$_SESSION returns blank 1

[arunrr]

test URL is

http://www.bcci.com/test.html

Please turn your attention to the Message board login.
You may use (test123/test123) to login.

After this, it must display "Welcome: test123". But I get blank.

Current Code...

--------------------------------------------------------
<?php
ob_start();
ini_set('display_errors','on');
error_reporting(E_ALL);
session_start();
//if ( isset( $_SESSION['username'] ){
if(session_is_registered('user')){
?>
<HTML>
<HEAD>
<title>BCCI.COM - Members!!!</title>
<META name="description" content="Website for cricket fans in the world.">
<META name="keywords" content="BCCI, Cricket">
<link rel="stylesheet" type="text/css" href="/bcci.css">
</HEAD>
<body onload="document.msgform.Message.focus();">
<TABLE cellSpacing="0" cellPadding="0" width="100%" border="0">
<TR bgcolor="grey" align="center" valign="middle"><TD>
<span style="font-size:12;color:blue;">
<b>Welcome: <span style="color:#D40606;"><?php echo $_SESSION['user']; ?>
</span>
</TR>
<TR><TD height="5"></TD></TD>
<TR align="center" valign="middle"><TD align="center" valign="middle">
<form method="post" name="msgform">
<input size="30" type="text" name="Message" />
<input type="submit" name="action" value="Submit" style="font-size:11;color:black;font-weight:bold;" />
<input type="submit" name="action" value="Logout" style="font-size:11;color:black;font-weight:bold;" />
</form>
</TD></TR>
</TABLE>
</body>
</HTML>
------------------------------------------------------

There is more code. Please let me know if I must provide that.

Help is very much appreciated.

Thanks
Arun

 

[vacunita]

Perhaps if you show us the part where you set $_SESSION['user'] or $_SESSION['username']. and which one you really want, since you check for one but output another.


----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

Behind the Web, Tips and Tricks for Web Development.

http://behindtheweb.blogspot.com/

 

[arunrr]

Thanks. Here is the complete script...

----------------------------------------------------

<?php
ob_start();
ini_set('display_errors','on');
error_reporting(E_ALL);
session_start();
if(session_is_registered('user')){
?>
<HTML>
<HEAD>
<title>BCCI.COM - Members!!!</title>
<META name="description" content="Website for cricket fans in the world.">
<META name="keywords" content="BCCI, Cricket">
<link rel="stylesheet" type="text/css" href="/bcci.css">
</HEAD>
<body onload="document.msgform.Message.focus();">
<TABLE cellSpacing="0" cellPadding="0" width="100%" border="0">
<TR bgcolor="grey" align="center" valign="middle"><TD>
<span style="font-size:12;color:blue;">
<b>Welcome: <span style="color:#D40606;"><?php echo $_SESSION['user']; ?>
</span>
</TR>
<TR><TD height="5"></TD></TD>
<TR align="center" valign="middle"><TD align="center" valign="middle">
<form method="post" name="msgform">
<input size="30" type="text" name="Message" />
<input type="submit" name="action" value="Submit" style="font-size:11;color:black;font-weight:bold;" />
<input type="submit" name="action" value="Logout" style="font-size:11;color:black;font-weight:bold;" />
</form>
</TD></TR>
</TABLE>
</body>
</HTML>
<?php
if ($_POST['action'] == 'Submit') {
$con = mysql_connect("arunrr.db.6817941.hostedresource.com","arunrr","D1amonds");
$table = messages;
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db(arunrr);
$Username = $_SESSION['user'];
$Message = str_replace("fuc", "zzz", $_POST[Message]);
$Message = str_replace("sex", "zzz", $Message);
if ($Message == '')
{
echo "<script>alert('Cannot post a blank message!!')</script>";
}
$sql="INSERT INTO $table (Username, Message) VALUES ('$Username', '$Message')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
mysql_close($con);
}
else if ($_POST['action'] == 'Logout') {
session_start();
session_destroy();
header("location:members_brief.php");
}
}
else {
?>
<HTML>
<HEAD>
<title>BCCI.COM - Login!!!</title>
<META name="description" content="Website for cricket fans in the world.">
<META name="keywords" content="BCCI, Cricket">
<link rel="stylesheet" type="text/css" href="/bcci.css">
<script type="text/javascript">
var validate = function( form ) {
if (!(form.Username.value))
{
alert( "Please enter username!" );
form.Username.focus();
return false;
}
if (!(form.Password.value))
{
alert( "Please enter password!" );
form.Password.focus();
return false;
}
return true;
};
</script>
</HEAD>
<body>
<form method="post" onsubmit="return validate( this );">
<TABLE cellSpacing="0" cellPadding="0" width="100%" border="0">
<TR bgcolor="grey" align="center" valign="middle"><TD>
<span style="font-size:12;color:blue;">
<b>Please login to chat</b>
</span>
</TR>
<TR><TD height="5"></TD></TD>
<TR align="center" valign="middle"><TD align="center" valign="middle">
<span style="font-size:11;color:black;"><b>Username:
<input size="10" type="text" name="Username" />&nbsp;
<span style="font-size:11;color:black;"><b>Password:
<input size="10" type="password" name="Password" />&nbsp;
<input type="submit" name="action" value="Login" style="font-size:11;color:black;font-weight:bold;" />
</TD></TR>
</TABLE>
</form>
</body>
</HTML>
<?php
if ($_POST['action'] == 'Login') {
//if (!isset($_POST['Login'])) {
$con = mysql_connect("arunrr.db.6817941.hostedresource.com","arunrr","D1amonds");
$table = members;
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db(arunrr);
$query = "SELECT * FROM $table WHERE Username = '$_POST[Username]'";
$result = mysql_query($query);
if (mysql_num_rows($result) == 0)
{
echo "<script>alert('Please enter a valid Username!!')</script>";
die ();
}
$user=$_POST['Username'];
$pass=$_POST['Password'];
$user = stripslashes($user);
$pass = stripslashes($pass);
$user = mysql_real_escape_string($user);
$pass = mysql_real_escape_string($pass);
$sql="SELECT * FROM $table WHERE Username='$user' and Password='$pass'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if ($count==1) {
session_register("user");
session_register("pass");
header("location:members_brief.php");
}
else {
echo "<script>alert('Invalid Password!!')</script>";
die ();
}
mysql_close($con);
}
}
ob_end_flush();
?>

 

[vacunita]

As per the PHP online manual:

If you are using $_SESSION (or $HTTP_SESSION_VARS), do not use session_register(), session_is_registered(), and session_unregister().

http://php.net/manual/en/function.session-register.php

You should be using $_SESSION['user']=$user or even $_SESSION['user']=$_POST['Username'] to set the session variable.

Then it should be available in $_SESSION for later retrieval.









----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

Behind the Web, Tips and Tricks for Web Development.

http://behindtheweb.blogspot.com/

 

[arunrr]

Thanks. All ok.
Arun