[PHP] SESSION and include
Hi PROBLEM: I want to let certain users use certain funcions on my page. To manage that I start a session and define $_SESSION[user_level] to a value from a mySQL table. So far so good. Users with $_SESSION[user_level]==1 can access things on the .php page they are on. I made a simple if-statement to handle that. Now the problem is that i want to use include(page.php) and let the users with user_level=1 access special things on that included page. The if statements that let them change things work if I access the page directly from my browser but not when it is included in that main page. Whats am I missing? /Fredrik -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: SESSION and include
ok.. Let me explain the problem better. 'user_level' is set by a login script. It seems to be working fine since I can make things like: if (1==$_SESSION[user_level]) { let this stuff happen } on my mainpage. on that same mainpage I use include (page.php); (I also tried require...) If I access page.php directly (by writing the URL in my browser) things like if (1==$_SESSION[user_level]) { let this stuff happen } will work just fine, but when page.php is included in mainpage the $_SESSION[user_level] is empty for that included part... /Fredrik Barry wrote: Fredrik Tillman wrote: Hi PROBLEM: I want to let certain users use certain funcions on my page. To manage that I start a session and define $_SESSION[user_level] to a value from a mySQL table. So far so good. Users with $_SESSION[user_level]==1 can access things on the .php page they are on. I made a simple if-statement to handle that. Now the problem is that i want to use include(page.php) and let the users with user_level=1 access special things on that included page. The if statements that let them change things work if I access the page directly from my browser but not when it is included in that main page. Whats am I missing? /Fredrik use require() www.php.net/require Greets Barry -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: SESSION and include
ok.. I was a little too fast again when explaining my problem.. Gonna put some code up for you to see... First of all I DO use quotes. I tried both single and double ones (',) Ok here are some code: IN LOGINSCRIPT: ? /* Check User Script */ session_start(); // Start Session include 'db.php'; // Convert to simple variables $username = $_POST['username']; $password = $_POST['password']; if((!$username) || (!$password)){ echo Please enter ALL of the information! br /; include 'index.htm'; exit(); } // Convert password to md5 hash $password = md5($password); // check if the user info validates the db $sql = mysql_query(SELECT * FROM users WHERE username='$username' AND password='$password' AND activated='1'); $login_check = mysql_num_rows($sql); if($login_check 0){ while($row = mysql_fetch_array($sql)){ foreach( $row AS $key = $val ){ $$key = stripslashes( $val ); } $_SESSION['first_name'] = $row[first_name]; $_SESSION['last_name'] = $row[last_name]; $_SESSION['email_address'] = $row[email_adress]; $_SESSION['user_level'] = $row[user_level]; header(Location: index.php); } } else { echo You could not be logged in! Either the username and password do not match or you have not validated your membership!br /Please try again!br /; include 'index.htm'; } ? IN INDEX.PHP: ? session_start(); if ( empty( $_SESSION['first_name'] ) ) { ? centerfont color=redstrongYou are not logged in!/strong/font/centerbr / ? include 'index.htm'; } else { include 'db.php'; include(http://test.bluenotevoices.se/data.php;); ? [... Some code here...] /* defining variables ... ($main is actually transered from last page the user was on, so in my script it is not defined but I put the code here to let you see it...) */ $main=page.php ?php if (1==$_SESSION['user_level']){ ? [ Some working code here ] ? } require ($main); ? } IN PAGE.PHP ?php session_start(); include data.php; if (empty($_SESSION['user_level'])) { echo (Session is empty);} ? [More code here] Can you see anything I am doing wrong? /F Jochem Maas wrote: Fredrik Tillman wrote: ok.. Let me explain the problem better. 'user_level' is set by a login script. It seems to be working fine since I can make things like: if (1==$_SESSION[user_level]) { let this stuff happen } $_SESSION[user_level] is wrong unless 'user_level' is a defined constant in your code (I bet it isn't). instead write: $_SESSION['user_level'] -- notice the quotes, they delimit the _string_ that is the key of the array. array keys are either strings or integers. on my mainpage. on that same mainpage I use include (page.php); (I also tried require...) If I access page.php directly (by writing the URL in my browser) things like if (1==$_SESSION[user_level]) { let this stuff happen } will work just fine, but when page.php is included in mainpage the $_SESSION[user_level] is empty for that included part... how is $_SESSION['user_level'] being set and/or updated? have you tried a var_dump($_SESSION) on the included page to see what _is_) in the session? are you per change closing the session prior to including the relevant file? I think you'll need to show some code - the way you describe it seems to me to be not possible that $_SESSION['user_level'] is set in the first script and nolonger available in the included script ($_SESSION is a super global that is available everywhere so long as there is an active/open session) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: SESSION and include
PROBLEM SOLVED! What I actually was including was a variable ($main) and since some my pages are called on from different pages in different folders what I actually did was seting $main to the full URL to the site (http://mysite.com/page.php) to avoid confusion. But when calling on a URL I guess PHP is set to drop $_SESSION variables... $main=../page.php; require($main); Works fine. Thanks for all your time and help! /Fredrik Jochem Maas wrote: your problem is probably the fact that when you include page.php you are in effect calling session_start() twice - no idea what that does to your session but I wouldn't be suprised if that borked the _SESSION array. TIP: create a 'global include file' that contains all the code required by every 'page' (i.e. every request) and have each page do a require_once on the 'global include' - below is a basic example: INDEX.PHP ?php require_once 'global.inc.php'; // bla bla bla - do stuff GLOBAL.PHP ?php session_start(); // do more repetitive 'init' stuff Fredrik Tillman wrote: ok.. I was a little too fast again when explaining my problem.. Gonna put some code up for you to see... First of all I DO use quotes. I tried both single and double ones (',) I can't smell that from here though can I? but on the plus side you have just learnt to cut and paste the real [problem] code as opposed to writing out a similar bit of code as an example. if($login_check 0){ while($row = mysql_fetch_array($sql)){ foreach( $row AS $key = $val ){ $$key = stripslashes( $val ); one has to wonder why you are needing to stripslashes on the values you are retrieving from the DB ??? especially given that you then don't use the values you have just stripped. you could remove this whole foreach loop and the code would work indentically (based on what I can see here). -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php