Profile Edit not working

Talon

I have been working on a decent CMS for some time now, as a form of me wanting to achieve higher standards in PHP. For some reason it isn't accepting the session or some other problem is occuring, which is preventing a user from seeing and editing their profile. Could someone please assist me in this.

<?PHP
include('config.php');
include('functions.php');

if(isset($_SESSION['logged_in']))
{
$session_username = $_SESSION['username'];
if(username_exists($session_username))
{
$get_info = mysql_query("SELECT Uname, Image, Email, Pcontact FROM users WHERE Uname = '$session_username' LIMIT 1");
if(mysql_num_rows($get_info) > 0)
{
$user_info = mysql_fetch_assoc($get_info);
if(!isset($_POST['image'])){

echo "<form action='profile.php' method='post'><br><br>";

echo "<center>User:<br> <input name='user' disabled='disabled' value=".$news_info[Uname]." type='text'></center><br>";
echo "<center>User:<br> <input name='image' value=".$news_info[image]." type='text'></center><br>";
echo "<center>User:<br> <input name='email' disabled='disabled' value=".$news_info[Email]." type='text'></center><br>";
echo "<center>User:<br> <input name='Pcontact'  value=".$news_info[Pcontact]." type='text'></center><br>";


$image = $_POST['image'];
$email = $_POST['email'];
$pcontact = $_POST['Pcontact'];

}
elseif(isset($_POST['story']))
{

$image = mysql_real_escape_string($_POST['image']);
$email = mysql_real_escape_string($_POST['email']);
$pcontact = mysql_real_escape_string($_POST['Pcontact']);

$sqlq = "UPDATE users SET Image = '$image', Email = '$email', Pcontact = '$pcontact' WHERE Uname = '$session_username'";

mysql_query($sqlq) or die(mysql_error());

echo "<a href='index.php'>Your Update has been complete. Click here to return</a>";
}
}
}
}else{
echo "Not Logged in yet";
}
?>

Note: it doesn't give me an error, it just says Not Logged in yet.

bretticus

Well, right off the bat, I see no session_start()...however, I'll assume that session_start is called from the included config.php file or sessions are turned on automatically in your php.ini, htaccess file, or apache config. If my assumption is wrong, that is definitely the problem. Since the if block failing is

if(isset($_SESSION['logged_in']))

and you're sure $_SESSION['logged_in'] is being set (and my assumption was correct), make sure your browser accepts cookies, and if you like it not accepting cookies, php (I believe it's the default) can append the session id to the URL. For troubleshooting purposes, you can install an HTML header viewer such as livehttpheaders for Firefox. Or ieHTTPHeaders for Internet Explorer. Check for the session id as a cookie in the response header. If it is not being passed, you may need to modify your configuration. For example, someone in this forum had their sessions being written (or not being written) to an unwritable folder. Good luck!