PDA

View Full Version : Help with php sessions



sukanya.paul
08-20-2008, 10:21 AM
hi,
i am creating a site in which a login page has to be created using sessions and after logging in we have to check using session session if user is logged in and only then give him access to the pages in the site.
also i require the username in each page.how do i get it through session?
please help.
thanks in advance..
Suk

djr33
08-20-2008, 05:59 PM
Include in every page this:
<?php session_start(); ?>

Then you can get and store values in $_SESSION like this:
$var = $_SESSION['var'];
And:
$_SESSION['var'] = $var;

You can access those values for the length of the session on any page with session_start() at the top.

You MUST put session_start() before ANY text output, or it will cause an error.

JShor
08-21-2008, 02:11 AM
Code please?

djr33
08-21-2008, 04:13 AM
If you need a full, working code, that takes a long time to write. Twey has a script around (do a search) which works without much setup. There are other scripts, too.
All I explained above was how to use Session variables when you need them.
A login is just a complex setup using session and forms, and checking if the session is verified.

JShor
08-21-2008, 10:33 PM
hehe, i wasn't asking you for code, i was asking the original poster of this thread for some starting code for me to help ;-)

djr33
08-22-2008, 06:01 AM
Oh, I misunderstood. You're right, though I gave a general answer because code wasn't posted. sukanya may just want some ideas of where to start.

sukanya.paul
08-25-2008, 10:30 AM
thanks for the replies,
my query is that i have used session_register('$var'); but i am not able to retrieve the value when i am going to other pages.Also when i am checking if(session_is_registered('user')) the answer is always true.

admin_login.php


<div id="main2">
<div>
<h2>Admin Login</h2>
<p>&nbsp;</p>


<form action="log_code.php" method="POST">
<table width="100%" border="1" cellpadding="10" cellspacing="5 " bordercolor="#E0DFE3" >
<tr>
<td width="23%" id="t_uname">Username:&nbsp;&nbsp;</td>
<td width="77%"><input name="username" type="text" size="20" /></td>
</tr>
<tr>
<td id="t_pword">Password:&nbsp;&nbsp;</td>
<td><input name="password" type="password" size="20" /></td>
</tr>
<tr>
<td >&nbsp;&nbsp;</td>
<td><input type="submit" value="Submit" name="login"> &nbsp;<a href="changepw.php">Change password?</a></td>
</tr>
</table>

</form>


<p>&nbsp;</p>
</div>
</div>



log_code.php

<?PHP
//check that the user is calling the page from the login form and not accessing it directly
//and redirect back to the login form if necessary
//convert the field values to simple variables

//add slashes to the username and md5() the password
$user = addslashes($_POST['username']);
$pass = $_POST['password'];


$con = mysql_connect("localhost", "root", "");
if(!$con)
{
die("could not connect" . mysql_error());
}
mysql_select_db("db_dayak", $con);

$result=mysql_query("select * from registration where email='$user' AND password='$pass'");

//check that at least one row was returned

$rowCheck = mysql_num_rows($result);
if($rowCheck > 0)
{
while($row = mysql_fetch_array($result))
{
//start the session and register a variable
session_start();
session_register('user');
$type=$row['type'];
$user=$row['email'];
$fn=$row['first_name'];
$ln=$row['last_name'];
$name= $fn.$ln;

if ($type=='employer')
{
include('employer.php');
}
else if ($type=='recruiter')
{
include('recruiter.php');
}

}

}
else {

//if nothing is returned by the query, unsuccessful login code goes here...

echo 'Incorrect login name or password. Please try again.';
}

?>

employer.php

<?php

//start the session
session_start();

//check to make sure the session variable is registered
if(session_is_registered('user')){

//the session variable is registered, the user is allowed to see anything that follows
$username=$user;
echo $username;

?>

<html>
<body>
Some code
</body>
</html>
<?php
}
else{

//the session variable isn't registered, send them back to the login page
echo "You have been logged out.Please login.";
}

?>


From employer.php or recruiter.php i have many subpages where i need to check is the user is logged in and also the username for retrieving mysql values.But i am not able to.

Please help if possible.
Thanks..Suk

sukanya.paul
08-26-2008, 09:20 AM
Anyone???any hint??

djr33
08-26-2008, 10:39 AM
I don't see why you'd be using those functions. As I posted above, just using $_SESSION['variable'] is fine. So you can use $_SESSION['a'] = 'value';, or you can check if it is set like: if (isset($_SESSION['a'])).
Seems easier to me.
However, if you do want to use them, I'd just say copy an example from php.net to see how they work.

Nightfire
08-27-2008, 01:40 AM
session_register() is depreciated, since php 4.3 I think it was. You should use the super global $_SESSION[]

sukanya.paul
08-28-2008, 09:48 AM
Thanks..will try to use your method..