Session vars won't set/cant retrieve them

General PHP Help
#1

I have a functioning login page and a user CP and am having trouble setting session variables in the login.php file.

The variables are $_SESSION[‘eid’] $_SESSION[‘email’] $_SESSION[‘userlevel’].

[php]<?php
session_start();
require(‘dbconn.php’);

$message ="";

if (isset($_POST[‘submit’])) {

if(!$_POST['email'] | !$_POST['password']) {

	$message = "Please enter your login details";
	echo $message;
	

}

mysql_connect($db_host, $db_user, $db_pass) or die(mysql_error());
mysql_select_db($db_name) or die(mysql_error());

$email = $_POST[‘email’];
$check = mysql_query(“SELECT * FROM employees WHERE email = “$email””)or die(mysql_error());

$check2 = mysql_num_rows($check);

if ($check2 == 0) {

	$message = "<center>Email address not found, please contact your manager.</center>";
	echo $message;

			}

while($info = mysql_fetch_array( $check ))

{

$_POST[‘password’] = stripslashes($_POST[‘password’]);

$info['password'] = stripslashes($info['password']);

$_POST['password'] = md5($_POST['password']);

//gives error if the password is wrong

if ($_POST['password'] != $info['password']) {

	$message ="<center>Incorrect Password</center>";
	echo $message;

}
 else

{

//if login details ok set session vars
$_SESSION[‘eid’] = $info[‘id’]; // difference between eid and id is correct

$_SESSION[‘email’] = $info[‘email’];

$_SESSION[‘userlevel’] = $info[‘userlevel’];

if($info[‘userlevel’] >= “2”)
{
header(“Location: usercp.php”);

} else {

header(“Location: usercp1.php”);
}

}

}

} else { //here is the html code for my login page.
echo $loginpage;
}

?>[/php]

The problem is when i try to call the variables in other pages it doesnt work.

I have a mysql query in a page called schedule.php which is displayed via an include() function within usercp.php.

[php]SELECT id, d, title, starttime, finishtime, FROM shifts WHERE m = $month AND y = $year AND eid = $sessionuser ORDER BY starttime[/php]

$sessionuser is the one which is the issue.

To test the functionality of my script I defined $sessionuser at the top of schedule.php.
[php]$sessionuser = “1”;[/php]

And this works. 1 being the eid of my test user account.

It’s when i try it this way when it doesn’t work:
[php]$sessionuser = $_SESSION[‘eid’];[/php]

I am assuming that I am doing something wrong in the post-submit login script when setting the variables.

Also to add I have included session_start(); at the top of any page which uses the vars and I have also tried it without.

Any help will be greatly appreciated as I have really hit a brick wall with this.

Thanks
Adam

#2

that login script needs some help, but as far as the issue goes, every page that uses sessions has to have session_start() at the top of the page.

#3

Thanks for the reply, so like I say I have tried it with and without session_start() at the top so assuming i’ve changed all the pages to display this what do you suggest I do with my login script?

#4

Well, your code was not formatted easy to read. I put it into my editor and found that you are missing one closing bracket. Perhaps that is the problem. Here is the code showing the missing bracket…
Hope it helps…

[php]

<?php session_start(); require('dbconn.php'); $message =""; if (isset($_POST['submit'])) { if(!$_POST['email'] | !$_POST['password']) { $message = "Please enter your login details"; echo $message; } mysql_connect($db_host, $db_user, $db_pass) or die(mysql_error()); mysql_select_db($db_name) or die(mysql_error()); $email = $_POST['email']; $check = mysql_query("SELECT * FROM employees WHERE email = \"$email\"")or die(mysql_error()); $check2 = mysql_num_rows($check); if ($check2 == 0) { $message = "Email address not found, please contact your manager."; echo $message; } while($info = mysql_fetch_array( $check )) { $_POST['password'] = stripslashes($_POST['password']); $info['password'] = stripslashes($info['password']); $_POST['password'] = md5($_POST['password']); //gives error if the password is wrong if ($_POST['password'] != $info['password']) { $message ="Incorrect Password"; echo $message; } else { //if login details ok set session vars $_SESSION['eid'] = $info['id']; // difference between eid and id is correct $_SESSION['email'] = $info['email']; $_SESSION['userlevel'] = $info['userlevel']; if ($info['userlevel'] >= "2") { header("Location: usercp.php"); } else { header("Location: usercp1.php"); } } } //End of while... } else { //here is the html code for my login page. echo $loginpage; } // END of IF-POST-EMAIL **************Missing end of FIRST if!!!! ?>

[/php]

#5

After adding the extra I got internal server error. I looked through my code and the IF-POST-EMAIL end bracket is on line 12 after the first instance of echo $message; .

am I missing something with regard to the session itsself?

#6

Well, the missing bracket in my version was for the
if (isset($_POST[‘submit’])) line, sorry, not for the email line…
(Perhaps I miss-counted…)

As far as you code goes, I noticed you do a lot of $variable=“something”; then, echo $variable;…
This could be condensed to just echo “something”; Saves a lot of lines a lot of string loading…
(But, this is not a problem!)

As far as session variables go, this is the basics:

On your main form:
session_start(); //start up the session… (MUST MUST MUST be on EVERY page that uses sessions)
$_SESSION[‘somevariablename’]=“somevalueordata”; //assign the session variable like a normal one…

On your page that uses the data:
session_start(); //Always needed…
echo $_SESSION[‘somevariablename’]; // do something with the session variable just like any variable
$x=$_SESSION[‘somevariablename’];
echo $x;

It’s really that simple. The only problem I have ever had is spelling or forgetting the session_start(); on a page. All pages that use ANY session variable must have the start on the page. It tells the PHP server to access the current session and use variables from it. Session variables are actually stored as one big array with keys and values. I have found that some users forget to put quotes around the variable name inside the brackets. Also, I have seen where in one form they use caps and not in another page. The session variable names are case-sensitive!

Well, I would try a test page passing one to another test page to start. And, see what happens with that. If it works look at ever part of your code to see if it is skipping over your session variables due to IF-ESLE’s… Let us know if you need more help with it…

Sponsor our Newsletter | Privacy Policy | Terms of Service