PHP: session variable lost on clicking form submit button?

Question

When I click form submit button session variable lost and it shows message that session is not set. I have another confusion that it has only problem when I set session of login variable or those variables which are set in other page of my site.
When I set some random session variable on the top of this page it works fine and session variable does not lose anymore. I have also checked some other related links in stack overflow but nothing found solution

Here is the code of addProduct.php page

        <?php

    //var_dump($_SESSION);
    if(!(isset($_SESSION['login']))) {

        echo "session is not set";
    }
    else {
        //header("location:index.php");
        echo "session is set";
        //$user_email=$_SESSION['user_email'];



    ?>
        <html>
        <body>

        <form action="addproduct.php" method="post">

            <input type="text" name="name" value="">
            <input type="submit" name="submit" value="submit">

        </form>


        </body>
        </html>
        <?php
        if(isset($_POST['submit']))
        {
            $name = $_POST['name'];
           // $_SESSION['user_email']=$_SESSION['user_email'];
            echo $name;
        }
        ?>
    <?php }
    ?>

Code of index.php (header file) page from where I get into this page

<?php
    session_start();
    include("db.php");
    ?>

    <html xmlns="http://www.w3.org/1999/html" xmlns="http://www.w3.org/1999/html">
    <head>
        <title>Home</title>
    </head>
    <body>

    <a href="index.php">Home</a></br></br>

    <?php if(isset($_SESSION['login']) ) {
    if($_SESSION['user_status']=="admin")
    {

    ?>
    <a href="index.php?page=addproduct">Post an Ad</a></br></br>
    <?php }
    }

    ?>

    <?php if(isset($_SESSION['user_fname']) && isset($_SESSION['user_lname']) && isset($_SESSION['user_email']))
    {
    ?>
    <a href="index.php"><?php echo $_SESSION['user_fname'] . " " . $_SESSION['user_lname'] . " " . $_SESSION['user_status']; ?></a></br></br>
    <?php
    }
    else
    {
    ?>
    <a href="login.php">Login</a></br></br>
    <a href="UserSignup.php">SignIn</a></br></br>
    <?php }
    if(isset($_SESSION['user_fname']) && isset($_SESSION['user_lname']) && isset($_SESSION['user_email']))
    {
    ?>
    <a href="logout.php">Logout</a></br></br>
    <?php }
    ?>
    <div id="content">
        <?php


        if(isset($_GET['page']))
        {
            $p=$_GET['page'];

            $page =  $p . ".php";
            //echo $page;
            if(file_exists($page))
            {include($page);
            }
            elseif($page=="")
                echo "this is home page";
            else
            {echo "Not found";}
        }

        else
        {
            include ("showAds.php");
        }
        ?>

    </div>










    </body>
    </html>

Code of login.php

    <?php
    session_start();
    if(isset($_SESSION['user_fname']) && isset($_SESSION['user_lname']) && isset($_SESSION['user_email'])) {
        header("location:index.php");
        exit();
    }
        else
        {

    ?>

    <html>

    <head><title>Login</title></head>
    <body>
    <form action="login.php" method="post">
        <input type="email" name="user_email" placeholder="USER EMAIL" REQUIRED>
        <input type="password" name="user_password" placeholder="USER PASSWORD" REQUIRED>

        <input type="submit" name="Go" value="SUBMIT!" placeholder="USER NAME" REQUIRED>
        </br></br><a href="UserSignup.php">SignIn with new account</a></br>



    </form>

    <?php
    include("db.php");
    /*if(isset($_POST['Go'])) {    SIGNUP
        $user_name = $_POST['user_name'];
        $user_password = $_POST['user_password'];
        $user_email = $_POST['user_email'];
        echo $user_name . "<br>";
        echo $user_email . "<br>";
        echo $user_password . "<br>";
        $sql = "INSERT INTO user(user_name,user_email,user_password) VALUE ('$user_name','$user_email','$user_password')";
        if(mysqli_query($conn,$sql))
        {
            echo "stored";
            header("location:http://localhost/window.php");
        }
        else
        {
          die(mysqli_error($sql));
        }
    }*/
    if(isset($_POST['Go']))
    {
        $user_email = $_POST['user_email'];//real_escape_string
        $user_password = $_POST['user_password'];
        $login_query="SELECT * FROM user WHERE user_email='$user_email' AND user_password='$user_password'";
        $run=mysqli_query($conn,$login_query);
        if(mysqli_num_rows($run)>0)

        {
            $res = mysqli_query($conn, "SELECT * FROM ecommerce.user WHERE user_email='$user_email'");

            while ($record = mysqli_fetch_array($res)) {

                $_SESSION['user_fname']=$record['user_fname'];
                $_SESSION['user_lname'] = $record['user_lname'];
                $_SESSION['user_status'] = $record['user_status'];
                $_SESSION['user_id'] = $record['user_id'];
                $_SESSION['user_password'] = $record['user_password'];

            }


            $_SESSION['user_email']=$user_email;
            $_SESSION['login']="true";

           //echo $_SESSION['user_fname'] . $_SESSION['user_lname'];


            header("location:index.php");
            exit();
        }
        else
            echo "<p style='color: red; margin-top: -28px;'>User name or password incorrect</p>";
    }




    ?>

    </body>
    </html>
    <?php }?>

`addProduct.php` is file where I am getting problem. `index.php` is header file — , Mar 21 '16 at 08:54
What do you mean by header.file will this file be included in `addProduct.php` before you access the session variable? i guess not! So please try to add the `session_start();` method in `addProduct.php` — maniteja, Mar 21 '16 at 09:54

score 1 · Accepted Answer · edited May 26 '22 at 20:39

This error you showed in your other question which was marked as an exact duplicate of this one:

Notice: A session had already been started - ignoring session_start() in C:\xampp\htdocs\ecommerce\showAds.php on line 2

Your showAds.php page which you didn't include, (most likely) contains session_start(); and it should be removed from inside that file.

index.php has an include and session_start();

else
    {
        include ("showAds.php");
    }

So one of your if statements failed.

That is why you're getting that error.

All pages using sessions require that session_start(); be included and should be the first line of your script, which isn't shown in addProduct.php.

Also make sure you're not outputting before header. If you are, consult the following on how to fix it:

How to fix "Headers already sent" error in PHP

Add error reporting to the top of your file(s) which will help find errors.

<?php 
error_reporting(E_ALL);
ini_set('display_errors', 1);

// Then the rest of your code

Sidenote: Displaying errors should only be done in staging, and never production.

It start working but also shows error `Notice: A session had already been started - ignoring session_start() in C:\xampp\htdocs\ecommerce\addproduct.php on line 2` — , Mar 21 '16 at 14:20
@ImranHasan make sure there isn't another included file. What I suggest you do is to find all instances of `session_start();` in all your files and the ones you're including. You need to remove `session_start();` from inside all included files and only use `session_start();` in the actual files that are loaded and at the top of your script and make sure there are no spaces before your opening ` — Funk Forty Niner, Mar 21 '16 at 14:26

score 0 · Answer 2 · answered Mar 21 '16 at 09:43

0

You have to add session_start(); in your addProduct.php to be able to access session contents!

answered Mar 21 '16 at 09:43

A.Essam

1,094
8
15

PHP: session variable lost on clicking form submit button?

2 Answers2