thats it.
cheers.

and yea thorpe that was needed as well, although before it gave me an error which was why i removed it.

But all working now 😃