Session not working correctly

Alles, was PHP betrifft, kann hier besprochen werden.

Session not working correctly

Postby phpnewbie67 » 10. August 2006 18:30

I'm a newbie to PHP, so this may just be a configuration issue.

I have a small sample application that I'm using to learn PHP and the use of sessions. At the top of each page I have:

<?php
session_start();

.... // code...

?>

I'm experiencing two problems:

(1) If I set a varaible into session, I can change the value of that variable on while on the same page that created the variable, however, changes to that variable are not visible once I get to another page - I can only see the original value that was set.

(2) my login page first clears prior session values with session_unset() then reinitializes session with session_start(). I can enter an ID and password that are posted to the main.php page. On main, I have:

?php
session_start();

// authenticate the user
if (( $_POST['user']=='myuserid') AND ($_POST['pass']=='12345'))
{
// valid user
$_SESSION['id']=$_POST['user'];
$_SESSION['pw']=$_POST['pass'];
$_SESSION['auth']=1;
}
else
{
// invalid user
echo "access denied";
exit();
}
?>
<HTML>
<HEAD>
<TITLE>Main Page</TITLE>
</HEAD>

<BODY>

// markup...

</BODY>
</HTML>

This page work just fine if I don't provide the right credentials. If I login correctly, it also works fine. But then, if I go back to the login.php page and enter invalid ID or PW... I can still access the next page - the "valid user" portion of the if block gets excuted, even though the conditional test should have failed.

Please help! I'm trying to make the transition from JSP/Java to PHP, and what I'm running into should be easy to do, but is proving to be a real roadblock!

Regards,
- PHPNewbie67
phpnewbie67
 
Posts: 1
Joined: 10. August 2006 18:15

Postby hoergen » 12. January 2007 08:41

That has nothing to do with buggy code. There is a unhappy configuration in php.ini

Change the session.save_path to something like

Code: Select all
session.save_path = "0;600;C:\Temp


dem hoergen
hoergen
 
Posts: 11
Joined: 12. January 2007 08:30

Postby KingCrunch » 12. January 2007 09:52

Code: Select all
error_reporting(E_ALL);
at the top of each page please ;)
Nicht jeder Fehler ist ein Bug ...
KingCrunch
 
Posts: 1724
Joined: 26. November 2005 19:25

Postby sari42 » 13. January 2007 13:20

vielleicht so:
Code: Select all
{
// valid user
$_SESSION['id']=$_POST['user'];
$_SESSION['pw']=$_POST['pass'];
$_SESSION['auth']=1;
}
else
{
// invalid user
echo "access denied";
$_SESSION['id']='';
$_SESSION['pw']='';
$_SESSION['auth']=0;

// s. u. exit();
}
?

Nachtrag: auch das exit muß weg (oder vorher ein session_commit() ).
sari42
 
Posts: 800
Joined: 27. November 2005 18:28


Return to PHP

Who is online

Users browsing this forum: No registered users and 1 guest