Session_start() In Included Php File

[smerny]

i have the following code within a php file that is included in the main index file:

<?php session_start(); ?>....	<?php	if (isset($_SESSION['user_id']))	{	?>	Hello <?php echo $_SESSION['user_displayname']; ?>.	<?php	}	else	{	?>	<form method='post' action='login.php'>	  Email: <input name='email' type='text' />	  Password: <input name='password' type='password' />	  <input name='page_mode' type='hidden' value='login'>	  <input type='submit' value='Log In'>	</form>	<?php	}	?>

but it's not showing me the user_displayname after i'm logged in... it just keeps showing the log in form..is there a problem with doing this in an included file?

[justsomeguy]

No, the fact that's in an include file doesn't add any restrictions.

[smerny]

well this is from login.php which sets the session and redirects to the other page

	else	{	  $_SESSION['user_id'] = $row['ID'];	  $_SESSION['user_displayname'] = $row['DisplayName'];	  $_SESSION['user_email'] = $row['Email'];	  header('Location: index.php');	  exit();	}

i also commented out the header() function and had it echo the session variables in the log in page just to see if they are being set right... they work... so why wouldn't it work on the other page?

[justsomeguy]

Are you using session_start before you set everything in the session?

[smerny]

yes at the very top of login.php is

<?phpsession_start();

[justsomeguy]

It would seem like it would work. Add a print_r after you do session_start so you can track it.print_r($_SESSION);

[smerny]

it says Array ( ) both before and after i log in when i use this

<?php session_start(); print_r($_SESSION);?>

at the top of the include php page

[justsomeguy]

Is this your first time using sessions? Have you created a test page to make sure they're working on your computer, such as one page that sets a session value, and another page that reads it? After you use session_start on one of your pages, look in your list of cookies to see if you can find a cookie called PHPSESSID from your server.

[smerny]

this is my first time and this is my test page basically, trying to get a page to read a session that login.php sets. how do i see a list of cookies?

[smerny]

http://support.mozilla.com/en-US/kb/Cookie..._Cookies_Windowfound out how to view cookies and i do see two cookies from my site (although one says has www. and the other does not) both named PHPSESSID

[justsomeguy]

Delete the cookies, then run the page again and see if they come back.There are a lot of issues with your pages other than testing sessions. If you want to test sessions, create this page as page1.php:

<?phpsession_start();$_SESSION['test'] = 'test';?><a href="page2.php">page 2</a>

and page2.php:

<?phpsession_start();if (isset($_SESSION['test']))  echo 'session is set';else  echo 'session is not set';?>

There's no reason to introduce several other points of failure if all you're trying to do is test one thing.

[smerny]

the cookie came back... i'll make your pages now

[smerny]

session is set

[justsomeguy]

So it sounds like sessions are working, in general at least. Now add a feature at a time to the code until it breaks again. Have page1 redirect to page2 and see if it's still set. You'll need to unset the session though to make sure it's accurate each time, so might as well unset it on page 2.

<?phpsession_start();if (isset($_SESSION['test'])){  echo 'session is set';  unset($_SESSION['test']);}else  echo 'session is not set';?>

[smerny]

that's working for me as well

[justsomeguy]

Right, so go ahead and add features in one-by-one from your login form, and test it after each feature to find out if it broke the session. The point is to start with something simple that you know works, and add things in one-by-one to get it to do what you want, each time through test it out so that if you add something that doesn't work at least you know where to look.

[smerny]

Okay I had my login.php page direct to a page that just printed the session variables and it showed up.... those didn't show up when I used the same code to try printing session variables on the page that is included on the index page.So then I decided to put that code directly on the index page as well... this is what came out:

Array ([user_id] => 1 [user_displayname] => dNik [user_email] => xxxx ) Array ( )

The first session array is printed directly from the index page while the second one is printed from the included php file... so I'm back to my original thought that it must be that sessions dont work within the include?I also noticed that if I use $_SERVER['REMOTE_ADDR'] within an included php file, it gives me the IP of the host rather than the IP of the user...

[justsomeguy]

Show me how you're including the file.

[smerny]

before i was doing the whole URL, i noticed that if i only do after the .com it works?like this now works...<?php include("templates/headerMenu.php"); ?>why doesn't it work if i use the entire URL?

[justsomeguy]

That's right, if you use the HTTP URL then your server issues a regular HTTP request for the page. That means the server is using its own session, not your browser's, and it uses its own IP. That's what happens when you request a page using HTTP.

[smerny]

ah.. well that solves two problems that i've had then... thanks