Jump to content

PHP Sessions being lost

dargpat

By dargpat
in PHP Coding Help

 Share

Recommended Posts

dargpat Newbie

dargpat

Posted
Posted

I'm creating a script and having problems with the log in portion using sessions.  Everything works fine when I set the sessions for the log in which is in the root directory.  The problem arises when I try to create an admin area and cross from the user side to the admin side which is in a different directory of its own.  I do an echo to check for the sessions in admin area and all are lost.

 

/root <--sessions work 100%

 

Click link to go to

 

/root/admin  <--- sessions are lost

 

and yes all pages have session_start()

 

Any advice would gladly be appreciated!

 

Thanks

 

 

Here is login code:

 

<?php
session_start();

include("admin/db/db_connect.php");


$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];


$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM members WHERE user_name='$myusername' and user_pass='$mypassword'";

$result=mysql_query($sql);

$rows=mysql_fetch_array($result);

$status = $rows['status'];
$user_id = $rows['user_id'];

if(($status!="") && ($status==0)){

$m="Your Account has not been activated or is suspended!";

$m = base64_encode($m);

header("location:login.php?m=$m");
exit();
}

$count=mysql_num_rows($result);


if($count==1){



$_SESSION['myusername'] = $myusername;
$_SESSION['myuser_id'] = $user_id;

if($user_id == "1"){

$_SESSION['admin'] = $myusername . $user_id;

}


//echo $user_id . $myusername."<p></p>";

//echo $_SESSION['myusername'] . $_SESSION['myuser_id'] . $_SESSION['admin'];
//exit();

$m="Login Successful!";

$m = base64_encode($m);

header("location:members.php?m=$m");
}
else {

$m="Login Failed, Please Try Again!";

$m = base64_encode($m);

header("location:login.php?m=$m");


}
?>

 

That works fine for members area and other files in root:

<?php
session_start();
include("inc/vars.php");
include("admin/db/db_connect.php");
include("inc/page_header.php");

if(!isset($_SESSION['myusername'])){
header("location:login.php");
}
?>

<?php 
$m = $_GET['m'];

$m = base64_decode($m);

?>

<?php include("inc/page_footer.php");?>

 

But it doesn't for this script in admin:

 

<?php
session_start();

$log = $_SESSION['myusername'];
$in  = $_SESSION['myuser_id'];
$key = $log . $in;

echo "<p>-->". $log . $in ."<--</p>";

echo $key."<-- Key"; 
exit();                 //testing

if($_SESSION['admin'] !== $key){
header("location:/login.php");
}

$ImageDirx = "../sopImages/";

$func = $_GET["func"];
$picid = $_GET["picid"];
$dothis = $_GET["dothis"];

if($func != "" && $picid != "" && $dothis != ""){


   function DoDelete($picid,$dothis) {

        include ("../inc/vars.php");
        include ("db/db_connect.php");
        include ("admin_header.php");

$query ="SELECT * FROM listings WHERE picid='$picid'";
$result = mysql_query($query);
        $row = mysql_fetch_array($result);
        $delete = $row["imagefile"];

        // Delete image from server & DATABASE

        //echo $ImagePth . $delete;exit();

$sql = "DELETE FROM listings WHERE picid='$picid'";
$result = mysql_query($sql);

        @unlink($ImagePth . $delete);

   }

   function DoStatusC($func,$picid,$dothis) {

        include ("../inc/vars.php");
        include ("db/db_connect.php");
        include ("admin_header.php");

if($func == hold){ $Nactive = "n"; }
else{ $Nactive = "y";}


$query ="SELECT * FROM listings WHERE picid='$picid'";
$result = mysql_query($query);

$myrow = mysql_fetch_array($result);

$picid = $myrow["picid"];
$active = $myrow["active"];

$sql ="UPDATE listings SET active='$Nactive' WHERE picid='$picid'";
$result = mysql_query($sql);

   }

   if($func == "delete"){ DoDelete($picid,$dothis); }
   else { DoStatusC($func,$picid,$dothis); }

}

if (empty($_GET["dothis"])) { shownew(); Die(); }
else {$dothis = $_GET["dothis"];}

if($dothis == "echonew"){shownew(); die();}
elseif($dothis == "echoactive"){showactive(); die();}
elseif($dothis == "echoall"){showall(); die();}
elseif($dothis == "resetDB"){DoresetDB(); die();}


  // Retrieve all images from the db
function showall() {

  include("../inc/vars.php");
  include ("db/db_connect.php");
  include ("admin_header.php");


  $query = "SELECT * FROM listings ORDER BY id DESC";
  $result = mysql_query($query);
  $num = mysql_num_rows($result);
  if ($num == "0") {print("No Results");include("admin_footer.php"); die();}
  if ($num < "20") {$Xwarning = "WARNING: There are not enough images for this script to work correctly.<br>";}
  print("<font color='red'>$Xwarning</font>");
  print("<font color='blue'>$num</font> Image(s)<br>");
  if($num > 0){

    $i=0;

    echo "";
    while($i < $num){

      $id = mysql_result($result, $i, "id");
      $owner_id = mysql_result($result, $i, "owner_id");
      $picid = mysql_result($result, $i, "picid");
      $imagename = mysql_result($result, $i, "imagename");
      $imagefile = mysql_result($result, $i, "imagefile");
      $active = mysql_result($result, $i, "active");

        $query2 ="SELECT * FROM members WHERE user_id='$owner_id'";
$result2 = mysql_query($query2);
        $myrow2 = mysql_fetch_array($result2);
        $name = $myrow2["user_name"];

      if ($active == "n") {$status = "Hold";}
      else {$status = "Active";}
      if ($active == "n") {$statusL = "<a href=\"inedx.php?func=allow&picid=$picid&dothis=echoall\">Click to Allow</a>";}
      else {$statusL = "<a href=\"index.php?func=hold&picid=$picid&dothis=echoall\">Click to Hold</a>";}
      echo "<table border=\"0\" cellspacing=\"1\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=

\"585\">
      <tr><td width=\"237\"><img src='../i.php?src=/".$ImageDir."".$imagefile."&h=&w=150&zc=0'></td>
      <td width=\"341\" valign=\"top\"><b>Submitted By:</b> <a href=\"member.php?user_id=".$owner_id."\">".

$name."</a><br><b>Website:</b> ".$website."<br><b>Image Name:</b> ".$imagename."<br><b>Status:</b> ".$status."<br><br><a 

href=\"index.php?func=delete&picid=$picid&dothis=echoall\">Delete</a> | ".$statusL."</td>
    </tr>\n</table><hr color=\"#0000FF\" align=\"left\" width=\"570\" size=\"1\">";

      $i++;
    }
    echo "";
  }
include("admin_footer.php");
}

function shownew() {
  // Retrieve all new images from the db

  include("../inc/vars.php");
  include ("db/db_connect.php");
  include ("admin_header.php");

  $query = "SELECT * FROM listings WHERE active='n' ORDER BY id DESC";
  $result = mysql_query($query);
  $num = mysql_num_rows($result);
  if ($num == "0") {print("No Results"); include("admin_footer.php"); die();}
  print("<font color='blue'>$num</font> Image(s)<br>");
  if($num > 0){

    $i=0;

    echo "";
    while($i < $num){

      $id = mysql_result($result, $i, "id");
      $owner_id = mysql_result($result, $i, "owner_id");
      $picid = mysql_result($result, $i, "picid");
      $imagename = mysql_result($result, $i, "imagename");
      $imagefile = mysql_result($result, $i, "imagefile");
      $active = mysql_result($result, $i, "active");

        $query2 ="SELECT * FROM members WHERE user_id='$owner_id'";
$result2 = mysql_query($query2);
        $myrow2 = mysql_fetch_array($result2);
        $name = $myrow2["user_name"];

      if ($active == "n") {$status = "Hold";}
      else {$status = "Active";}
      if ($active == "n") {$statusL = "<a href=\"index.php?func=allow&picid=$picid&dothis=echonew\">Click to Allow</a>";}
      else {$statusL = "<a href=\"index.php?func=hold&picid=$picid&dothis=echonew\">Click to Hold</a>";}
      echo "<table border=\"0\" cellspacing=\"1\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=

\"585\">
      <tr><td width=\"237\"><img src='../i.php?src=/".$ImageDir."".$imagefile."&h=&w=150&zc=0'></td>
      <td width=\"341\" valign=\"top\"><b>Submitted By:</b> <a href=\"member.php?user_id=".$owner_id."\">".

$name."</a><br><b>Website:</b> ".$website."<br><b>Image Name:</b> ".$imagename."<br><b>Status:</b> ".$status."<br><br><a 

href=\"index.php?func=delete&picid=$picid&dothis=echonew\">Delete</a> | ".$statusL."</td>
    </tr>\n</table><hr color=\"#0000FF\" align=\"left\" width=\"570\" size=\"1\">";

      $i++;
    }
    echo "";
  }
include("admin_footer.php");
}

function showactive(){
  // Retrieve all Active images from the db
  include("../inc/vars.php");
  include ("db/db_connect.php");
  include ("admin_header.php");


  $query = "SELECT * FROM listings WHERE active='y' ORDER BY id DESC";
  $result = mysql_query($query);
  $num = mysql_num_rows($result);
  if ($num == "0") {print("No Results");include("admin_footer.php"); die();}
   if ($num < "20") {$Xwarning = "WARNING: There are not enough images for this script to work correctly.<br>";}
  print("<font color='red'>$Xwarning</font>");
  print("<font color='blue'>$num</font> Image(s)<br>");
  if($num > 0){

    $i=0;

    echo "";
    while($i < $num){

      $id = mysql_result($result, $i, "id");
      $owner_id = mysql_result($result, $i, "owner_id");
      $picid = mysql_result($result, $i, "picid");
      $imagename = mysql_result($result, $i, "imagename");
      $imagefile = mysql_result($result, $i, "imagefile");
      $active = mysql_result($result, $i, "active");

        $query2 ="SELECT * FROM members WHERE user_id='$owner_id'";
$result2 = mysql_query($query2);
        $myrow2 = mysql_fetch_array($result2);
        $name = $myrow2["user_name"];

      if ($active == "n") {$status = "Hold";}
      else {$status = "Active";}
      if ($active == "n") {$statusL = "<a href=\"index.php?func=allow&picid=$picid&dothis=echoactive\">Click to 

Allow</a>";}
      else {$statusL = "<a href=\"index.php?func=hold&picid=$picid&dothis=echoactive\">Click to Hold</a>";}
      echo "<table border=\"0\" cellspacing=\"1\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=

\"585\">
      <tr><td width=\"237\"><img src='../i.php?src=/".$ImageDir."".$imagefile."&h=&w=150&zc=0'></td>
      <td width=\"341\" valign=\"top\"><b>Submitted By:</b> <a href=\"member.php?user_id=".$owner_id."\">".

$name."</a><br><b>Website:</b> ".$website."<br><b>Image Name:</b> ".$imagename."<br><b>Status:</b> ".$status."<br><br><a 

href=\"index.php?func=delete&picid=$picid&dothis=echoactive\">Delete</a> | ".$statusL."</td>
    </tr>\n</table><hr color=\"#0000FF\" align=\"left\" width=\"570\" size=\"1\">";

      $i++;
    }
    echo "$warning";
  }
include("admin_footer.php");
}
?>

Link to comment
Share on other sites
dargpat Newbie

dargpat

Posted
  • Author
Posted

Did you

print_r($_SESSION);

 

to what is actually in the session?

 

returns: Array ( )

 

:wtf:

 

I also did it on members.php in root and it returned:

 

Array ( [myusername] => admin [myuser_id] => 1 [admin] => admin1 )

 

and if I click link in members.php  and goes to admin/index.php

 

I get nothing in the array!

Link to comment
Share on other sites
dargpat Newbie

dargpat

Posted
  • Author
Posted

I found out the problem...

 

I took my php.ini file and placed it in the admin directory now everything is working 100%

 

I thought by having php.ini in the root folder it would affect all sub-folders ....

 

Can someone explain to me why php.ini in root is not affecting the sub-folders and what do I need to do, to accomplish that!

 

Thanks

Link to comment
Share on other sites
dargpat Newbie

dargpat

Posted
  • Author
Posted

Sometimes you have to figure things out yourself...

 

But after hours or trial and error I found an answer to the php.ini (saw there were possibly more but this one works fine)

 

Don't want to place php.ini in every subfolder?

 

GeeksEngine is hosted by LunarPages where PHP is compiled as CGI. In addition, LunarPages also uses suPHP to parse php scripts. An account can have multiple php.ini files in different folders so you can customize the php processing in different folders should your script require it. A php.ini file will not inherit down into subfolders. However, you can create a .htaccess file in the same folder as the php.ini file and place the following code into it:

suPHP_ConfigPath /home/username/public_html/

 

where "username" is your cPanel username. This will cause the php.ini file to affect all subfolders, unless a php.ini file is in a subfolder, at which point the php.ini in the subfolder takes precedence.  ~ geeksengine.com

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.