0

On my webpage, I have a login form that creates a session - but PHP doesn't seem to be acknowledging it:

require_once('globals.php');
require_once('header.php');
if(!isset($_SESSION) || session_id() == '')
{
    $x = (isset($_SESSION));
    var_dump($_SESSION['username']);
    ?><br><?PHP
    var_dump(session_id());
    ?><br><?PHP
    var_dump($x);
    require_once('system/default.php');     
}
else
{
    require_once('system/' . $SystemScreens[$_SESSION['screen']]);
}
require_once('footer.php');

is producing:

NULL
string(0) ""
bool(false)

relavant part of login script (where $finalCheck is a boolean stating if the login was successful)

if($finalCheck)
    {
        session_start();

        $_SESSION['userID']         = $UserID;
        $_SESSION['username']           = $username;
        $_SESSION['accessLevel']        = $UserAccess;
        $_SESSION['screen']         = 1;

    }
    else
    {
        if(session_id() != '' || isset($_SESSION))
        {
            if (ini_get("session.use_cookies"))
            {
                $params = session_get_cookie_params();              
                setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
            }

            session_destroy();
        }

    }

I know that the login function is returning true because I have visual confirmation (result is returned to an AJAX request, and the page reloaded if true - which it does)

I can't figure out why everything is running as if the login is successful, but the session isn't being recognised after the reload occurs?

SierraOscar
  • 17,507
  • 6
  • 40
  • 68
  • 1
    put session_start at the top or if u have any config file that is including everywhere put session_start at the top in there – Pradeep Jul 16 '16 at 23:09
  • @pradeep thanks that solved it - do you want to put as an answer with a bit more detail? – SierraOscar Jul 16 '16 at 23:13
  • Possible duplicate of [Using sessions & session variables in a PHP Login Script](https://stackoverflow.com/questions/10097887/using-sessions-session-variables-in-a-php-login-script) – mickmackusa May 27 '17 at 14:39

1 Answers1

1

Put it after your PHP start tag 

  <?php
  session_start();
  //... your code....


  //more code....

A basic session example 

   <?php
       session_start();
       echo 'Welcome to page #1';

       $_SESSION['favcolor'] = 'green';
       $_SESSION['animal']   = 'cat';
       $_SESSION['time']     = time();

      // Works if session cookie was accepted
      echo '<br /><a href="page2.php">page 2</a>';

     // Or maybe pass along the session id, if needed
       echo '<br /><a href="page2.php?' . SID . '">page 2</a>';
     ?>

session_start() creates a session or resumes the current one based on a session identifier passed via a GET or POST request, or passed via a cookie.

When session_start() is called or when a session auto starts, PHP will call the open and read session save handlers. These will either be a built-in save handler provided by default or by PHP extensions (such as SQLite or Memcached); or can be custom handler as defined by session_set_save_handler(). The read callback will retrieve any existing session data (stored in a special serialized format) and will be unserialized and used to automatically populate the $_SESSION superglobal when the read callback returns the saved session data back to PHP session handling.

For More Info : http://us3.php.net/function.session-start

Pradeep
  • 9,667
  • 13
  • 27
  • 34