Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

PHP Sessions Errors

  • 13-04-2005 2:14pm
    #1
    Registered Users, Registered Users 2 Posts: 721 ✭✭✭


    I have written a program that allows a user to login, it checks what sort of class the user can be (Member, Admin or Head Admin).

    Here are some snippets explaining whats going on

    I catch the username like so>>>
    $username = $_POST;

    do the database connection thing

    then this code checks the username and pwassword with that in the db and the program then starts adding stuff to the sessions:

    if($_POST == $fetch_em["user_name"] && $_POST == $fetch_em["user_password"])
    {

    session_start();
    session_register("sessionvar");

    $num=mysql_num_rows($sql);
    $i=0;
    while($i<$num)
    {
    $userclass = mysql_result($sql,$i,"user_class");
    ++$i;
    }
    $id = session_id(); //gets the session id if cookies are disabled
    session_register($username);
    session_register($userclass);
    $url = "Location: admin_launch.php?sid=" . $id;
    header($url);


    The really snazzy part is meant to be the next part. In the users.php file users can add/edit and delete users and user classes. Logically i need to lock this down. So this is where the userclass variable above comes into play.

    So users.php starts with the usual
    session_start();
    session_id();

    and then checks if the sessionvar (see above) is registered if it is then the program runs, if it doesnt back to login, all fairly okay up to now.

    So i have a section that adds the new user class but before the code inside here is executed we check the userclass of the user like so:

    if ($_SESSION=="Admin" || $_SESSION=="Head Admin")
    {
    do code to add user class
    }
    else
    {
    ?>
    <p>Members do not have access to these pages</p>
    <?
    }

    This should work from what i know, but it doesnt, the user class doesnt appear to be held, though i can put it in the address bar if i write

    $url = "Location: admin_launch.php?sid=" . $id .$userclass;

    Anyway, it doesnt appear to hold the value as it always goes to the else statement and it never prints username when its called.

    The apache error log shows me the following errors..........

    [Tue Apr 12 21:08:31 2005] [error] PHP Notice: Undefined index: username in c:\\web\\core\\admin\\admin_launch.php on line 34
    [Tue Apr 12 21:09:39 2005] [error] PHP Notice: Undefined index: username in c:\\web\\core\\admin\\admin_launch.php on line 34
    [Tue Apr 12 21:18:27 2005] [error] PHP Notice: Undefined index: userclass in c:\\web\\core\\admin\\users.php on line 30
    [Tue Apr 12 21:18:27 2005] [error] PHP Notice: Undefined index: userclass in c:\\web\\core\\admin\\users.php on line 30
    [Tue Apr 12 21:18:27 2005] [error] PHP Notice: Undefined index: userclass in c:\\web\\core\\admin\\users.php on line 50

    ANY IDEAS?

    Really stuck on this at the moment...

    System is Win32, Apache 1.3 and PHP 4

    Thanks in advance


Comments

  • Registered Users, Registered Users 2 Posts: 14,761 ✭✭✭✭Winters


    [php]session_start();[/php] has to be at the top of the page and there cannot be any php code, execpt for comments above it iirc.


Advertisement