#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    33
    Rep Power
    2

    $_SESSION variable value not getting displayed


    Hi!

    I am a relative newbie to PHP. I learnt PHP on my own by studying PHP programs and reading as much as I could on the net.

    I would like some help on one of the basic issues.
    I have written a PHP script that welcomes the user after successful login. The name of the user is displayed too after login. I have used $_SESSION variables for storing username, a code (that needs to be displayed) and have displayed it on the welcome page (part of the script below). The username gets displayed properly in the following script even the code is stored in the $_SESSION variable too but funnily isn't displaying!! If the code wasn't stored, then the reports that run using the code would have failed but the reports run too!! So I know that the code is stored properly in $_SESSION variable but when I want to display it on the welcome page it just doesn't display!! By the way, this happens especially when I run this script from a web server. From my local PHP server (on my dev platform), the script works perfectly!! It is weird that without getting ANY errors as such (like variable undefined etc.) I am unable to show this code on the welcome page. The code display is needed to let the user know that he/she can run the reports ONLY by providing this code for running reports as a parameter. I am clueless as to what could be wrong! The following code shows username stored properly by using $_SESSION['name'] directly! But not $_SESSION['cd']!! though the value exists for it (else would have got the error in the report)!!!!

    Please help! Could it be the issue of web-server not configured properly for PHP? Why are session variables creating problems only on a web server and not on a local server? Are these variables getting properly destroyed after the session ends? How do I find out?

    Any help will be greatly appreciated in this matter!

    Thank you in advance!
    Mozart66

    PHP Code:
    <?php

    session_start
    ();
    $mcode $_SESSION["cd"];
    echo 
    $mcode;
    ....
    ....
    ....
    ....
    if(
    $_SESSION['logged_in']){
    ....
    ....
    ....
    echo 
    "<td width='75%' bgcolor='#D5D2D2' valign='top'>";
    echo 
    "<br><br><p align='center'><strong>LOGIN SUCCESSFUL!!</strong></p><br>";
    echo 
    "<p align='center'><strong>HELLO ".$_SESSION['name']."!</strong></p><br>";
    echo 
    "<p align='center'><strong>WELCOME TO</strong></p><br>";
    echo 
    "<p align='center'><strong>BSSK - EDUCATIONAL SPONSORSHIP DATABASE</strong></p><br><br>";
    echo 
    "<p align='center'>Your <strong>Code</strong> is <strong>".$mcode."</strong></p><br><br>";
    echo 
    "<p align='center'><strong>Please use above mentioned appropriate code, as designated, for entering and updating Child and Sponsor records. It is IMPORTANT.</strong></p><br><br><br>";
    echo 
    "<p align='left'><strong>NOTE:</strong> Click on appropriate option from the left to perform the task.</p>";
    echo 
    "</td>";
    } else {
    echo 
    "<td width='25%' valign='top'>&nbsp;</td>";
    echo 
    "<td width='75%' bgcolor='#D5D2D2' valign='top'>";
    echo 
    "<br><br><br><p align='center'><strong>LOGIN UNSUCCESSFUL!</strong></p><br>";
    echo 
    "<p align='center'><strong>TRY LOGGING IN AGAIN</strong></p>";
    echo 
    "<p align='center'><strong>NOTE: </strong>Click here on <a href='eslogin.php'><strong>Login</strong></a> to log in to the system.</p><br>";
    echo 
    "</td>";
    }
    ...
    ...
    ?>
  2. #2
  3. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2012
    Location
    Milan, Italy
    Posts
    21
    Rep Power
    0
    Hi Mozart,
    if u look into your code you could find that you've wrote


    PHP Code:
    $mcode $_SESSION["cd"]; 
    instead of

    PHP Code:
    $mcode $_SESSION['cd']; 
    This should be one possible problem. It should be also possible that 'cd' session value should not be stored correctly before this part of code.

    If u need just ask.
    Bye Paolo.

    Comments on this post

    • Jacques1 disagrees : What are you talking about? 'cd' and "cd" are identical to the bit.
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    33
    Rep Power
    2
    Thank you for a speedy reply! Truly appreciate it!

    But I have already tried it ('cd' and "cd" both), without any success. The result is the same.

    The above mentioned thing is happening on web server and not on local PHP server (on my comp). Any further help on this is appreciated!
  6. #4
  7. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    The "cd" vs 'cd' is simply nonsense. Both literals create the exact same string (read the PHP manual on when double quoted and single quoted strings do differ).

    We need more specific info. Give us the code where you generate the code and store it in the session. Make a var_dump() of the session right after session() start. I'm pretty sure there's some logical error, because session values usually don't just disappear.

    You can also read the session. Open your php.ini to see where the session files are stored (session.save_path) and then open them. They're in a human readable format.
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    33
    Rep Power
    2
    Hi!

    Here's the authenticate.php file where I am storing $_SESSION variables.

    PHP Code:
    <?php

    session_start
    ();

    $conn mysql_connect("localhost","database user","password");
    if (!
    $conn)
      {
      die(
    'Could not connect: ' mysql_error());
      }

    mysql_select_db("database"$conn);

    $username=$_POST['user_id'];
    $password=$_POST['user_password'];

    $sql="SELECT * FROM users WHERE username='".$username."' AND password='".$password."'";
    $run=mysql_query($sql);
    $row=mysql_fetch_array($run);

    if(
    mysql_num_rows($run) == 1){
        
    $_SESSION['logged_in']=true;
        
    $_SESSION['id']=$row['userid'];
        
    $_SESSION['name']=$row['name'];
        
    $_SESSION['cd']=$row['usercode'];
        
        if(
    $row['name'] == "ADMIN"){
            
    header("Location: esadmin.php");
        } else {
            
    header("Location: welcome.php");
         }

    } else {
        
    header("Location: eslogin.php");
    }

    mysql_close();

    ?>
    My 'users' table has userid, name, password and usercode fields in it.

    Thanks!
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    33
    Rep Power
    2
    Hi!

    Look what I got after the var_dump on the web_server!

    array(3) { ["logged_in"]=> bool(true) ["id"]=> string(1) "1" ["name"]=> string(4) "PUNE" }

    Fourth $SESSION variable 'cd' isn't getting defined!! Why so? I have already included my authenticate.php script in my previous post.

    Please help. It's weird.
    Thanks in advance!
  12. #7
  13. Known to taste like chicken
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Location
    In front of my computer
    Posts
    399
    Rep Power
    311
    maybe try doing a var_dump or print_r of $row after to check that the data is coming back from the DB as you expect.

    also as a side note, you are wide open to sql injection with that code. Never trust post or get data, it can very easily be modified by a user to force a login, or dump usernames / passwords / emails etc.

    look into using PDO and prepared statements or at the very least sanitise your inputs.
    "Take thy beak from out my heart, and take thy form from off my door" - Homer J Simpson / Edgar Allan Poe

    Looking for a project Idea?
  14. #8
  15. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2011
    Location
    The Pleiades
    Posts
    298
    Rep Power
    8
    Have you checked that the field name in your database is spelt the same as the one you are trying to reference?

    Also, is the code in your first post the code which follows from the authenticate.php file?

    Regards,

    NM.
  16. #9
  17. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    33
    Rep Power
    2
    Originally Posted by Nanomech
    Have you checked that the field name in your database is spelt the same as the one you are trying to reference?

    Also, is the code in your first post the code which follows from the authenticate.php file?

    Regards,

    NM.
    Yes, the code in the first post is the same code that follows authenticate.php
  18. #10
  19. No Profile Picture
    I haz teh codez!
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Dec 2003
    Posts
    2,547
    Rep Power
    2337
    I realize you learned PHP on your own, probably using some horrific tutorial that pops up at the head of the Google search results, so please understand I mean this in the best possible way:

    Your code is horrible. It is wrong and full of security holes.

    Please ditch what you're doing and start over, using this tutorial as your guide.
    I ♥ ManiacDan & requinix

    This is a sig, and not necessarily a comment on the OP:
    Please don't be a help vampire!
  20. #11
  21. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    33
    Rep Power
    2
    Originally Posted by sir_drinxalot
    maybe try doing a var_dump or print_r of $row after to check that the data is coming back from the DB as you expect.

    also as a side note, you are wide open to sql injection with that code. Never trust post or get data, it can very easily be modified by a user to force a login, or dump usernames / passwords / emails etc.

    look into using PDO and prepared statements or at the very least sanitise your inputs.
    Thank you so much for the good input! I am a newbie so I appreciate this help greatly! I have sanitized my inputs in my starting script (which I haven't included here) and now the script seems to be working on its own after I tried doing var_dump of $row and $_SESSION variables!!! Now I am getting the result exactly as I want it to be! The code is also getting displayed on the welcome page! All I did was just added var_dump, tested it and once the results could be seen, I removed it and tested it again! It worked like a charm!!!

    THANK YOU ALL! Have learnt some new things such as var_sump, print_r, PDO! I am learning PHP on my own and hence your guidance is very valuable to me!

    Since I have got my answer, the mods may close this thread!

IMN logo majestic logo threadwatch logo seochat tools logo