0

I'm getting issue while transferring session variable's values from one page to another. I'm using latest XAMPP on Windows 7.

Here you can see the code of first and second php file. http://pastebin.com/jQdQ4i7g | http://pastebin.com/UNA7QRyu

SNAP-1 enter image description here SNAP-2 enter image description here

In snap2, I'm not getting values of all 3 variables which I'm storing like below in first page:

$_SESSION['city']=$city;
$_SESSION['movie']=$movie;
$_SESSION['date']=$date;

And fetching as below in second page:

$city = $_SESSION['city'];
$city = $_SESSION['movie'];
$city = $_SESSION['date'];

So, why I'm not getting values of that 3 variables on second page? Please let me know if you want any other info. Thanks.

But as you can see this works fine on any page! Why?

<?php
$username = $_SESSION['myusername'];
echo "Welcome $username";
?>
magneto
  • 113
  • 2
  • 13

1 Answers1

3

Your code looks like it's from 10 years ago. I suggest using updated guides to learn from. Programming (or anything in the technology niche) changes all the time. A "Learn How To Program" guide, book, blog, or tutorial older than a year is probably out of date. MySQL has been deprecated, meaning killed, a long time ago, and should not be used anymore. Use MySQLi or PDO. When handling user input, use prepared statements. If your planning on using your code live, it will get hacked by any novice hacker as it's full of SQL injections. Your using raw GET data in SQL queries. Strip slashes isn't really going to protect you. Even 10 years ago, we used mysql_real_escape_string.

That, and your doctype, makes me think your following tutorials that are really old. I am not a doctype expert, so I don't know if there is a time that XHTML 1.0 is appropriate to use over the HTML5 doctype. I only use <!doctype HTML>. More info on HTML5: http://www.w3schools.com/html/html5_intro.asp

Your problem is you are starting the session twice. You should have received an error, so that makes me think you have error reporting off? When developing, or debugging, have error reporting set to E_ALL to show all errors. This will save you loads of time. Those errors are there for a reason, to let you know you did something wrong. I don't see it in your code, so check your php.ini file. I have seen a lot of script where they put "error_reporting(0)" to hide their errors. That is a terrible idea, and is just lazy. Handle errors properly, and you don't have to hide them.

Why are you storing everything in $_SESSION? If you have a form that a user fills out, and you need to pass that data to another page, there is $_GET and $_POST for that..

Example:

page1.php

<form action="page2.php" method="post">
    <input type="text" name="name" />
    <input type="submit" name="submit" value="Submit" />
</form>

page2.php

<?php
    if ( isset($_POST['name']) && ! empty($_POST['name]') ) {
        echo htmlspecialchars($_POST['name'], ENT_QUOTES);
    }
?>

Change your error reporting level in php.ini to E_ALL. Use start_session() only once!

That should solve your problem, and let you know of any other errors in your code. I suggest dropping MySQL and using MySQLi. Use prepared statements on the data received by the user. Use GET or POST for your form instead of storing everything into SESSION. If you MUST use session data (ie: keeping data so it isn't lost while the user browses around other pages, like a shopping cart), then you may want to create an array and store it in the session instead of a ton of session variables.

$moviedata = array( 'city' => 'Miami', 'movie' => 'Avengers', 'date' => '05/22/2015');
$_SESSION['movie_data'] = $moviedata;

If your just passing data from a form to the next page, use GET or POST not SESSION.

Hope that guides you in the right direction.

Wade
  • 3,757
  • 2
  • 32
  • 51
  • `Why are you storing everything in $_SESSION?` I'm using $_SESSION because I want the values in multiple pages. Thanks for your answer but it's like a guide for me to update my knowledge in php. Your answer is not resolving my issue. What's wrong in the first.php? Why my session variables are blank on next page? What should I include/exclude in the code to make it work? – magneto May 06 '15 at 08:50
  • I DID answer it, you have `session_start()` twice! You have a REAL ERROR on your page, but it is hidden because of your error reporting level. Using session_start() twice on a page will generate a `headers have already been sent` error! - http://pastebin.com/jQdQ4i7g Line 2 and Line 5! – Wade May 06 '15 at 11:22
  • Hi, thanks for this but please read above comments also. I have already removed it yet it's not working. – magneto May 06 '15 at 11:30
  • Then please update your question with the new code. Have you checked your PHP error reporting level in php.ini? As I said already, you should have received an error and your page shouldn't have loaded at all. Since your page loaded (but doesn't work right) that leads me to believe that your errors are surpressed. A missing colon, comma, quote or any other error could cause more problems. Instead of us checking your whole code for a simple error, your error reporting would indicate this easily. – Wade May 06 '15 at 15:14
  • Add this to the 1st line of both your PHP files, BEFORE anything else, and even before session_start(). `error_reporting(E_ALL);` - That will (should) set your error reporting level to show all errors. If you then load the page and see errors, you know your php.ini is hiding them. In which case, you need to go into your XAMP folder and find your php.ini file, and find the error reporting line and change it to `E_ALL`. Then fix the errors it reports. - I might recode your little script tonight when I have spare time, properly using mysqli. – Wade May 06 '15 at 18:09