CODEWITHSUNDEEP
phpsessionauthentication
Carrot
Carrot

Reputation: 197

php session doesn't work

How it should work: Index.php is the secured page. It includes check.php, which checks if you have a session = good. If it hasn't, you're not logged in -> log off, remove session. But it doesn't work, it always logs off, like I didn't log in...

index.php

include ‘check.php’;
echo "logged in";

check.php

session_start();
if($_SESSION[‘login’] != ‘good’) {
unset($_SESSION[‘login’]);
unset($_SESSION[‘name’]);
header(‘Location: login.php?logoff’);
exit();
}

Login.php

if(isset($_POST[‘login’])) {
$gb = array();
$gb[‘user1’] = ‘pass1’;
$gb[‘user2’] = ‘pass2’;
if(isset($gb[$_POST[‘username’]]) && $gb[$_POST[‘username’]] == $_POST[‘password’])
{ 
$_SESSION[‘login’] = ‘good’;
$_SESSION[‘name’] = $_POST[‘name’];

header("Location: index.php");
} else {

header("Location: login.php?wrongpass");

}

} else { ?>
Login Form
<?php } ?>

I hope someone can help me!

Upvotes: 3

Views: 26441

Answers (8)

Giorgi Peikrishvili
Giorgi Peikrishvili

Reputation: 247

You should verify you started the session in login.php.

Upvotes: 3

Taher Khan
Taher Khan

Reputation: 11

I think problem is header:

('location:------.php);

Your hosting server doesn't run this. You can use this:

echo "<script>window.location.href='-----.php'</script>";

Upvotes: 0

RDK
RDK

Reputation: 4560

Use one for action document such as index.php there is code:

session_start();
if(isset($_POST['login']) && isset($_POST['password'])){
   // login
   header('Location: (here is some page)');
}
if(!isset($_SESSION['user']){
  // @todo some action
} else {
  require_once('login.php');
}

if(isset($_GET['logout'])){
   unset($_SESSION['user']);
   header('Location: (here is some page)');
}

Upvotes: 1

Dorvalla
Dorvalla

Reputation: 5240

if($count==1){
    session_start();    
    $_SESSION['Username'] = $UserName;
    $_SESSION['Password'] = $password;
    UpdateOnlineChecker($Session);
    header( "Location: http://". strip_tags( $_SERVER ['HTTP_HOST'] ) ."/newHolo/" );
    exit;
}
else {
    echo "Wrong Username or Password";
}

Look at my code. It checks if the statement is true (for me, if there is one row with a query statement i execute). Then i start a session and basically Ill define global session variables, sned out a query to my database to update the session and then refer through.

you are missing a session_start(); in your if true block.

Upvotes: 1

BugFinder
BugFinder

Reputation: 17858

You need to have session_start() at the top of all the pages, you havent shown the session start for your login page.

(Thanks to Danny for proving I cant type)

Upvotes: 2

JIT1986
JIT1986

Reputation: 691

First check on the pages you want to use session variables session is start or not and if session is not stat then start it.

and this is the very first line in the php file.

Code for the session checking is :

if(!session_id())
{
    session_start();
}

Upvotes: 1

SMacFadyen
SMacFadyen

Reputation: 3165

Check that you have register_globals is On in your php.ini

Upvotes: 1

iLaYa ツ
iLaYa ツ

Reputation: 4017

Put session_start(); in all the pages

Upvotes: 2

Related Questions