Viewed   158 times

Session variables are apparently not working for me. I don't know what I'm doing wrong. This is the code that I'm using to check for a valid password:

if ($input_password_hash == $password_hash)
  $_SESSION['is_user'] = 1;
  header("Location: ../new_look"); //or Location: index.php
else echo "Wrong password.";

in the index.php file (where it redirects to), I have this code:

if ($_SESSION['is_user'] == 1)
  //show index page with navigation bar for registered user

 //do something else

but it's not working at all.

The session does apparently start and that can be verified by checking the cookie.

What am I doing wrong?



You know that you've got to write session_start() before you use the $_SESSION variable in any request, right? It looks like you haven't put it in index.php anywhere.

Friday, December 16, 2022

A frame can access the session only if it's relative to the same domain. For example:

  <iframe src ="test.php" width="200" height="200"></iframe> 

Should work outside and inside the iframe. If your still having problems try:

 <?php  session_start();

    $sessid = $_GET['sessid'];
    if (isset($sessid) && $sessid != "" && $sessid != NULL) {
      $_SESSION['sessid'] = $sessid;
Tuesday, December 13, 2022

Do you have firebug installed for firefox? If so, do you have the firecookie addon

If so, you should see the presence of PHPSESSID. If you don't see any cookies, then chances are, this is your issue.

Wednesday, August 3, 2022

A cookie is a bit of data stored by the browser and sent to the server with every request.

A session is a collection of data stored on the server and associated with a given user (usually via a cookie containing an id code)

Tuesday, September 20, 2022

You could also update the $_SESSION['LAST_ACTIVITY'] only (eg) once per minute but than the session will not be destroyed after exactly 30 minutes.

if (isset($_SESSION["LAST_ACTIVITY"])) {
    if (time() - $_SESSION["LAST_ACTIVITY"] > 1800)) {
        // last request was more than 30 minutes ago
        session_unset();     // unset $_SESSION variable for the run-time 
        session_destroy();   // destroy session data in storage
    } else if (time() - $_SESSION["LAST_ACTIVITY"] > 60) {
        $_SESSION["LAST_ACTIVITY"] = time(); // update last activity time stamp

And the easiest way to do this is put the code in the config file since I don't think you want to change all 200 php files.

Saturday, September 3, 2022
Only authorized users can answer the search term. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :