Why isn't this session form working?

Question

I have this login form set out that converts the $_POST data into $_SESSION data. I then use this data to determine whether or not the user should be logged in, however it isn't working. What am I doing wrong?

*** I checked my browser's cookies, and it has the session token stored (if that helps)

login.php:

<?php session_start(); ?>

<form action="page.php" method="post">

        Username: <input type="text" name="username" value="" /><br />
        Password: <input type="password" name="password" value="" /><br />
        <br />
        <input type="submit" name="submit" value="Submit" />

        <?php

        if (isset($_POST['submit'])) {
            $username = $_POST['username'];
            $password = $_POST['password'];
            $submit = $_POST['submit'];

            $_SESSION['username'] = $username;
            $_SESSION['password'] = $password;
            $_SESSION['submit'] = $submit;
        }

        ?>

</form>

page.php:

<?php session_start(); ?>

<?php

        $username = isset($_SESSION["username"]) ? $_SESSION["username"] : "";
        $password = isset($_SESSION["password"]) ? $_SESSION["password"] : "";

        $submit = isset($_SESSION["submit"]) ? $_SESSION["submit"] : "";


        if(($username == "username") && ($password == "password") && ($submit == "Submit")) {
            echo "You are logged in";
        } else {
            echo "Denied access";
        }
?>

I get this error on pages that include session_start();

enter image description here

According to this post, it is a bug caused by Chrome that is a misleading error report, and doesn't affect anything.

@Fred-ii- we are here to solve this type of problems of others and our own i think. — Sougata Bose, Jan 13 '15 at 05:25

score 2 · Accepted Answer · edited Jan 13 '15 at 05:53

2

<form action="page.php" method="post">

    Username: <input type="text" name="username" value="" /><br />
    Password: <input type="password" name="password" value="" /><br />
    <br />
    <input type="submit" name="submit" value="Submit" />


 </form>

page.php

 <?php
    session_start();
    if (isset($_POST['submit'])) {
        $username = $_POST['username'];
        $password = $_POST['password'];
        $submit = $_POST['submit'];

        $_SESSION['username'] = $username;
        $_SESSION['password'] = $password;
        $_SESSION['submit'] = $submit;
    }
    $username = isset($_SESSION["username"]) ? $_SESSION["username"] : "";
    $password = isset($_SESSION["password"]) ? $_SESSION["password"] : "";

    $submit = isset($_SESSION["submit"]) ? $_SESSION["submit"] : "";


    if(($username == "username") && ($password == "password") && ($submit == "Submit"))        {
        echo "You are logged in";
    } else {
        echo "Denied access";
    }
?>

edited Jan 13 '15 at 05:53

Kuldeep Dangi

4,126
5
33
56

answered Jan 13 '15 at 05:23

AVM

592
2
11
25

this code shuold work +1 – Kuldeep Dangi Jan 13 '15 at 05:28
@mightyspaj is it showing any error? – AVM Jan 13 '15 at 05:34
Yep, when I login to page.php it shows this: http://gyazo.com/66952644690b5a03bdfa8e149259c3bd – Daniel Jan 13 '15 at 05:35
The same error also occurs on login.php before I even try logging in (This is when I have session_start(); included) – Daniel Jan 13 '15 at 05:37
@mightyspaj can you please share the error,i can't access you screenshot – AVM Jan 13 '15 at 05:39
@mightyspaj you need to start the session only in page.php ,clear your cache and restart your browser.Try with other browsers also. – AVM Jan 13 '15 at 05:52
I tried that and it still isn't working – Daniel Jan 13 '15 at 06:01
Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/68703/discussion-between-avm-and-mightyspaj). – AVM Jan 13 '15 at 06:06
It's ok, someone just got the answer. Thanks for your help :) – Daniel Jan 13 '15 at 06:07
1

Good to hear :) but i couldn't find a difference b/w my answer and your accepted answer – AVM Jan 13 '15 at 06:17
Haha another stupid mistake... I read your question incorrectly and didn't even notice that you did that. Since you were the one who posted the answer first I will give you the tick :) – Daniel Jan 13 '15 at 06:22

score 1 · Answer 2 · answered Jan 13 '15 at 05:53

when you give action on form submit to another page page.php. So, why you get form data on same page ?

Please try this it will work :

HTML Form :

<form action=page.php method="post">

    Username: <input type="text" name="username" value="" /><br />
    Password: <input type="password" name="password" value="" /><br />
    <br />
    <input type="submit" name="submit" value="Submit" />


 </form>

page.php :

 <?php
    session_start();
    if (isset($_POST['submit'])) {
        $username = $_POST['username'];
        $password = $_POST['password'];
        $submit = $_POST['submit'];

        $_SESSION['username'] = $username;
        $_SESSION['password'] = $password;
        $_SESSION['submit'] = $submit;
    }
    $username = isset($_SESSION["username"]) ? $_SESSION["username"] : "";
    $password = isset($_SESSION["password"]) ? $_SESSION["password"] : "";

    $submit = isset($_SESSION["submit"]) ? $_SESSION["submit"] : "";


    if(($username == "username") && ($password == "password") && ($submit == "Submit"))        {
        echo "You are logged in";
    } else {
        echo "Denied access";
    }
?>

Sougata Bose · Answer 3 · 2015-01-13T05:27:49.970

Add session_start(); at the top of the pages and fix the action.

<?php session_start();?>
<form action="" method="post">

        Username: <input type="text" name="username" value="" /><br />
        Password: <input type="password" name="password" value="" /><br />
        <br />
        <input type="submit" name="submit" value="Submit" />

        <?php

        if (isset($_POST['submit'])) {
            $username = $_POST['username'];
            $password = $_POST['password'];
            $submit = $_POST['submit'];

            $_SESSION['username'] = $username;
            $_SESSION['password'] = $password;
            $_SESSION['submit'] = $submit;
            header('page.php');
        }

        ?>

</form>

And

<?php
        session_start();
        $username = isset($_SESSION["username"]) ? $_SESSION["username"] : "";
        $password = isset($_SESSION["password"]) ? $_SESSION["password"] : "";

        $submit = isset($_SESSION["submit"]) ? $_SESSION["submit"] : "";


        if(($username == "username") && ($password == "password") && ($submit == "Submit")) {
            echo "You are logged in";
        } else {
            echo "Denied access";
        }
?>

You are storing the session on login.hp but the form action is page.php — Sougata Bose, Jan 13 '15 at 05:23

score 0 · Answer 4 · answered Jan 13 '15 at 05:31

First of all you need to start the session using session_start() in form page.Also you need to use header to send session to the login.php. Use the code below

<?php session_start();?>
<form action="" method="post">

        Username: <input type="text" name="username" value="" /><br />
        Password: <input type="password" name="password" value="" /><br />
        <br />
        <input type="submit" name="submit" value="Submit" />

        <?php

        if (isset($_POST['submit'])) {
            $username = $_POST['username'];
            $password = $_POST['password'];
            $submit = $_POST['submit'];

            $_SESSION['username'] = $username;
            $_SESSION['password'] = $password;
            $_SESSION['submit'] = $submit;
            header('page.php');
        }

        ?>

</form>

Hope this helps you

score 0 · Answer 5 · answered Jan 13 '15 at 05:53

Your form sends a post to page.php. Therefore, you will need to move session conditional to page.php.

Alteratively, you could send the form to yourself and redirect afterwards:

<?php session_start();?>

<form action="" method="post">

        Username: <input type="text" name="username" value="" /><br />
        Password: <input type="password" name="password" value="" /><br />
        <br />
        <input type="submit" name="submit" value="Submit" />

        <?php

        if (isset($_POST['submit'])) {
            $username = $_POST['username'];
            $password = $_POST['password'];
            $submit = $_POST['submit'];

            $_SESSION['username'] = $username;
            $_SESSION['password'] = $password;
            $_SESSION['submit'] = $submit;
            header('page.php');
        }

    $username = isset($_SESSION["username"]) ? $_SESSION["username"] : "";
    $password = isset($_SESSION["password"]) ? $_SESSION["password"] : "";

    $submit = isset($_SESSION["submit"]) ? $_SESSION["submit"] : "";


    if(($username == "username") && ($password == "password")) {
        echo "You are logged in";
    } else {
        echo "Denied access";
    }

        ?>

</form>

Why isn't this session form working?

5 Answers5