PHP Session is Null

Question

How my script works:

index.php gets the file sends it to the jscript to analyze it, then it send to the upload.php where the session it should be.

But the Session is null. if i go to the upload.php and print the variable it shows my usernumber 2(works)

require_once("user/upload_session.php");
if (!isset($_SESSION)) { session_start();}

Login to create session:

public function doLogin($uname,$umail,$upass)
{
    try
    {
        $stmt = $this->conn->prepare("SELECT id, user_name, email, pass FROM accounts WHERE user_name=:uname OR email=:umail ");
        $stmt->execute(array(':uname'=>$uname, ':umail'=>$umail));
        $userRow=$stmt->fetch(PDO::FETCH_ASSOC);
        if($stmt->rowCount() == 1)
        {
            if(password_verify($upass, $userRow['pass']))
            {
                $_SESSION['user_session'] = $userRow['id'];
                  $thatsmysession = $_SESSION['user_session']; 
                return true;
            }
            else
            {
                return false;
            }
        }
    }
    catch(PDOException $e)
    {
        echo $e->getMessage();
    }
}

well im using this:

if (empty($thatsmysession)) {
    // Query if user is NOT logged in
    $q = $db->prepare('INSERT INTO files (hash, originalname, filename, size, date, ' .
                      'expire, delid, ip) VALUES (:hash, :orig, :name, :size, :date, ' .
                      ':exp, :del, :ip)');
} else {
          
    // Query if user is logged in (insert user id together with other data)
    $q = $db->prepare('INSERT INTO files (hash, originalname, filename, size, date, ' .
                      'expire, delid, user, ip) VALUES (:hash, :orig, :name, :size, ' .
                      ':date, :expires, :delid, :user, :ip)');
    $q->bindValue(':user', $thatsmysession, PDO::PARAM_INT);
}

Only there at $q->bindValue(':user', $thatsmysession, PDO::PARAM_INT); the session is null but if i echo to test if the variable is correct it works

score 1 · Answer 1 · edited May 23 '17 at 12:31

1

Your check for an existing Session is wrong. Try it as mentioned in this thread: Check if PHP session has already started

edited May 23 '17 at 12:31

Community

1
1

answered Jun 14 '16 at 12:55

jar3d

105
9

Incorrect but still working in all versions I've used it in (5.3.6, 5.4, 5.5 and 5.6) – Peter Jun 14 '16 at 12:58
this is the same u linked me if if(empty($thatsmysession)) {} else {code} – Venipa Jun 14 '16 at 13:24

Niklesh Raut · Accepted Answer · 2016-06-14T13:02:32.053

1

Check session like this

if(session_id() == ''){ session_start();}

Instead of this

if (!isset($_SESSION)) { session_start();}

edited Jun 14 '16 at 13:02

answered Jun 14 '16 at 12:56

Niklesh Raut

34,013
16
75
109

score 0 · Answer 3 · answered Jun 14 '16 at 13:08

0

You can check first if your session exists and also if $_SESSION['user_session'] and it's not empty.

if(session_id() == ''){ session_start();}
// check if you user_session exists or not, doLogin
if(!isset($_SESSION['user_session'])){ doLogin(...); }

answered Jun 14 '16 at 13:08

Cobuz Alexandru

322
2
11

that was not the problem, i checked it i can echo the session and it gives the correct variable see above i added an block code where the problem is – Venipa Jun 14 '16 at 13:17

PHP Session is Null

3 Answers3