Session doesn't work

Darrell Blake

I'm trying to use sessions to allow people to log into my site. The problem
is that sometimes it works and sometimes it doesn't! As far as I'm aware my
script is fine (hence why it works sometimes) and I've had people tell me
it's fine too. Basically, when a user enters their username and password it
checks that against my mysql database and if correct creates a session and
stores their username in it in a variable called uname. Then, when they
access another area of the site it checks to see if uname is set and if it
is then it lets them access that area and if it isn't asks them to log in
again. The session id is kept so I know the session is there but it doesn't
always register the variable uname. I think the php version is 4.1.2 (it's
hosted on sourceforge).

I've listed three files below. admin.php is where the user enters their
username and password. admin2.php is where it checks the username and
password and displays the admin section and addnews.php allows you to add
news to the site. It's when I try to add news when it sometimes works and
sometimes doesn't. When I click add news half of the time it shows the add
news section and half of the time it doesn't. This is because uname isn't
set when it should be (and is half of the time). If you want to see the site
go to http://linrar.sourceforge.net/index2.php (I will rename it index.php
once the site works).

admin.php

<?php
session_start();
session_unset();
session_destroy();
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="style.css">
<title>LinRAR Homepage</title>
</head>
<body>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td>
<table border="0" cellpadding="10" cellspacing="0">
<tr>
<td width="122" valign="top">
<table width="122" border="0" cellpadding="2" cellspacing="0"
bgcolor="#000000">
<tr>
<td>
<table width="120" border="0" cellpadding="5" cellspacing="0"
bgcolor="#ffffff">
<tr>
<td>
<a href=index.php>News</a><br>
<a href=about.php>About</a><br>
<a href=download.php>Download</a><br>
<a href=support.php>Support</a><br>
<a href="http://sourceforge.net/projects/linrar">Sourceforge</a><br>
<a href="admin.php">Admin</a><br>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
<td valign="top">
<h1>LinRAR - Admin</h1>
<br>
To log in to the admin section type in your username and password below and
click enter:<br><br>
<form action=admin2.php method=post>
<table>
<tr><td>
UserName</td><td><input type="text" name="lruname"></td></tr>
<tr><td>
Password</td><td><input type="password" name="lrpass"></td></tr>
</table>
<br>
<input type="submit" value="Enter" class="flatbutton">
</form>
</td>
</tr>
</table>
</td>
</tr>
</table>
</body>
</html>

admin2.php

<?php
session_start();
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="style.css">
<title>LinRAR Homepage</title>
</head>
<body>
<?php
$notfounduser = 0;
$passwordincorrect = 0;
$db = "linrar";
$user = "linrar";
$pass = "linrardb";
$link = mysql_connect("mysql.sourceforge.net", $user, $pass);
mysql_select_db($db, $link)
or die("Couldn't open $db: ".mysql_error());
$result = mysql_query("SELECT * from users");
$num_rows = mysql_num_rows($result);
while ($a_row = mysql_fetch_array($result))
{
if ($a_row[lruname] != $lruname)
$notfounduser = 1;
else
{
$notfounduser = 0;
$lrpass = md5($lrpass);
if ($a_row[lrpass] != $lrpass)
$passwordincorrect = 1;
}
if ($notfounduser == 0)
break;
}

if ($notfounduser == 1)
print "User $lruname was not found.";
if ($passwordincorrect == 1)
print "Incorrect password entered for user $lruname.";

if ($notfounduser == 0 && $passwordincorrect == 0)
{
session_register("uname");
$uname = $lruname;
print "<table border=0 cellpadding=0 cellspacing=0>";
print "<tr>";
print "<td>";
print "<table border=0 cellpadding=10 cellspacing=0>";
print "<tr>";
print "<td width=122 valign=top>";
print "<table width=122 border=0 cellpadding=2 cellspacing=0
bgcolor=#000000>";
print "<tr>";
print "<td>";
print "<table width=120 border=0 cellpadding=5 cellspacing=0
bgcolor=#ffffff>";
print "<tr>";
print "<td>";
print "<a href=\"index.php\">Back (Logout)</a><br>";
print "<a href=\"addnews.php?".session_name()."=".session_id ()."\">Add
News</a><br>";
print "<a href=\"addadmin.php?".session_name()."=".session_i d()."\">Add
Admin</a><br>";
print "<a
href=\"changepwd.php?".session_name()."=".session_ id()."\">Change
Password</a><br>";
print "<a href=BoardPlus/forum.html>Forum</a><br>";
print "<a href=\"phpMyAdmin-2.5.1\"</a>phpMyAdmin<br>";
print "<a href=count.php>Site Stats</a><br>";
print "</td>";
print "</tr>";
print "</table>";
print "</td>";
print "</tr>";
print "</table>";
print "</td>";
print "<td valign=top>";
print "<h1>LinRAR - Admin</h1>";
print "<br>";
print "Welcome $uname to the admin section.";
}
?>
</td>
</tr>
</table>
</td>
</tr>
</table>
</body>
</html>

addnews.php

<?php
session_start();
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="style.css">
<title>LinRAR Homepage</title>
</head>
<body>
<?php
if (session_is_registered("uname"))
{
print "<table border=0 cellpadding=0 cellspacing=0>";
print "<tr>";
print "<td>";
print "<table border=0 cellpadding=10 cellspacing=0>";
print "<tr>";
print "<td width=122 valign=top>";
print "<table width=122 border=0 cellpadding=2 cellspacing=0
bgcolor=#000000>";
print "<tr>";
print "<td>";
print "<table width=120 border=0 cellpadding=5 cellspacing=0
bgcolor=#ffffff>";
print "<tr>";
print "<td>";
print "<a href=\"index.php\">Back (Logout)</a><br>";
print "<a href=\"addnews.php?".session_name()."=".session_id ()."\">Add
News</a><br>";
print "<a href=\"addadmin.php?".session_name()."=".session_i d()."\">Add
Admin</a><br>";
print "<a href=\"changepwd.php?".session_name()."=".session_ id()."\">Change
Password</a><br>";
print "<a href=BoardPlus/forum.html>Forum</a><br>";
print "<a href=\"phpMyAdmin-2.5.1\"</a>phpMyAdmin<br>";
print "<a href=count.php>Site Stats</a><br>";
print "</td>";
print "</tr>";
print "</table>";
print "</td>";
print "</tr>";
print "</table>";
print "</td>";
print "<td valign=top>";
print "<h1>LinRAR - Add News</h1>";
print "<br>";

if ($changed == 1)
{
$dateadded = time();
$db = "linrar";
$user = "linrar";
$pass = "linrardb";
$link = mysql_connect("mysql.sourceforge.net", $user, $pass);

if (!$link)
die ("Couldn't connect to MySQL: ".mysql_error());
mysql_select_db($db)
or die("Couldn't connect to database $db: ".mysql_error());

$query = "INSERT INTO news VALUES ('$uname', '$dateadded', '$ntitle',
'$nmessage')";

mysql_query($query, $link)
or die ("Couldn't add data to the table: ".mysql_error());

mysql_close($link);
print "The following news has been added...<br><br>";
print "Title: $ntitle<br><br>";
print "Message: $nmessage<br><br>";
print "Posted by: $uname<br><br>";
$dateadded = date("d/m/y", $dateadded);
print "Date added: $dateadded<br>";
}
else
{
print "<form action=addnews.php?$sess&changed=1 method=post>";
print "Title <input type=text size=50 name=ntitle><br><br>";
print "Message<br>";
print "<textarea rows=5 cols=70 name=nmessage></textarea><br><br>";
print "<input type=submit value=Add>";
print "</form>";
}
}
else
{
print "Not logged in. <a href=admin.php>Click Here</a> to log in.";
}
?>
</td>
</tr>
</table>
</td>
</tr>
</table>
</body>
</html>

Jul 16 '05 #1

Subscribe Post Reply

4006

Similar topics

Session variable reading doesn't work

by: Peter | last post by:

L.S. I am developing a PHP-login script (on Lycos Tripod) that uses Session to pass on variables. Below is the entire (stripped) structure that I use. It opens a page where you can Set and Read...

PHP

Passing SESSION Data

by: Paul | last post by:

Hmmm, didn't seem to work. I have set session.use_cookies = 1 and session.use_trans_sid = 1 in my php.ini file. Index.php contains:...

PHP

Session Variables Disappearing

by: Paul Yanzick | last post by:

Hello, I am trying to develop a book tracking application for my capstone in school, and am running into a problem. The application is an ASP.Net application written in C#. The first page you...

C# / C Sharp

Session End doesn't get called

by: Jim Owen | last post by:

I know I';ve posted on this topic before, but it still doesn't work. I have a Session_End event in my Global.asax file, but it never fires. I have gone into my web.config file and in session...

ASP.NET

Trouble with using Session state

by: Greg Linwood | last post by:

I'm having difficulty understanding Session state in ASP.Net. It's almost embarrassing asking this as I've been using ASP since it was first released & it really shouldn't be this hard to use -...

ASP.NET

Session State stateserver or Sql Server

by: tshad | last post by:

I have been using the default session state (InProc) and have found that I have been loosing my information after a period of time (normally 20 minutes). Is there anyway to find out how much...

ASP.NET

Session Arrays

by: Bahman | last post by:

Hello! I have a simple question. Do we have session arrays that we can reference, assign, or select from? Could I please have a sample of how this is done. The obvious syntax that I am...

ASP.NET

ASP Session lost in IFRAME?

by: zzzbla | last post by:

Hello, I have a project in which I'm trying to embed one site, that uses session stored variables, inside an IFRAME in another site (which for that matter doesn't even use sessions). Problem...

ASP / Active Server Pages

Session Variables - why aren't novice developers warned?

by: BillE | last post by:

When a user opens a new IE browser window using File-New-Window the integrity of an application which relies on session state is COMPLETELY undermined. Anyone who overlooks the fact that...

ASP.NET

Session handling, login across all subdomains

by: Josh | last post by:

I run a Joomla website and am familiar with php in some but not all aspects. Currently I am trying to find some solutions related to session handling. Am I correct in saying that "login" is kept...

PHP

Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"

by: taylorcarr | last post by:

A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...

General

How to turn on java script in a villaon keypad mobile phone

by: Charles Arthur | last post by:

How do i turn on java script on a villaon, callus and itel keypad mobile phone

Java

Basic Javascript concepts

by: aa123db | last post by:

Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...

Javascript

Batch import of multiple excel files into the database

by: ryjfgjl | last post by:

If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...

Data Management

Migrating Website to Cloud - Emmanuel Katto

by: emmanuelkatto | last post by:

Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel

General

Looking to do Android software development, any suggestions? Is flutter better?

by: nemocccc | last post by:

hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?

General

How to build RAID in BIOS?

by: Hystou | last post by:

There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...

Computer Hardware

What is ONU?

by: marktang | last post by:

ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...

General

Maximizing Business Potential: The Nexus of Website Design and Digital Marketing

by: jinu1996 | last post by:

In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...

Online Marketing