Session variables working on localhost but not on webserver

Question

My sessions work on localhost, but whenever i try to use them on my webserver (000webhost) for my informatics class project, it looks like they are not being "saved" throughout the pages.

When I do a print_r($_SESSION); on my login page (after pressing the login button), the array returns the full values I entered beforehand. I also tried to see if it was a problem with my connection to the database, but when I try to retrieve values from tables, it works just fine.

When I try to print_r($_SESSION); on "home.php", the array is empty.

<?php
   if($_POST) {

   $connection = new PDO('mysql:host=localhost;dbname=noah', 'noah','password'); //changed the connection details because it's not usefull here

   if(empty($_POST['username']) OR empty($_POST['password'])) {
       ?>

       <div class="alert error">
     <p>Please fill in all the fields</p>
       </div>

      <script>
         $(".alert").fadeIn("500");
      </script>

      <?php

   } else {
       $username = $_POST['username'];
       $password = $_POST['password'];
       $password = hash('sha512', $password);

       $verifyExistingUser = $connection->query("SELECT name FROM user WHERE username = '$username' AND password = '$password'");

       foreach ($verifyExistingUser as $key => $value) {
           retrievedUser = $value['name'];
       }


       if (empty($retrievedUser)) {

       ?>

       <div class="alert error">
          <p>Incorrect username / password</p>
       </div>
       <script>
          $(".alert").fadeIn("500");
       </script>

       <?php

       } else {
           try {
             session_start();
             $_SESSION["username"] = $username;
             $_SESSION["name"] = $retrievedUser;
             $_SESSION["password"] = $password;

             print_r($_SESSION);
             echo "retrieved name from database: " . $retrievedUser;
         echo "<script type='text/javascript'>window.location.href = 'home.php';</script>";

           } catch(PDOException $e) {
              echo "error: " . $e->getMessage();
       }
     }
   }
}
?>

Edit 1
The full code after some corrections (output is Cannot modify header information - headers already sent by (output started at /storage/ssd2/777/7604777/public_html/process/loginProcess.php:2) in /storage/ssd2/777/7604777/public_html/process/loginProcess.php on line 70).
I understand it is the HTML code in the PHP causing this, but I'd like to include some jQuery and CSS in it, how could I fix that?

<?php session_start(); ?>
<!DOCTYPE html>
<html>
    <head>
        <meta charset="utf-8" />
        <link rel="stylesheet" type="text/css" href="assets/css/php.css">
    </head>
    <body>
        <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.js"></script>
            <?php
            error_reporting(E_ALL);
            ini_set("display_errors", 1);

                if($_POST) {

                    $connection = new PDO('mysql:host=localhost;dbname=noah', 'noah','password');

                    if(empty($_POST['username']) OR empty($_POST['password'])) {

                        ?>

                            <div class="alert error">
                                <p>Please fill in all the fields</p>
                            </div>

                            <script>
                                $(".alert").fadeIn("500");
                            </script>

                        <?php

                    } else {

                        $username = $_POST['username'];
                        $password = $_POST['password'];
                        $password = hash('sha512', $password);

                        $verifyExistingUser = $connection->query("SELECT name FROM user WHERE username = '$username' AND password = '$password'");


                        foreach ($verifyExistingUser as $key => $value) {

                                $retrievedUser = $value['name'];

                        }

                        if (empty($retrievedUser)) {

                            ?>

                                <div class="alert error">
                                    <p>Incorrect username / password</p>
                                </div>

                                <script>
                                    $(".alert").fadeIn("500");
                                </script>

                            <?php

                        } else {

                            try {

                                $_SESSION["username"] = $username;
                                $_SESSION["name"] = $retrievedUser;
                                $_SESSION["password"] = $password;
                                print_r($_SESSION); //debugging
                                echo "retrieved name from database: " . $retrievedUser; //debugging
                                header('location: ' . 'home.php');

                            } catch(PDOException $e) {

                                echo "error: " . $e->getMessage();

                            }

                        }

                    }

                }

            ?>
    </body>
</html>

With html mixed through the code like that, it would not surprise me if you cannot start the session as the headers have already been sent. See https://stackoverflow.com/questions/8028957/how-to-fix-headers-already-sent-error-in-php?rq=1 — jeroen, May 01 '19 at 08:59
you are right, when trying to print the errors with ```error_reporting(E_ALL);``` ```ini_set("display_errors", 1);``` as said in the link you shared, the output says that "headers are already sent" — Noah Di Gesu, May 01 '19 at 09:15
*"when trying to print the errors with error_reporting(E_ALL); ini_set("display_errors", 1);"* next time always program PHP in "debug" mode @NoahDiGesu and disable it when the program is running on production. — Raymond Nijland, May 01 '19 at 09:16
if I understood correctly, the fact using HTML code in the PHP sends the headers too early / before the PHP code has entirely been executed, but how could I make sure to include jQuery and my CSS (see edit 1 on the original post) in order to make my .alert .error div fade in? — Noah Di Gesu, May 01 '19 at 09:36

score 2 · Accepted Answer · answered May 01 '19 at 09:12

2

Suggestion 1 Please use session_start() at the top of your php page.

Suggestion 2 redirect to another page, there is a easy way to do that,

header('location: ' . 'http://site.url.you.want');

answered May 01 '19 at 09:12

tiebob

96
6

Session variables working on localhost but not on webserver

1 Answers1