[UPHPU] sessions in front controller
Scott Hill
llihttocs at gmail.com
Tue Oct 10 15:28:08 MDT 2006
On 10/10/06, jtaber <jtaber at johntaber.net> wrote:
>
> that's actually what I thought and have used on other pages - I've gone
> back and put session_start() on all views and controller functions - I
> think the problem might indeed be in the php.ini
>
> the result I'm getting is when checking on the next page in sequence, I
> am getting a new session id and blanks for the session vars I've set on
> the first page
>
> in the php.ini I've noticed the following defaults:
> session.save_handler = files
> ;session.save_path = /var/lib/php5
> ; session.use_only_cookies = 0
> session.name = PHPSESSID
> session.auto_start = 0
> session.cookie_lifetime = 0
> session.cookie_path = /
> session.cookie_domain =
>
> now - I uncommented out session_save_path and session_use_only cookies
> (idea being to run with cookies off putting session in url) - I can't
> remember if the other settings need to be changed.
>
> meanwhile, could the use of:
> header('Location:/testapp/welcome/'); be causing a problem - shouldn't
> the session be attached to the end of that ?
Whenever I header to another script, I have to put and exit() in or things
get really confusing. Snippet from one of my hardly used any more apps:
<?php # login.php
ob_start();
$page_title = 'User Login';
require_once('rtns.php');
require_once('mysqlconnect.php');
function CreateUserSel($usrid = NULL) {
$tmpqry = "select * from users order by usr_lname, usr_fname";
$tmprslt = mysql_query($tmpqry);
if ($tmprslt) {
echo '<select class="dataentry" name="login">';
while ($tmprow = mysql_fetch_array($tmprslt,MYSQL_BOTH)) {
echo '<option value="'.$tmprow['usr_id'].'"';
if ($usrid == $tmprow['usr_id'])
echo ' selected="selected"';
echo '>'.$tmprow['usr_lname'].',
'.$tmprow['usr_fname'].'</option>';
}
echo '</select>';
}
else
echo '<p>Error doing query: '.mysql_error().'</p>';
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$message = NULL;
if (empty($_POST['login'])) {
$login = FALSE;
$message .= 'You forgot to choose a user!\n';
}
else
$login = $_POST['login'];
$pswd = NULL;
if (!empty($_POST['pswd']))
$pswd = $_POST['pswd'];
if ($login) {
$query = "select * from users where usr_id = '$login' and usr_pswd
= MD5('$pswd')";
$result = mysql_query($query);
if ($result) {
$row = mysql_fetch_array($result,MYSQL_ASSOC);
if ($row) {
session_start();
$_SESSION['login'] = $login;
$_SESSION['userid'] = $row['usr_id'];
$_SESSION['usrname'] = $row['usr_lname'].',
'.$row['usr_fname'];
setcookie('userlogin',$login,time()+86400,'/','',0);
$query = "update users set usr_loggedin = 'Yes' where usr_id
= {$_SESSION['userid']}";
$result = mysql_query($query);
mysql_close();
ob_end_clean();
>>>>>>> Notice the exit after header.
header("Location:
http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF'])."/index.php");
exit();
}
else
$message.= 'Login and/or password does not match what is on
record!\n';
}
else
$message .= 'Login not valid. Error: '.mysql_error().'\n';
}
else
$message .= 'Please try again!\n';
}
if (isset($message))
ShowError($message);
PageControl("Login","Add",0,0);
ob_end_flush();
?>
<?php #index.php
ob_start();
$page_title = "Home Page";
session_start();
>>>> The session array should be available here.
require_once('rtns.php');
include('otherstuff.php');
require('mysqlconnect.php');
PageControl("Home","Home",0,0);
?>
You should be able to have access to the $_SESSION array until you exit the
script or call session_destroy(). I know this is probably obvious to many
of you but it gave me fits until I finally put exits after the calls to
header.
Sorry about the long post and all the code.
Hope it helps some.
--
Scott Hill
"May you solve interesting problems" - Author Unknown
"A fanatic is one who can't change his mind and won't change the subject." -
Sir Winston Churchill
More information about the UPHPU
mailing list