Re: [PHP] Re: SESSION and include
Fredrik Tillman wrote: PROBLEM SOLVED! yeah! :-) What I actually was including was a variable ($main) and since some my pages are called on from different pages in different folders what I actually did was seting $main to the full URL to the site (http://mysite.com/page.php) to avoid confusion. But when calling on a URL I guess PHP is set to drop $_SESSION variables... php is capable of opening files on remote systems via http, when you did: require 'http://yourdomain.com/yourpage.php'; you actually made a seperate request to youre own webserver which when it was processed obviously didn't have the session cookie (as pArt of the request) that would cause the session array to be initialized with the data you would expect. go read up on the ini setting 'allow_url_fopen' for more info on this. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: SESSION and include
Fredrik Tillman wrote: PROBLEM SOLVED! What I actually was including was a variable ($main) and since some my pages are called on from different pages in different folders what I actually did was seting $main to the full URL to the site (http://mysite.com/page.php) to avoid confusion. But when calling on a URL I guess PHP is set to drop $_SESSION variables... $main=../page.php; require($main); Works fine. Thanks for all your time and help! /Fredrik That's why it is so important to post the source code. Not rewriting it, post the code! Ths problem would have been solved after 2 mins if have known that the given path was a http path _ Barry -- Smileys rule (cX.x)C --o(^_^o) Dance for me! ^(^_^)o (o^_^)o o(^_^)^ o(^_^o) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: SESSION and include
ok.. Let me explain the problem better.
'user_level' is set by a login script. It seems to be working fine since
I can make things like:
if (1==$_SESSION[user_level]) { let this stuff happen }
on my mainpage.
on that same mainpage I use
include (page.php);
(I also tried require...)
If I access page.php directly (by writing the URL in my browser) things
like
if (1==$_SESSION[user_level]) { let this stuff happen }
will work just fine, but when page.php is included in mainpage the
$_SESSION[user_level] is empty for that included part...
/Fredrik
Barry wrote:
Fredrik Tillman wrote:
Hi
PROBLEM:
I want to let certain users use certain funcions on my page. To
manage that I start a session and define $_SESSION[user_level] to a
value from a mySQL table. So far so good. Users with
$_SESSION[user_level]==1 can access things on the .php page they
are on. I made a simple if-statement to handle that.
Now the problem is that i want to use include(page.php) and let the
users with user_level=1 access special things on that included page.
The if statements that let them change things work if I access the
page directly from my browser but not when it is included in that
main page.
Whats am I missing?
/Fredrik
use require()
www.php.net/require
Greets
Barry
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: SESSION and include
Fredrik Tillman wrote:
ok.. Let me explain the problem better.
'user_level' is set by a login script. It seems to be working fine since
I can make things like:
if (1==$_SESSION[user_level]) { let this stuff happen }
on my mainpage.
on that same mainpage I use
include (page.php);
(I also tried require...)
If I access page.php directly (by writing the URL in my browser) things
like
if (1==$_SESSION[user_level]) { let this stuff happen }
will work just fine, but when page.php is included in mainpage the
$_SESSION[user_level] is empty for that included part...
/Fredrik
What does -
require (page.php);
print_r($_SESSION);
prints out?
--
Smileys rule (cX.x)C --o(^_^o)
Dance for me! ^(^_^)o (o^_^)o o(^_^)^ o(^_^o)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: SESSION and include
Fredrik Tillman wrote:
ok.. Let me explain the problem better.
'user_level' is set by a login script. It seems to be working fine since
I can make things like:
if (1==$_SESSION[user_level]) { let this stuff happen }
$_SESSION[user_level] is wrong unless 'user_level' is a defined constant
in your code (I bet it isn't).
instead write: $_SESSION['user_level']
-- notice the quotes, they delimit the _string_ that is the key of the
array. array keys are either strings or integers.
on my mainpage.
on that same mainpage I use
include (page.php);
(I also tried require...)
If I access page.php directly (by writing the URL in my browser) things
like
if (1==$_SESSION[user_level]) { let this stuff happen }
will work just fine, but when page.php is included in mainpage the
$_SESSION[user_level] is empty for that included part...
how is $_SESSION['user_level'] being set and/or updated?
have you tried a var_dump($_SESSION) on the included page to
see what _is_) in the session?
are you per change closing the session prior to including the relevant file?
I think you'll need to show some code - the way you describe it seems
to me to be not possible that $_SESSION['user_level'] is set in the first script
and nolonger available in the included script ($_SESSION is a super global
that is available everywhere so long as there is an active/open session)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: SESSION and include
ok.. I was a little too fast again when explaining my problem.. Gonna
put some code up for you to see...
First of all I DO use quotes. I tried both single and double ones (',)
Ok here are some code:
IN LOGINSCRIPT:
?
/* Check User Script */
session_start(); // Start Session
include 'db.php';
// Convert to simple variables
$username = $_POST['username'];
$password = $_POST['password'];
if((!$username) || (!$password)){
echo Please enter ALL of the information! br /;
include 'index.htm';
exit();
}
// Convert password to md5 hash
$password = md5($password);
// check if the user info validates the db
$sql = mysql_query(SELECT * FROM users WHERE username='$username' AND
password='$password' AND activated='1');
$login_check = mysql_num_rows($sql);
if($login_check 0){
while($row = mysql_fetch_array($sql)){
foreach( $row AS $key = $val ){
$$key = stripslashes( $val );
}
$_SESSION['first_name'] = $row[first_name];
$_SESSION['last_name'] = $row[last_name];
$_SESSION['email_address'] = $row[email_adress];
$_SESSION['user_level'] = $row[user_level];
header(Location: index.php);
}
} else {
echo You could not be logged in! Either the username and password
do not match or you have not validated your membership!br /Please try
again!br /;
include 'index.htm';
}
?
IN INDEX.PHP:
?
session_start();
if ( empty( $_SESSION['first_name'] ) ) {
? centerfont color=redstrongYou are not logged
in!/strong/font/centerbr /
? include 'index.htm';
} else { include 'db.php';
include(http://test.bluenotevoices.se/data.php;);
?
[... Some code here...]
/*
defining variables ... ($main is actually transered from last page the
user was on, so in my script it is not defined but I put the code here
to let you see it...)
*/
$main=page.php
?php if (1==$_SESSION['user_level']){
?
[ Some working code here ]
? }
require ($main);
?
}
IN PAGE.PHP
?php
session_start();
include data.php;
if (empty($_SESSION['user_level'])) { echo (Session is empty);}
?
[More code here]
Can you see anything I am doing wrong?
/F
Jochem Maas wrote:
Fredrik Tillman wrote:
ok.. Let me explain the problem better.
'user_level' is set by a login script. It seems to be working fine
since I can make things like:
if (1==$_SESSION[user_level]) { let this stuff happen }
$_SESSION[user_level] is wrong unless 'user_level' is a defined constant
in your code (I bet it isn't).
instead write: $_SESSION['user_level']
-- notice the quotes, they delimit the _string_ that is the key of the
array. array keys are either strings or integers.
on my mainpage.
on that same mainpage I use
include (page.php);
(I also tried require...)
If I access page.php directly (by writing the URL in my browser)
things like
if (1==$_SESSION[user_level]) { let this stuff happen }
will work just fine, but when page.php is included in mainpage the
$_SESSION[user_level] is empty for that included part...
how is $_SESSION['user_level'] being set and/or updated?
have you tried a var_dump($_SESSION) on the included page to
see what _is_) in the session?
are you per change closing the session prior to including the relevant
file?
I think you'll need to show some code - the way you describe it seems
to me to be not possible that $_SESSION['user_level'] is set in the
first script
and nolonger available in the included script ($_SESSION is a super
global
that is available everywhere so long as there is an active/open session)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: SESSION and include
Fredrik Tillman wrote:
IN PAGE.PHP
?php
session_start();
include data.php;
if (empty($_SESSION['user_level'])) { echo (Session is empty);}
?
[More code here]
Hit me if i am wrong, but doesn't it start a new session here?
Would you mind removing the session_start() from that file and test it
again?
btw please try what i mentioned earlier. it's easier to locate the
problem. Thanks.
Barry
--
Smileys rule (cX.x)C --o(^_^o)
Dance for me! ^(^_^)o (o^_^)o o(^_^)^ o(^_^o)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: SESSION and include
your problem is probably the fact that when you include
page.php you are in effect calling session_start() twice -
no idea what that does to your session but I wouldn't be
suprised if that borked the _SESSION array.
TIP: create a 'global include file' that contains all the code
required by every 'page' (i.e. every request) and have each page
do a require_once on the 'global include' - below is a basic
example:
INDEX.PHP
?php
require_once 'global.inc.php';
// bla bla bla - do stuff
GLOBAL.PHP
?php
session_start();
// do more repetitive 'init' stuff
Fredrik Tillman wrote:
ok.. I was a little too fast again when explaining my problem.. Gonna
put some code up for you to see...
First of all I DO use quotes. I tried both single and double ones (',)
I can't smell that from here though can I? but on the plus side you
have just learnt to cut and paste the real [problem] code as opposed
to writing out a similar bit of code as an example.
if($login_check 0){
while($row = mysql_fetch_array($sql)){
foreach( $row AS $key = $val ){
$$key = stripslashes( $val );
one has to wonder why you are needing to stripslashes on the values
you are retrieving from the DB ???
especially given that you then don't use the values you have just stripped.
you could remove this whole foreach loop and the
code would work indentically (based on what I can see here).
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: SESSION and include
PROBLEM SOLVED!
What I actually was including was a variable ($main) and since some my
pages are called on from different pages in different folders what I
actually did was seting $main to the full URL to the site
(http://mysite.com/page.php) to avoid confusion. But when calling on a
URL I guess PHP is set to drop $_SESSION variables...
$main=../page.php;
require($main);
Works fine.
Thanks for all your time and help!
/Fredrik
Jochem Maas wrote:
your problem is probably the fact that when you include
page.php you are in effect calling session_start() twice -
no idea what that does to your session but I wouldn't be
suprised if that borked the _SESSION array.
TIP: create a 'global include file' that contains all the code
required by every 'page' (i.e. every request) and have each page
do a require_once on the 'global include' - below is a basic
example:
INDEX.PHP
?php
require_once 'global.inc.php';
// bla bla bla - do stuff
GLOBAL.PHP
?php
session_start();
// do more repetitive 'init' stuff
Fredrik Tillman wrote:
ok.. I was a little too fast again when explaining my problem.. Gonna
put some code up for you to see...
First of all I DO use quotes. I tried both single and double ones (',)
I can't smell that from here though can I? but on the plus side you
have just learnt to cut and paste the real [problem] code as opposed
to writing out a similar bit of code as an example.
if($login_check 0){
while($row = mysql_fetch_array($sql)){
foreach( $row AS $key = $val ){
$$key = stripslashes( $val );
one has to wonder why you are needing to stripslashes on the values
you are retrieving from the DB ???
especially given that you then don't use the values you have just
stripped.
you could remove this whole foreach loop and the
code would work indentically (based on what I can see here).
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: SESSION and include
On 2/8/06, Fredrik Tillman [EMAIL PROTECTED] wrote:
Ok here are some code:
?
/* Check User Script */
session_start(); // Start Session
include 'db.php';
// Convert to simple variables
$username = $_POST['username'];
$password = $_POST['password'];
if((!$username) || (!$password)){
echo Please enter ALL of the information! br /;
include 'index.htm';
exit();
}
// Convert password to md5 hash
$password = md5($password);
// check if the user info validates the db
$sql = mysql_query(SELECT * FROM users WHERE username='$username' AND
password='$password' AND activated='1');
$login_check = mysql_num_rows($sql);
Don't forget to use mysql_real_escape_string on all user input that is going
into your database. This is a good habit to be in.
$username = mysql_real_escape_string($username);
