php session doesn't work

How it should work: Index.php is the secured page. It includes check.php, which checks if you have a session = good. If it hasn't, you're not logged in -> log off, remove session. But it doesn't work, it always logs off, like I didn't log in...

index.php

include ‘check.php’;
echo "logged in";

check.php

session_start();
if($_SESSION[‘login’] != ‘good’) {
unset($_SESSION[‘login’]);
unset($_SESSION[‘name’]);
header(‘Location: login.php?logoff’);
exit();
} 

Login.php

if(isset($_POST[‘login’])) {
$gb = array();
$gb[‘user1’] = ‘pass1’;
$gb[‘user2’] = ‘pass2’;
if(isset($gb[$_POST[‘username’]]) && $gb[$_POST[‘username’]] == $_POST[‘password’])
{ 
$_SESSION[‘login’] = ‘good’;
$_SESSION[‘name’] = $_POST[‘name’];

header("Location: index.php");
} else {

header("Location: login.php?wrongpass");

}

} else { ?>
Login Form
<?php } ?>

I hope someone can help me!

Asked By: Carrot
||

Answer #1:

You should verify you started the session in login.php.

Answer #2:

Put session_start(); in all the pages

Answered By: iLaYa ツ

Answer #3:

Check that you have register_globals is On in your php.ini

Answered By: SMacFadyen

Answer #4:

First check on the pages you want to use session variables session is start or not and if session is not stat then start it.

and this is the very first line in the php file.

Code for the session checking is :

if(!session_id())
{
    session_start();
}
Answered By: JIT1986

Answer #5:

You need to have session_start() at the top of all the pages, you havent shown the session start for your login page.

(Thanks to Danny for proving I cant type)

Answered By: BugFinder

Answer #6:

if($count==1){
    session_start();    
    $_SESSION['Username'] = $UserName;
    $_SESSION['Password'] = $password;
    UpdateOnlineChecker($Session);
    header( "Location: http://". strip_tags( $_SERVER ['HTTP_HOST'] ) ."/newHolo/" );
    exit;
}
else {
    echo "Wrong Username or Password";
}

Look at my code. It checks if the statement is true (for me, if there is one row with a query statement i execute). Then i start a session and basically Ill define global session variables, sned out a query to my database to update the session and then refer through.

you are missing a session_start(); in your if true block.

Answered By: Dorvalla

Answer #7:

Use one for action document such as index.php there is code:

session_start();
if(isset($_POST['login']) && isset($_POST['password'])){
   // login
   header('Location: (here is some page)');
}
if(!isset($_SESSION['user']){
  // @todo some action
} else {
  require_once('login.php');
}

if(isset($_GET['logout'])){
   unset($_SESSION['user']);
   header('Location: (here is some page)');
}
Answered By: RDK

Answer #8:

I think problem is header:

('location:------.php);

Your hosting server doesn't run this. You can use this:

echo "<script>window.location.href='-----.php'</script>";
Answered By: Taher Khan
The answers/resolutions are collected from stackoverflow, are licensed under cc by-sa 2.5 , cc by-sa 3.0 and cc by-sa 4.0 .



# More Articles