homepage Welcome to WebmasterWorld Guest from 54.205.247.203
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
random seeming PHP $_SESSION errors
thedavidosullivan




msg:1277932
 5:38 pm on Apr 14, 2006 (gmt 0)

Hey all,

I am am having a completely baffling intermittent problem with a login page that sets a session up.

It seems totally random whether the session is set or not. Sometimes it works and sometimes it doesn't.

On all subsequent pages I have included the 'session start();' command (am I missing something there? should there be something in the brackets?) via an included auth page that checks to see if a couple of the elements are set. If not it chucks you out to the login page. The same test is done by this same file on every page.

So maybe there is a problem with the login file itself:
<?php
session_start ();
include("../conn.inc.php");
if (isset ($_GET['do'])) {

$sql = "SELECT staff_username FROM staff
WHERE staff_username='$_POST[staff_username]'";
$result= mysql_query($sql)
or die("Could not execute query.");

$num = mysql_num_rows($result);
if ($num >= 1)
// login name was found
{
$sql="SELECT staff_id, staff_username, staff_adminlevel FROM staff
WHERE staff_username='$_POST[staff_username]'
AND staff_password='$_POST[staff_password]'";
$result2 = mysql_query($sql)
or die("Couldn’t execute query.");
$num2 = mysql_num_rows($result2);
$row = mysql_fetch_assoc($result2);
if ($num2 > 0) //password is correct
{
$logname=$_POST['staff_username'];
$password=$_POST['staff_password'];
$logid= $row['staff_id'];
$adminlevel= $row ['staff_adminlevel'];
$_SESSION['auth']="yes";
$_SESSION['staff_id']=$logid;
$_SESSION['logname']=$logname;
$_SESSION['password']=$password;
$_SESSION['adminlevel']=$adminlevel;
$datetime= date("Y-m-d h:i:s");
$sql = "INSERT INTO staff_logintime (staff_id, staff_logintime) VALUES ('$logid', '$datetime')";
$result= mysql_query($sql) or die ("cant add the date time stuff");
header("Location: admin_area.php");
}
else // password is not correct
{
unset($do);
$message="!The login name, '$_POST[staff_username]'
exists, but the password is incorrect!<br>";
include("admin_login_form.inc.php");
}
}
elseif ($num == 0) // login name not found
{
unset($do);
$message = "The login name you entered does not
exist! Please try again.<br>";
include("admin_login_form.inc.php");
}
}
else {
$_SESSION=array();
include("admin_login_form.inc.php");
}
?>

I am new to this so I am sure there are some screwups in there but why does it work some times <i>with the same pages</i> and coming from the same locations, and not at others!?

Is it a problem with my web host maybe? Do I need to make the pages go from one to another more slowly or something? do I need to do something to retrieve the session variables and turn them into page variables? I have tried everything I can think of for days and just not cracked it.

Hope someone can help

Dave

 

vacorama




msg:1277933
 6:04 pm on Apr 14, 2006 (gmt 0)

are you using session_destroy() when you are testing?

JohnCanyon




msg:1277934
 7:54 pm on Apr 14, 2006 (gmt 0)

You should check to make sure you are not outputting any whitespace before you call session_start() on your pages.

This could cause the symptoms you are describing.

dmmh




msg:1277935
 5:43 am on Apr 15, 2006 (gmt 0)

are you using subdomains?
if so, yo need to do this on the scripts in the subdomain:
ini_set("session.cookie_domain"," .domain.com");
session_start();

Habtom




msg:1277936
 7:29 am on Apr 15, 2006 (gmt 0)

How about starting with your double curly brackets I noticed when it is supposed to be just one. }}

Habtom

thedavidosullivan




msg:1277937
 10:48 am on Apr 15, 2006 (gmt 0)

Firstly let me say how grateful I am to all those who have replied here for taking the time and consideration to reply- You guys really are the unsung heroes of the webmaking world and are totally integral to the success or failure of countless ventures across the globe these days. You all know that I am sure, but if you need any help I can give drop me a line- I am very good with photoshop, avid editing, Premiere, After Effects, stuff like that.

Anyway it seems like the white space could have been the problem. I have deleted it all (being an arty type for whom none of this comes n aturally in the slightest my pages were littered with white space to help me make sense of it all!) Thus far on brief testing it is looking promising.

If any of you know and have the time to explain I would be very interested why 'nothing' (i.e. white space) can cause a promlem in the computer world?

Anyway thanks very much for you time and help BUT I may be back!

Habtom




msg:1277938
 1:17 pm on Apr 15, 2006 (gmt 0)

session_start () doesn't allow you to have any outputs before it runs (at least I faced so). White space is also seen as an output.

I am sure some one can give you more detailed response on this.

Habtom

jatar_k




msg:1277939
 3:08 pm on Apr 15, 2006 (gmt 0)

it is only "nothing" outside of your php tags

before <?php or after?>

that counts as output and causes headers to be sent to your browser.

A blank line is not nothing, it consists of a linefeed or carriage return, or both.

thedavidosullivan




msg:1277940
 1:24 pm on Apr 16, 2006 (gmt 0)

I am afraid after an initial euphoria the problem has not gone away. It is simply that random. There is now no white space anywhere on any pages.

My admin_auth.inc.php file is like this:

<?php
session_start ();
if ($_SESSION['auth'] ==''¦¦$_SESSION['password'] =='')
{
$redirect = $_SERVER['PHP_SELF'];
header ("Refresh: 2;URL=index.php?redirect=$redirect");
$notlogged= "!YOU ARE CURRENTLY NOT LOGGED IN!<br> we are redirecting you, hang on...<br>(if your browser doesnt redirect you in 10 seconds <a href=\'admin_login.php?redirect=$redirect\'>click here<a/>)";
}
else{
$logout="<a href='index.php'>log-out</a>";
}
?>

is there anything wrong with that? I even see that the details that this code looks for is in the session array after I get tracked back sometimes! (via a print_r use for testing). It is just totally baffling. I'll set someone up a login and you can see for yourselfs if it helps?

Habtom




msg:1277941
 1:39 pm on Apr 16, 2006 (gmt 0)

You are including this page. What about the page including the file, doesn't it contain white space outputs?

Habtom

thedavidosullivan




msg:1277942
 1:43 pm on Apr 16, 2006 (gmt 0)

looking at it a bit more today the problem seems to be that the pages are randomly unable to retrieve the session data from wherever it is. Sometimes I can wander around the site with no problem, sometimes I get the you are not logged in error but if I click back (having disabled the redirect line for testing) and try the exact page again sometimes it retrieves the info, sometimes not. Sometimes when I click back the session array is empty sometimes not. I am guessing this must be a server problem, is it common? and what do I have to ask the hosts to do to fix it if it is their fault?

thedavidosullivan




msg:1277943
 1:47 pm on Apr 16, 2006 (gmt 0)

pressing refresh on the page also retrieves the session array properly around 60% of the time...

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved