PHP session won't work [AGAIN]

[[dx]]

Hello there, Here's me again with my session problem.Well, I have few files which includes other files like: index.php includes mysql.php which includes func.php, which includes conf.php So conf.php is at the very very top of script.So there's at first line of conf.php line

if (session_id() == '') session_start();

Then, in func.php file I have function login with 2 parameters, email and password.Also, my script have backend (admin cp) and front user login. So when I login from admin, session is stored in every case, works fine.But when trying to login from front page, sometimes logs in, sometimes don't. If I login with admin, then logout, and then try login on front page, login is successfull.But if I close browser, and sessions are cleared, and then try login on front page (without login admin first) there's problem with setting session. But I use same login script for both logins. What should I do..? I don't see any problem but sessions here..

[astralaaron]

Hi I think if you post your login script somebody will be able to help

[[dx]]

function login($u, $p) {  global $cookie;  $sql = mysql_query("SELECT id_user, email, password FROM users WHERE email='$u'");  if (mysql_num_rows($sql) > 0) {	$sql = mysql_fetch_array($sql);	if (($u == $sql['email']) && (md5($p) == $sql['password'])) {	  mysql_query("UPDATE users SET ip_address='{$_SERVER['REMOTE_ADDR']}' WHERE id_user='{$sql['id_user']}'");	  $patern = array($sql['id_user'], md5($_SERVER['REMOTE_ADDR']), md5($u));	  $_SESSION[$cookie] = implode('|', $patern);	  return 'logged_in';	}	else return 'login_incorrect';  }  else return 'not_exists';}

I think it's just problem with setting session. Script in some cases works fine.Like session is set, and deleted momentaly.

[astralaaron]

Maybe if you change

if (session_id() == '') session_start();

to

session_start();

[[dx]]

It's same..

[justsomeguy]

Do you ever destroy the session? Do you get the same results if you visit several pages before trying to log in?

[[dx]]

Just on logout I unset it..

[justsomeguy]

The answer to my second question would help, and also check if the value of $cookie changes.

[[dx]]

Not working in that case also..

[justsomeguy]

You are saying that if you navigate to several pages while not logged in, and then you log in, it does not work?

[[dx]]

No, if I login with admin panel, and then logout, I'm able to login with front page, but if I close browser, and open to front page, and try login, I can't then. I've tried something to avoid headers sent message, and used if (!headers_sent()) session_start(); and then I can't login from admin too..

[justsomeguy]

If you're getting the error that the headers have already been sent then that's the problem, that's what you need to solve. You're sending some output before starting the session.

[[dx]]

No, read first post in this topic. My session_start() is at top of script. There's nothing there.. Just: <?PHP session_start();

[justsomeguy]

I did read the first post, and it sounds like the line that starts the session is in the 4th file that gets included. If you're getting the message that headers were already sent then that is the problem, and that error message will also tell you exactly where the problem is.

[[dx]]

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at index.php:1) in conf.php on line 4 Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at index.php:1) in conf.php on line 4 index.php includes mysql.php mysql.php includes func.php func.php includes conf.php session_start() is in conf.php on line 4 I've set session_start() before mysql.php include in index.php and deleted it from conf.php, so there's no error anymore, but login still won't work..

[[dx]]

I've tryed to echo $_SESSION[$cookie] and data is OK, also session is created but file not filled with data..

[justsomeguy]

That error indicates that output was sent on line 1 of index.php. If you don't think there is output there then make sure the file does not have the UTF BOM.

I've tryed to echo $_SESSION[$cookie] and data is OK, also session is created but file not filled with data..

What do you mean that the data is OK, but the file is not filled with the data?

[[dx]]

Well, after I put it in index.php, I've used UTF8 without BOM and it solved problem. With "data is OK", I mean that session is correctly written with format I want..And I've used htaccess to change session path folder, and in folder there's file sess_something_here.But file is empty. But also writing to file is ok, couse I have other session which register request_uri and works fine..

[justsomeguy]

So is the problem solved by removing the BOM?

[[dx]]

Problem about showing message headers sent, but still not writing session, this session for login, every other session is written fine..Now don't work even admin login.

[justsomeguy]

I would need to see the code for the part that works and the part that doesn't, both the code that sets and reads the session data for each part.

[[dx]]

I can't only understand why does it won't write session data to file. When I use $_SESSION[$cookie] file sess_some_session_name is created but if I open it, it's empty.If I try store any other data to some other session, it is written to file.. There's login function few posts ago and you can see how it works.

[justsomeguy]

I can't only understand why does it won't write session data to file.

Maybe it doesn't have permission to write to the file. Maybe you're not storing the data correctly. I can really only guess. Did you set the options to report and log all errors from PHP, including startup errors? Did you change the default location to store session files in? If you did, does it work with the default?

When I use $_SESSION[$cookie] file sess_some_session_name is created but if I open it, it's empty.If I try store any other data to some other session, it is written to file..

What do you mean some other session? There's only one session. I haven't seen a value for $cookie so I don't know if that affects anything. I saw the login function, is that the same function you use on all areas, both the places that work and the ones that don't? Is the value of $cookie always the same, both in the places that work and the ones that don't? If you have it working in one place and not in another place in the same application then obviously some difference in the code is the problem, but I can't tell what that difference is by looking at a single function that uses global variables.

[[dx]]

Maybe it doesn't have permission to write to the file. It does have. I've set chmod 777 for session folder, also I've tried setting chmod 777 for session file after it is created. Maybe you're not storing the data correctly. It does not store anything in session file. (file is empty) Did you set the options to report and log all errors from PHP, including startup errors? I'm using error_reporting(E_ALL); Did you change the default location to store session files in? If you did, does it work with the default? Yes, I did. Not working for any location, default, or changed. What do you mean some other session? I mean some other session name, like $_SESSION['session1'] and $_SESSION['session2'].If I try something like $_SESSION['test'] = 'something';, there's data in session file like: test|s:9:"something"; I haven't seen a value for $cookie so I don't know if that affects anything. I've tried print $cookie value and it is correct. (just using letters and _) I saw the login function, is that the same function you use on all areas, both the places that work and the ones that don't? Yes, it is. Is the value of $cookie always the same, both in the places that work and the ones that don't? Yes, there's one conf file with $cookie = 'cookie_name';

[justsomeguy]

I don't see a reason why it would do that. The session is just an array, $_SESSION is the complete session. Assigning different values doesn't create different sessions, it's all stored in one session array. I don't see a reason why using certain keys would work and other keys would not work, it's all the same thing. Are you changing the session ID anywhere in the code? If you change the session ID or session name after starting the session then that will be a problem.