[RESOLVED] session variables - confirm page not confirming

LesSjo

I am not able to get information from session variables to pass to any following pages. Can you help me? Attached is some of the code from the login page and the 2nd page that is being directed to.

<?php require_once('Connections/snsphp.php'); ?>
<?php
$colname_rsLogin = "1";
if (isset($_SESSION['SVuser'])) {
  $colname_rsLogin = (get_magic_quotes_gpc()) ? $_SESSION['SVuser'] : addslashes($_SESSION['SVuser']);
}
mysql_select_db($database_snsphp, $snsphp);
$query_rsLogin = sprintf("SELECT username, password FROM Login WHERE username = '%s'", $colname_rsLogin);
$rsLogin = mysql_query($query_rsLogin, $snsphp) or die(mysql_error());
$row_rsLogin = mysql_fetch_assoc($rsLogin);
$totalRows_rsLogin = mysql_num_rows($rsLogin);
?>
<?php
// *** Validate request to login to this site.
session_start();

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($accesscheck)) {
  $GLOBALS['PrevUrl'] = $accesscheck;
  session_register('PrevUrl');
}

if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "landingpage.php";
  $MM_redirectLoginFailed = "login.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_snsphp, $snsphp);

  $LoginRS__query=sprintf("SELECT username, password FROM Login WHERE username='%s' AND password='%s'",
    get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); 

  $LoginRS = mysql_query($LoginRS__query, $snsphp) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";

//declare two session variables and assign them
$GLOBALS['MM_Username'] = $loginUsername;
$GLOBALS['MM_UserGroup'] = $loginStrGroup;	      

//register the session variables
session_register("MM_Username");
session_register("MM_UserGroup");

if (isset($_SESSION['PrevUrl']) && false) {
  $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
}
header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>

<html>
<head>
</head>
<body>
<form ACTION="<?php echo $loginFormAction; ?>" method="POST" name="loginForm" id="loginForm">
<table>
  <tr>
.
.
.
    <td colspan="2">Please log in:</td>
.
.
.
    <td>User Name:</td>
    <td><input name="username" type="text" id="username" size="20" maxlength="50"></td>
  </tr>
  <tr>
    <td>Password:</td>
    <td><input name="password" type="password" id="password" size="12" maxlength="12"></td>
  </tr>
.
. 
.
</table>
</form>
</body>
</html>
<?php
mysql_free_result($rsLogin);
?>

2nd page:

<?php require_once('Connections/snsphp.php'); ?>
<?php
//initialize the session
session_start();
if (isset($_POST['username'])) {
$_SESSION['SVuser'] = $_POST['username'];
}
if (isset($_SESSION['SVuser'])) {
echo $_SESSION['SVuser'];
}
else {
echo 'No username set';
}

// ** Logout the current user. **
$logoutAction = $_SERVER['PHP_SELF']."?doLogout=true";
if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){
  $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){
  //to fully log out a visitor we need to clear the session varialbles
  session_unregister('MM_Username');
  session_unregister('MM_UserGroup');

  $logoutGoTo = "home.htm";
  if ($logoutGoTo) {
    header("Location: $logoutGoTo");
    exit;
  }
}
?>
<?php
$colname_rsLogin = "1";
if (isset($_SESSION['SVuser'])) {
  $colname_rsLogin = (get_magic_quotes_gpc()) ? $_SESSION['SVuser'] : addslashes($_SESSION['SVuser']);
}
mysql_select_db($database_snsphp, $snsphp);
$query_rsLogin = sprintf("SELECT username FROM Login WHERE username = '%s'", $colname_rsLogin);
$rsLogin = mysql_query($query_rsLogin, $snsphp) or die(mysql_error());
$row_rsLogin = mysql_fetch_assoc($rsLogin);
$totalRows_rsLogin = mysql_num_rows($rsLogin);
?>

<html>
<head>
</head>
<body>

<table width="968" height="860" >
  <tr>
    <td><p><?php echo $row_rsUser['username']; ?></p>
	<p><a href="You are logged in as: <?php echo $logoutAction ?>">Log Out</a></p>
	<p><a href="changeinfo.htm">Change My User Information</a></p>
.
.
.
    </td>
  </tr>
</table>
</body>
</html>
<?php
mysql_free_result($rsLogin);
?>

At the top of the second page I get "No user name set". (I needed to test to see if anything was coming across.)
The section after "You are logged in as:" is blank.

I am designing with Dreamweaver MX, a first for me - and requiring login and session variables is also a first.

Can someone help me please?

paulnaj

Hi,

Could be that the call to session_start() comes after the first reference to $_SESSION on the login page ... has to come before.

Paul 🙂

LesSjo

I moved session_start() to the beginning.

<?php require_once('Connections/snsphp.php'); ?>
<?php
// *** Validate request to login to this site.
session_start();

$colname_rsLogin = "1";
if (isset($_SESSION['SVuser'])) {
  $colname_rsLogin = (get_magic_quotes_gpc()) ? $_SESSION['SVuser'] : addslashes($_SESSION['SVuser']);
}

Still doesn't work. :queasy:

Anything else?

paulnaj

Hi again,

Hmmm, not sure ... are the other session variables working OK?

If so, you could try registering the variable explicitly at the top of the 2nd page (as in other parts of the script) ...

<?php require_once('Connections/snsphp.php'); ?>
<?php 
//initialize the session
session_start();
if (isset($_POST['username'])) {
// $_SESSION['SVuser'] = $_POST['username'];
$GLOBALS['SVuser'] = $_POST['username'];
session_register('SVuser');
}
if (isset($_SESSION['SVuser'])) {
echo $_SESSION['SVuser'];
}
else {
echo 'No username set';
}

// ...
?>

Paul 🙂

LesSjo

I added the session_register('SVuser') to the 2nd page, and still no go.
To my knowledge, I am not getting any results in any page through session variables.

To put it mildly, I have been going around and around with this problem trying different techniques, php vs. asp, MySQL vs. MsSQL... to say the least - I'm a bit frustrated 😕

I know this can be done. I've seen it on countless other pages. What gets me is that this is the easiest of the pages that I have to work on and it is taking me FOREVER! (Sorry for shouting) :o

At least I have the database set up and everything is getting loaded okay. I just need to be able to carry the information through. It can't be that difficult.

wreed

This is a method I use...

This is from a login page with username and password fields, I post to validate.php....here is validate.php. My login page is just a simple form page.

<?php
	include '../connection.php';

$user_name = $_POST['user_name'];
$password = $_POST['password'];

//connect to the DB and select the "dictator" database
$connection = mysql_connect($host, $user, $pass) or die(mysql_error());
mysql_select_db($db, $connection) or die(mysql_error());

//set up the query
$query = "SELECT * FROM msa_admin_users 
		WHERE user_name='$user_name' AND password='$password'";

//run the query and get the number of affected rows
$result = mysql_query($query) or die(mysql_error());
$affected_rows = mysql_num_rows($result) or die(mysql_error());

//if there's exactly one result, the user is validated. Otherwise, he's invalid
if($affected_rows == 1) {
	$_SESSION['user_name'] = $user_name;
	echo "<script LANGUAGE=JavaScript> self.location=\"index.php\";</script>";
}
else {
	echo "<script LANGUAGE=JavaScript> self.location=\"login.php\";</script>";
}
?>

Here is index.php or any page here i put this code at the top of the page...

<?php
	session_start();
	if(empty($_SESSION['user_name'])) {
		die('An error has ocurred. It may be that you have not logged in, or that your session has expired.
			Please try <a href="login.php">logging in</a> again or contact the 
			<a href="mailto:x@x.com">administrator</a>');
	}
?>

Maybe this will get you in the right direction?

tony_l

if (isset($_POST['username'])) {
$_SESSION['SVuser'] = $_POST['username'];
}
if (isset($_SESSION['SVuser'])) {
echo $_SESSION['SVuser'];
}
else {
echo 'No username set';
}

Does this simple test on your 2cd page work? If it is stating that 'No username set' , then I may have a suggestion.....

$_POST variables are automatically global to the script that created it and the script it is being passed to via a method such as a form.

Your form is contained in page 1, and is also where you are handling everything.

Your reference to $POST['username'] is on page 2, which has no $POST variables passed to it (Although I could have missed it if you had).

paulnaj

Hi all,

Tony's onto something there, but what I don't understand is, having submitted the form ...

<form ACTION="<?php echo $loginFormAction; ?>" method="POST" name="loginForm" id="loginForm">

... which doesn't go to page 2 at all (it goes back to login.php), how on earth is the line ...

echo 'No username set'; // from page 2 !!

... executed!!

Paul.

LesSjo

Dreamweaver is great for some things, but when you tell it to do something, it doesn't always listen completely.

On the login page Dreamweaver had placed these variables...

    //declare two session variables and assign them
    $GLOBALS['MM_Username'] = $loginUsername;
    $GLOBALS['MM_UserGroup'] = $loginStrGroup;

I thought that was smart code for the variables I had already set :o

When I changed 'MM_Username' to 'SVuser'
and 'MM_UserGroup' to 'SVgroup'
everything is coming up roses! :p

Thanks for all your help. Sometimes you just need to bounce off someone else.

LS 🆒