Back To Programming / Scripting / Coding Forum

php SESSION var getting lost on my server.

  • kickoutbettman
  • Born
  • Born
  • No Avatar
  • Joined: Apr 08, 2009
  • Posts: 3
  • Status: Offline

Post April 8th, 2009, 8:42 am

Hi everyone.

I'm having a problem with my PHP session vars getting lost or not writing info at all.
So here's a couple of information.

1. IT IS WORKING on my localhost NT machine.
2. Where it's not working it's on my client host server. (FATCOW host at fatcow.com)
3. Host server is using PHP : 4.4.8

So basically I have a html login page (login.php)
Then login.php send info to (login-exec.php) (Here I check my database to see if username exist and if so redirect using header...
Then the redirection goes to a "member page" where I require('auth.php') to check if session exist if no I get redirected to ACCESS DENIED PAGE
And there's the problem, it always give me the access denied page.

So here's my code.

login-exec.php
Code: [ Select ]
 
    <?php
    //Start session
    session_start();
   
    //Include database connection details
    require_once('../Connections/golf_stats.php');
   
    //Array to store validation errors
    $errmsg_arr = array();
   
    //Validation error flag
    $errflag = false;
   
    //Connect to mysql server
    $link = mysql_connect($hostname_golf, $username_golf_stats, $password_golf_stats);
    if(!$link) {
        die('Failed to connect to server: ' . mysql_error());
    }
   
    //Select database
    $db = mysql_select_db($database_golf_stats, $golf_stats);
    if(!$db) {
        die("Unable to select database");
    }
   
    //Function to sanitize values received from the form. Prevents SQL injection
    function clean($str) {
        $str = @trim($str);
        if(get_magic_quotes_gpc()) {
            $str = stripslashes($str);
        }
        return mysql_real_escape_string($str);
    }
   
    //Sanitize the POST values
       
    $login = clean($_POST['login']);
    $password = clean($_POST['password']); 
   
    //Input Validations
    if($login == '') {
        $errmsg_arr[] = 'Login ID missing';
        $errflag = true;
    }
    if($password == '') {
        $errmsg_arr[] = 'Password missing';
        $errflag = true;
    }
   
    //If there are input validations, redirect back to the login form
    if($errflag) {
        $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
        session_write_close();
        header("location: login.php");
        exit();
    }
   
    //Create query     
    mysql_select_db($database_golf_stats, $golf_stats);
    $query_members = "SELECT * FROM members WHERE username = '$login'";
    $list_members = mysql_query($query_members, $golf_stats) or die(mysql_error());
    $row_members = mysql_fetch_assoc($list_members);
    $totalRows_members = mysql_num_rows($list_members); 
       
    //Check whether the query was successful or not
    if($list_members) {
        if($totalRows_members == 1) {
            //Login Successful         
            $_SESSION['SESS_MEMBER_USERNAME'] = $row_members['username'];
            $_SESSION['SESS_JOUEUR_ID'] = $row_members['idJoueur'];
            $_SESSION['SESS_JOUEUR_NAME'] = $row_members['name'];
           
            session_write_close();
            header("location: ../members/members-index.php");
            exit();
        }else {
            //Login failed
            header("location: login-failed.php");
            exit();
        }
    }else {
        die("Queryisfailed");
    }
?>
 
  1.  
  2.     <?php
  3.     //Start session
  4.     session_start();
  5.    
  6.     //Include database connection details
  7.     require_once('../Connections/golf_stats.php');
  8.    
  9.     //Array to store validation errors
  10.     $errmsg_arr = array();
  11.    
  12.     //Validation error flag
  13.     $errflag = false;
  14.    
  15.     //Connect to mysql server
  16.     $link = mysql_connect($hostname_golf, $username_golf_stats, $password_golf_stats);
  17.     if(!$link) {
  18.         die('Failed to connect to server: ' . mysql_error());
  19.     }
  20.    
  21.     //Select database
  22.     $db = mysql_select_db($database_golf_stats, $golf_stats);
  23.     if(!$db) {
  24.         die("Unable to select database");
  25.     }
  26.    
  27.     //Function to sanitize values received from the form. Prevents SQL injection
  28.     function clean($str) {
  29.         $str = @trim($str);
  30.         if(get_magic_quotes_gpc()) {
  31.             $str = stripslashes($str);
  32.         }
  33.         return mysql_real_escape_string($str);
  34.     }
  35.    
  36.     //Sanitize the POST values
  37.        
  38.     $login = clean($_POST['login']);
  39.     $password = clean($_POST['password']); 
  40.    
  41.     //Input Validations
  42.     if($login == '') {
  43.         $errmsg_arr[] = 'Login ID missing';
  44.         $errflag = true;
  45.     }
  46.     if($password == '') {
  47.         $errmsg_arr[] = 'Password missing';
  48.         $errflag = true;
  49.     }
  50.    
  51.     //If there are input validations, redirect back to the login form
  52.     if($errflag) {
  53.         $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
  54.         session_write_close();
  55.         header("location: login.php");
  56.         exit();
  57.     }
  58.    
  59.     //Create query     
  60.     mysql_select_db($database_golf_stats, $golf_stats);
  61.     $query_members = "SELECT * FROM members WHERE username = '$login'";
  62.     $list_members = mysql_query($query_members, $golf_stats) or die(mysql_error());
  63.     $row_members = mysql_fetch_assoc($list_members);
  64.     $totalRows_members = mysql_num_rows($list_members); 
  65.        
  66.     //Check whether the query was successful or not
  67.     if($list_members) {
  68.         if($totalRows_members == 1) {
  69.             //Login Successful         
  70.             $_SESSION['SESS_MEMBER_USERNAME'] = $row_members['username'];
  71.             $_SESSION['SESS_JOUEUR_ID'] = $row_members['idJoueur'];
  72.             $_SESSION['SESS_JOUEUR_NAME'] = $row_members['name'];
  73.            
  74.             session_write_close();
  75.             header("location: ../members/members-index.php");
  76.             exit();
  77.         }else {
  78.             //Login failed
  79.             header("location: login-failed.php");
  80.             exit();
  81.         }
  82.     }else {
  83.         die("Queryisfailed");
  84.     }
  85. ?>
  86.  



And here's my AUTH.php file

Code: [ Select ]
 
<?php
        session_start();   
 
    //Check whether the session variable SESS_MEMBER_ID is present or not
    if(!isset($_SESSION['SESS_MEMBER_USERNAME'])) {
        header("location: ../login/access-denied.php");
        exit();
    }
?>
 
  1.  
  2. <?php
  3.         session_start();   
  4.  
  5.     //Check whether the session variable SESS_MEMBER_ID is present or not
  6.     if(!isset($_SESSION['SESS_MEMBER_USERNAME'])) {
  7.         header("location: ../login/access-denied.php");
  8.         exit();
  9.     }
  10. ?>
  11.  


I've seen 1000 of posts with people having the same problem, but I can't resolve my issue.

I did use session_write_close(); before the header redirection.
I did use session_start() for every pages that uses $SESSION['xxx']
Again like I said, it works on my localhost machine.

Thank you very much in advance for your help.
  • Anonymous
  • Bot
  • No Avatar
  • Joined: 25 Feb 2008
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post April 8th, 2009, 8:42 am

  • Flanders
  • Beginner
  • Beginner
  • User avatar
  • Joined: Feb 27, 2006
  • Posts: 48
  • Loc: Reno, Nevada US
  • Status: Offline

Post April 8th, 2009, 6:49 pm

I've had problems with sessions before where I had to go in to the .ini file for the PHP installation and set the location where the server stores it's session info. You might look into that...

Good Luck
  • Bogey
  • Bogey
  • Genius
  • User avatar
  • Joined: Jul 14, 2005
  • Posts: 8211
  • Loc: USA
  • Status: Offline

Post April 8th, 2009, 7:46 pm

I've never had any trouble with my sessions and I use them in all of my scripts.

I don't know what to tell you besides what Flanders told you.
"Bring forth therefore fruits meet for repentance:" Matthew 3:8
  • kickoutbettman
  • Born
  • Born
  • No Avatar
  • Joined: Apr 08, 2009
  • Posts: 3
  • Status: Offline

Post April 9th, 2009, 5:20 am

Thank you Flanders, I found this answer.
I had to ask my host to set the location where the server stores it's session info. I don't why it wasn't already set by default au the server, but anyway it's working now.
thanks
  • tashi_w
  • Born
  • Born
  • No Avatar
  • Joined: Oct 17, 2010
  • Posts: 1
  • Status: Offline

Post October 17th, 2010, 11:29 pm

I am facing a similar problem.
I have a user session which only works on the localhost. The session
value gets disappeared when i access over the network. My session_save_path is correct unlike the above.
I am doubting whether it is a server configuration problem.

Did any one face such a problem? If you have a solution I am very much
in need.

Please help me.
  • dad
  • Born
  • Born
  • No Avatar
  • Joined: Feb 23, 2012
  • Posts: 1
  • Status: Offline

Post February 23rd, 2012, 9:09 pm

I had sma problem on windows 7 Sessions were dropping out as soon as it went to the next page (form action) and I guess it found a session start there and could not access the session variables. windows security requires all folders to be owned by user. the session folder C:\ProgramData\PHP\sessions needed to be owned from PHP down with windows 7 security.
  • Zealous
  • Guru
  • Guru
  • User avatar
  • Joined: Apr 15, 2011
  • Posts: 1195
  • Loc: Sydney
  • Status: Offline

Post February 26th, 2012, 7:22 am

dad wrote:
I had sma problem on windows 7 Sessions were dropping out as soon as it went to the next page (form action) and I guess it found a session start there and could not access the session variables. windows security requires all folders to be owned by user. the session folder C:\ProgramData\PHP\sessions needed to be owned from PHP down with windows 7 security.


i would suggest using VMware and have ubuntu installed so you can have a industry standard setup so when you move it over there will be a direct swap.

Page 1 of 1

Post Information

  • Total Posts in this topic: 7 posts
  • Users browsing this forum: No registered users and 231 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
cron
 

© 2011 Unmelted, LLC. Ozzu® is a registered trademark of Unmelted, LLC.