php SESSION var getting lost on my server.

  • kickoutbettman
  • Born
  • Born
  • kickoutbettman
  • Posts: 3

Post 3+ Months Ago

Hi everyone.

I'm having a problem with my PHP session vars getting lost or not writing info at all.
So here's a couple of information.

1. IT IS WORKING on my localhost NT machine.
2. Where it's not working it's on my client host server. (FATCOW host at fatcow.com)
3. Host server is using PHP : 4.4.8

So basically I have a html login page (login.php)
Then login.php send info to (login-exec.php) (Here I check my database to see if username exist and if so redirect using header...
Then the redirection goes to a "member page" where I require('auth.php') to check if session exist if no I get redirected to ACCESS DENIED PAGE
And there's the problem, it always give me the access denied page.

So here's my code.

login-exec.php
Code: [ Select ]
 
    <?php
    //Start session
    session_start();
   
    //Include database connection details
    require_once('../Connections/golf_stats.php');
   
    //Array to store validation errors
    $errmsg_arr = array();
   
    //Validation error flag
    $errflag = false;
   
    //Connect to mysql server
    $link = mysql_connect($hostname_golf, $username_golf_stats, $password_golf_stats);
    if(!$link) {
        die('Failed to connect to server: ' . mysql_error());
    }
   
    //Select database
    $db = mysql_select_db($database_golf_stats, $golf_stats);
    if(!$db) {
        die("Unable to select database");
    }
   
    //Function to sanitize values received from the form. Prevents SQL injection
    function clean($str) {
        $str = @trim($str);
        if(get_magic_quotes_gpc()) {
            $str = stripslashes($str);
        }
        return mysql_real_escape_string($str);
    }
   
    //Sanitize the POST values
       
    $login = clean($_POST['login']);
    $password = clean($_POST['password']); 
   
    //Input Validations
    if($login == '') {
        $errmsg_arr[] = 'Login ID missing';
        $errflag = true;
    }
    if($password == '') {
        $errmsg_arr[] = 'Password missing';
        $errflag = true;
    }
   
    //If there are input validations, redirect back to the login form
    if($errflag) {
        $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
        session_write_close();
        header("location: login.php");
        exit();
    }
   
    //Create query     
    mysql_select_db($database_golf_stats, $golf_stats);
    $query_members = "SELECT * FROM members WHERE username = '$login'";
    $list_members = mysql_query($query_members, $golf_stats) or die(mysql_error());
    $row_members = mysql_fetch_assoc($list_members);
    $totalRows_members = mysql_num_rows($list_members); 
       
    //Check whether the query was successful or not
    if($list_members) {
        if($totalRows_members == 1) {
            //Login Successful         
            $_SESSION['SESS_MEMBER_USERNAME'] = $row_members['username'];
            $_SESSION['SESS_JOUEUR_ID'] = $row_members['idJoueur'];
            $_SESSION['SESS_JOUEUR_NAME'] = $row_members['name'];
           
            session_write_close();
            header("location: ../members/members-index.php");
            exit();
        }else {
            //Login failed
            header("location: login-failed.php");
            exit();
        }
    }else {
        die("Queryisfailed");
    }
?>
 
  1.  
  2.     <?php
  3.     //Start session
  4.     session_start();
  5.    
  6.     //Include database connection details
  7.     require_once('../Connections/golf_stats.php');
  8.    
  9.     //Array to store validation errors
  10.     $errmsg_arr = array();
  11.    
  12.     //Validation error flag
  13.     $errflag = false;
  14.    
  15.     //Connect to mysql server
  16.     $link = mysql_connect($hostname_golf, $username_golf_stats, $password_golf_stats);
  17.     if(!$link) {
  18.         die('Failed to connect to server: ' . mysql_error());
  19.     }
  20.    
  21.     //Select database
  22.     $db = mysql_select_db($database_golf_stats, $golf_stats);
  23.     if(!$db) {
  24.         die("Unable to select database");
  25.     }
  26.    
  27.     //Function to sanitize values received from the form. Prevents SQL injection
  28.     function clean($str) {
  29.         $str = @trim($str);
  30.         if(get_magic_quotes_gpc()) {
  31.             $str = stripslashes($str);
  32.         }
  33.         return mysql_real_escape_string($str);
  34.     }
  35.    
  36.     //Sanitize the POST values
  37.        
  38.     $login = clean($_POST['login']);
  39.     $password = clean($_POST['password']); 
  40.    
  41.     //Input Validations
  42.     if($login == '') {
  43.         $errmsg_arr[] = 'Login ID missing';
  44.         $errflag = true;
  45.     }
  46.     if($password == '') {
  47.         $errmsg_arr[] = 'Password missing';
  48.         $errflag = true;
  49.     }
  50.    
  51.     //If there are input validations, redirect back to the login form
  52.     if($errflag) {
  53.         $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
  54.         session_write_close();
  55.         header("location: login.php");
  56.         exit();
  57.     }
  58.    
  59.     //Create query     
  60.     mysql_select_db($database_golf_stats, $golf_stats);
  61.     $query_members = "SELECT * FROM members WHERE username = '$login'";
  62.     $list_members = mysql_query($query_members, $golf_stats) or die(mysql_error());
  63.     $row_members = mysql_fetch_assoc($list_members);
  64.     $totalRows_members = mysql_num_rows($list_members); 
  65.        
  66.     //Check whether the query was successful or not
  67.     if($list_members) {
  68.         if($totalRows_members == 1) {
  69.             //Login Successful         
  70.             $_SESSION['SESS_MEMBER_USERNAME'] = $row_members['username'];
  71.             $_SESSION['SESS_JOUEUR_ID'] = $row_members['idJoueur'];
  72.             $_SESSION['SESS_JOUEUR_NAME'] = $row_members['name'];
  73.            
  74.             session_write_close();
  75.             header("location: ../members/members-index.php");
  76.             exit();
  77.         }else {
  78.             //Login failed
  79.             header("location: login-failed.php");
  80.             exit();
  81.         }
  82.     }else {
  83.         die("Queryisfailed");
  84.     }
  85. ?>
  86.  



And here's my AUTH.php file

Code: [ Select ]
 
<?php
        session_start();   
 
    //Check whether the session variable SESS_MEMBER_ID is present or not
    if(!isset($_SESSION['SESS_MEMBER_USERNAME'])) {
        header("location: ../login/access-denied.php");
        exit();
    }
?>
 
  1.  
  2. <?php
  3.         session_start();   
  4.  
  5.     //Check whether the session variable SESS_MEMBER_ID is present or not
  6.     if(!isset($_SESSION['SESS_MEMBER_USERNAME'])) {
  7.         header("location: ../login/access-denied.php");
  8.         exit();
  9.     }
  10. ?>
  11.  


I've seen 1000 of posts with people having the same problem, but I can't resolve my issue.

I did use session_write_close(); before the header redirection.
I did use session_start() for every pages that uses $SESSION['xxx']
Again like I said, it works on my localhost machine.

Thank you very much in advance for your help.
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • Flanders
  • Beginner
  • Beginner
  • User avatar
  • Posts: 48
  • Loc: Reno, Nevada US

Post 3+ Months Ago

I've had problems with sessions before where I had to go in to the .ini file for the PHP installation and set the location where the server stores it's session info. You might look into that...

Good Luck
  • Bogey
  • Genius
  • Genius
  • Bogey
  • Posts: 8388
  • Loc: USA

Post 3+ Months Ago

I've never had any trouble with my sessions and I use them in all of my scripts.

I don't know what to tell you besides what Flanders told you.
  • kickoutbettman
  • Born
  • Born
  • kickoutbettman
  • Posts: 3

Post 3+ Months Ago

Thank you Flanders, I found this answer.
I had to ask my host to set the location where the server stores it's session info. I don't why it wasn't already set by default au the server, but anyway it's working now.
thanks
  • tashi_w
  • Born
  • Born
  • tashi_w
  • Posts: 1

Post 3+ Months Ago

I am facing a similar problem.
I have a user session which only works on the localhost. The session
value gets disappeared when i access over the network. My session_save_path is correct unlike the above.
I am doubting whether it is a server configuration problem.

Did any one face such a problem? If you have a solution I am very much
in need.

Please help me.
  • dad
  • Born
  • Born
  • dad
  • Posts: 1

Post 3+ Months Ago

I had sma problem on windows 7 Sessions were dropping out as soon as it went to the next page (form action) and I guess it found a session start there and could not access the session variables. windows security requires all folders to be owned by user. the session folder C:\ProgramData\PHP\sessions needed to be owned from PHP down with windows 7 security.
  • Zealous
  • Guru
  • Guru
  • User avatar
  • Posts: 1240
  • Loc: Sydney

Post 3+ Months Ago

dad wrote:
I had sma problem on windows 7 Sessions were dropping out as soon as it went to the next page (form action) and I guess it found a session start there and could not access the session variables. windows security requires all folders to be owned by user. the session folder C:\ProgramData\PHP\sessions needed to be owned from PHP down with windows 7 security.


i would suggest using VMware and have ubuntu installed so you can have a industry standard setup so when you move it over there will be a direct swap.

Post Information

  • Total Posts in this topic: 7 posts
  • Users browsing this forum: No registered users and 123 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
cron
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.