session value lost after redirection in php

Question

PHP session value lost after header redirection in php

Our code Login.php

    <?php
session_start();
include('./includes/variables.php');
include_once('includes/custom-functions.php');
$fn = new custom_functions;

if (isset($_POST['btnLogin'])) {

    // get username and password
    $username = $db->escapeString($fn->xss_clean($_POST['username']));
    $password = $db->escapeString($fn->xss_clean($_POST['password']));

    // set time for session timeout
    $currentTime = time() + 25200;
    $expired = 3600;

    // create array variable to handle error
    $error = array();

    // check whether $username is empty or not
    if (empty($username)) {
        $error['username'] = "*Username should be filled.";
    }

    // check whether $password is empty or not
    if (empty($password)) {
        $error['password'] = "*Password should be filled.";
    }

    // if username and password is not empty, check in database
    if (!empty($username) && !empty($password)) {

        // change username to lowercase
        $username = strtolower($username);
        //encript password to sha256
        //$password = md5($password);

        // get data from user table
        $sql_query = "SELECT * FROM admin WHERE username = '" . $username . "' AND password = '" . $password . "'";
        
        $db->sql($sql_query);
        /* store result */
        $res = $db->getResult();
//      print_r($res);
//      die();
        $num = $db->numRows($res);
        // Close statement object
        if ($num == 1) {
            $_SESSION['id'] = $res[0]['id'];
            $_SESSION['role'] = $res[0]['role'];
            $_SESSION['user'] = $username;
            $_SESSION['timeout'] = $currentTime + $expired;
            //print_r($_SESSION);
            //die();
            header("location: home.php");
            exit();
        } else {
            $error['failed'] = "<span class='label label-danger'>Invalid Username or Password!</span>";
        }
    }
}
?>

Home.php

<?php session_start();
 print_r($_SESSION);
    
   
    ?>

Output : array()

We tried the following method

Made sure session_start(); is called before any sessions are being called
After the header redirect, end the current script using exit();
Made sure cookies are enabled in the browser we were using to test it on.
Made sure didn't delete or empty the session
Made sure file extension is .php

Are you using the session_start() in the page where you are setting `$_SESSION` array ? — Kishen Nagaraju, Mar 20 '21 at 06:36
Check your log for "Headers already sent" warnings, and fix the problem that causes them. — Barmar, Mar 20 '21 at 06:40
See https://stackoverflow.com/questions/8028957/how-to-fix-headers-already-sent-error-in-php — Barmar, Mar 20 '21 at 06:40
we checked display errors already , it shows errors of blank session values but not showing why session is not activated/working! — Linu S, Mar 20 '21 at 07:04
offtopic : sql query to validate username and password rough this kind of query is bas practice. — Ashickur Rahman, Mar 20 '21 at 08:18
Every things seems to ok in the code. try to debug $_SESSION array before header redirection. When I face such issue, I always do manual debug. — Ashickur Rahman, Mar 20 '21 at 10:09

score 0 · Answer 1 · answered Mar 20 '21 at 07:32

0

You have to include you file in which you have initialized session For example first file named phpcodeonly.php:

session_start() //put it in start
if(login success){

$_SESSION['email']= $email
}

your other file.php:

include 'phpcodeonly.php'; //on top

<h1> Welcome <?php echo  $_SESSION['email']?> </h1>

answered Mar 20 '21 at 07:32

Mohammad Fahad Rao

170
1
14

what have you tried. It will be easy if you have some demonstration – Mohammad Fahad Rao Mar 20 '21 at 07:48

session value lost after redirection in php

1 Answers1