473,320 Members | 1,766 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

login session not behaving

HI,

I hope someone can help. I'm trying to show the username of the logged in user on this menu.inc page and certain pages only when logged in.

The result I have with the code below is no username showing, just "Hi !" (the "login" link disappear as planned) and all pages showing (logged and un-logged)

thank you for your help

Expand|Select|Wrap|Line Numbers
  1.            <div style="margin-bottom: 0px; margin-left: auto; margin-right: auto; margin-top: 0px; overflow: visible;">
  2.  
  3.  
  4.             <div align="center">
  5.             <table border="0">
  6.               <tr>
  7.                 <th>
  8.                 <span class="small">
  9.                 <?php if ($_SESSION["loggedInUser"] == $_SESSION["userCakeUser"]) { ?>Hi <strong><?php echo $_SESSION[$userdetails["Username"]]; ?>
  10.  
  11.             !
  12.  
  13.                 <?php } else { ?><a href="login.php">Login</a>
  14.                 <?php } ?>
  15.                 </span>  </th>
  16.  
  17.               </tr>
  18.               <tr>
  19.                 <td> 
  20.                 <span class="small">           
  21.                 <?php if ($_SESSION['loggedInUser'] == $_SESSION["userCakeUser"]) { ?><a href="logout.php">Logout</a>
  22.  
  23.                 <?php } else { ?>Register <a href="register.php" class="text_left">here </a>to download full mixes<?php } ?>
  24.                 </span>
  25.                    </td>
  26.               </tr>
  27.              </table>
  28.              </div>
  29.  
  30.             <hr width=600px>
  31.  
  32.             <a href="<?php echo $main_path; ?>index.php">Welcome</a><a href="
  33.             <?php echo $main_path; ?>Bio.php">Bio</a>
  34.  
  35.               <!--logged-in-->         
  36.             <?php if ($_SESSION['loggedInUser'] == $_SESSION["userCakeUser"]) { ?>
  37.  
  38.             <a href="<?php echo $main_path; ?>Mixes.php">Mixes</a>
  39.  
  40.  
  41.             <a href="<?php echo $main_path; ?>Production.php">Production</a>
  42.  
  43.             <?php } ?>
  44.  
  45.             <!--not-logged-in-->         
  46.             <?php if ($_SESSION['loggedInUser'] == NULL) { ?>
  47.  
  48.             <a href="<?php echo $main_path; ?>mixes_unlogged.php">Mixes</a>
  49.  
  50.             <a href="<?php echo $main_path; ?>production_unlogged.php">Production</a>
  51.  
  52.             <?php } ?>
  53.  
  54.             <a href="<?php echo $main_path; ?>Contact.php">Contact</a>
  55.             <a href="<?php echo $main_path; ?>links.php">Links</a>
  56.             <hr width=500px> 
Jan 6 '10 #1
22 2830
Dormilich
8,658 Expert Mod 8TB
obviously $_SESSION[$userdetails["Username"]] does not exist or is empty. try var_dump($_SESSION); to see what’s going on.
Jan 6 '10 #2
thx Dormilich. Sorry I'm really no expert in php, shall I put this instead of my query or after?
Jan 6 '10 #3
I've added it within the query and it brings NULL back. Does it mean username isn't what I should be using then?
Jan 6 '10 #4
Dormilich
8,658 Expert Mod 8TB
what query? it doesn’t matter where you put this, as long as it is executed.

if var_dump($_SESSION); brings up NULL, there is something wrong with the session.
Jan 6 '10 #5
ok...what can I do to find out what's wrong with it?
Jan 6 '10 #6
Dormilich
8,658 Expert Mod 8TB
check out, where you set $_SESSION to NULL.
Jan 6 '10 #7
ok, I've checked this out and this is the "config.php" file, where the $_SESSION is set to NULL if not logged in and to $_SESSION["userCakeUser"] if logged in (see code below)

Am I not using this properly?

Expand|Select|Wrap|Line Numbers
  1. <?php
  2.     include("settings.php");
  3.  
  4.     //Dbal Support - Thanks phpBB ; )
  5.     include("classes/db/".$dbtype.".php");
  6.  
  7.     //Construct a db instance
  8.     $db = new $sql_db();
  9.     if(!$db->sql_connect($db_host, $db_user, $db_pass, $db_name, $db_port, false, false)) die("Unable to connect to the database");
  10.  
  11.     //Include classes
  12.     include("classes/class_newuser.php");
  13.     include("classes/class_newmail.php");
  14.     include("classes/class_loggedinuser.php");
  15.  
  16.     //Include Functions
  17.     include("functions/user-funcs.php");
  18.     include("functions/general-funcs.php");
  19.  
  20.  
  21.     session_start();
  22.  
  23.     //Global User Object Var
  24.     //loggedInUser can be used globally if constructed
  25.     if(isset($_SESSION["userCakeUser"]) && is_object($_SESSION["userCakeUser"])) $loggedInUser = $_SESSION["userCakeUser"]; else $loggedInUser = NULL;    
  26. ?>
Jan 6 '10 #8
Dormilich
8,658 Expert Mod 8TB
where do you set userCakeUser?
Jan 6 '10 #9
userCakeUser is set in the mysql db table
Jan 6 '10 #10
sorry I'm getting confused now ;-)

you might mean this here in the "login.php" page...

Expand|Select|Wrap|Line Numbers
  1. <?php
  2.     require_once("models/config.php");
  3.     require_once('html_head.php');
  4.  
  5.     //Prevent the user visiting the logged in page if he/she is already logged in
  6.     if(isUserLoggedIn()) { header("Location: account.php"); die; }
  7. ?>
  8. <?php
  9.     /* 
  10.         Below is a very simple example of how to process a login request.
  11.         Some simple validation (ideally more is needed).
  12.     */
  13.  
  14. //Forms posted
  15. if(!empty($_POST))
  16. {
  17.         $errors = array();
  18.         $username = trim($_POST["username"]);
  19.         $password = trim($_POST["password"]);
  20.  
  21.         //Perform some validation
  22.         //Feel free to edit / change as required
  23.         if($username == "")
  24.         {
  25.             $errors[] = "Username is required.";
  26.         }
  27.         if($password == "")
  28.         {
  29.             $errors[] = "Password is required";
  30.         }
  31.  
  32.         //End data validation
  33.         if(count($errors) == 0)
  34.         {
  35.             //A security note here, never tell the user which credential was incorrect
  36.             if(!usernameExists($username))
  37.             {
  38.                 $errors[] = "Username or password is invalid";
  39.             }
  40.             else
  41.             {
  42.                 $userdetails = fetchUserDetails($username);
  43.  
  44.                 //See if the user's account is activation
  45.                 if($userdetails['Active']==0)
  46.                 {
  47.                     $errors[] = "Your account is not active. Check your emails / spam folder to find your account activation instructions.";
  48.                 }
  49.                 else
  50.                 {
  51.                     //Hash the password and use the salt from the database to compare the password.
  52.                     $entered_pass = generateHash($password,$userdetails['Password']);
  53.  
  54.                     if($entered_pass != $userdetails['Password'])
  55.                     {
  56.                         //Again, we know the password is at fault here, but lets not give away the combination incase of someone bruteforcing
  57.                         $errors[] = "Username or password is invalid";
  58.                     }
  59.                     else
  60.                     {
  61.                         //Passwords match! we're good to go'
  62.  
  63.                         //Construct a new logged in user object
  64.                         //Transfer some db data to the session
  65.                         $loggedInUser = new loggedInUser();
  66.                         $loggedInUser->email = $userdetails['Email'];
  67.                         $loggedInUser->user_id = $userdetails['User_ID'];
  68.                         $loggedInUser->hash_pw = $userdetails['Password'];
  69.                         $loggedInUser->display_username = $userdetails['Username'];
  70.                         $loggedInUser->clean_username = $userdetails['Username_Clean'];
  71.  
  72.                         //Update last sign in
  73.                         $loggedInUser->updateLastSignIn();
  74.  
  75.                         $_SESSION['userCakeUser'] = $loggedInUser;
  76.  
  77.                         //Redirect to user account page
  78.                         header('Location: account.php');
  79.                         die;
  80.                     }
  81.                 }
  82.             }
  83.         }
  84.     }
  85. ?>
  86. <?php
  87. if(!empty($_POST) && count($errors) > 0)
  88. {
  89.     $list="";  
  90.        foreach($errors as $issue) $list.="<li>".$issue."</li>";
  91. ?> 
  92.  
  93. <div id="errors">
  94.     <ol> 
  95.     <?php echo $list; ?>
  96.     </ol>
  97. </div>
  98.  
  99. <?php } ?>
  100. <fieldset style="width:50%">
  101. <legend>Complete to Login</legend>
  102. <div id="txtover">
  103. <div align="center">
  104. <br>
  105. <br>
  106. <br>
  107. <br>
  108.  
  109.     <fieldset>
  110.     <legend>Resend password</legend>
  111.     <a href="forgot-password.php">Forgot Password</a>
  112.     </fieldset>
  113.     <br>
  114.     <br>
  115.     <form name="newUser" action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post">
  116.  
  117.         <fieldset>
  118.     <legend>Username</legend>
  119.         <label for="user"></label> <input type="text" name="username" /><br />
  120.     </fieldset>
  121.     <br>
  122.     <br>
  123.         <fieldset>
  124.     <legend>Password</legend>
  125.         <label for="pass"></label> <input type="password" name="password" /><br />
  126.     </fieldset>
  127.     <br>
  128.     <br>
  129.           <fieldset>
  130.     <legend>Submit</legend>
  131.         <input type="submit" value="Login" class="submit" />
  132.         </fieldset>
  133.  
  134.     </form>
  135.  
  136. </div>
  137. </div>
  138. </fiedset>
  139. <?php 
  140. require_once('html_tail.php');
  141. include("models/clean_up.php"); 
  142. ?>
Jan 6 '10 #11
Dormilich
8,658 Expert Mod 8TB
do you start the session anywhere?
Jan 6 '10 #12
yes in the "config.php" file (attached earlier on in the post)
Jan 6 '10 #13
Dormilich
8,658 Expert Mod 8TB
I doubt var_dump($_SESSION); prints NULL …
Jan 6 '10 #14
I wish it didn't but unfortunately it does...see attached file
Attached Images
File Type: jpg Picture 1.jpg (6.7 KB, 114 views)
Jan 6 '10 #15
Dormilich
8,658 Expert Mod 8TB
a var_dump() output looks different.
Jan 6 '10 #16
this is where I entered the var_dump in the menu.inc:

Expand|Select|Wrap|Line Numbers
  1.                 <?php if ($_SESSION['loggedInUser'] == $_SESSION["userCakeUser"]) { ?>Hi <strong><?php echo $_SESSION[$userdetails["Username"]]; var_dump($_SESSION);?>
Jan 6 '10 #17
Atli
5,058 Expert 4TB
Hey.

Try creating a new PHP file int he same directory your other PHP files are and do:
Expand|Select|Wrap|Line Numbers
  1. <?php
  2. header('content-type: text/plain');
  3. session_start();
  4. var_dump($_SESSION);
  5. ?>
  6.  
This tells you whether the session is working, and what is in it.

Post the output here so we can see what data you are actually working with.
Jan 6 '10 #18
here is the output:

array(0) {
}

I'm no expert but it doesn't look good does it... ;-)
Jan 6 '10 #19
Dormilich
8,658 Expert Mod 8TB
that means, that there is an empty session*

* which also means undefined == undefined (post #17)
Jan 6 '10 #20
ok, is there anything you can suggest for me to get this sorted at all? apologies for my ignorance on the subject...
Jan 6 '10 #21
Dormilich
8,658 Expert Mod 8TB
not very much, I fear. I’d look, where and why the assignment didn’t work.
Jan 6 '10 #22
for everyone's info, this was sorted by replacing $_SESSION["userCakeUser"] by "1"
Jan 9 '10 #23

Sign in to post your reply or Sign up for a free account.

Similar topics

3
by: Tom | last post by:
Hi I have a web application using asp.net and c#. User has to login to the application with his username and pwd. However, I do not allow other user uses the same username and pwd to login, i.e....
19
by: Siobhan | last post by:
Hi What is the recommended way to store a user's database credentials across the pages of a web application so that each time the database is accessed the system doesn't have to ask them for their...
18
by: Gleep | last post by:
I've searched google intensely on this topic and it seems noone really knows how to approch this. The goal I don't want clients to give out their usernames and passwords to friends, since the site...
6
by: BizWorld | last post by:
Hi, I have a scenario where i need to configure only Login.aspx page to use SSL. All other application will run on HTTP protocol. If someone can guide me how to accomplish this. One of my idea...
0
by: John Meyer | last post by:
index: <%@ Page Language="VB" ContentType="text/html" ResponseEncoding="iso-8859-1" %> <%@ Import Namespace="System.Data" %> <%@ Import Namespace="System.Data.OleDb" %> <!DOCTYPE html PUBLIC...
5
by: simon | last post by:
well i have admin panel and agent panel. when i open admin panel and log in it works fine. but when agent opens agent panel in different pc and login and acts something like open a page or so,...
9
by: Ben | last post by:
Hello, I'll bet this has been asked a million times but I can't seem to find a thread that gives the clear example I need. This PC has MySQL and IIS configured and running. The MySQL database is...
6
by: =?Utf-8?B?S2VsbHk=?= | last post by:
We just switched our web application from .NET 1.1 to 2. Once client can't login out of several that have been successful. They enter a correct user name and password, click the login button and...
9
by: Josh | last post by:
I run a Joomla website and am familiar with php in some but not all aspects. Currently I am trying to find some solutions related to session handling. Am I correct in saying that "login" is kept...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.