www.webdeveloper.com
Results 1 to 6 of 6

Thread: session variable needs page refresh?

  1. #1
    Join Date
    Jun 2008
    Location
    England
    Posts
    121

    session variable needs page refresh?

    hi, i have this script included on my page which checks the session to see if the customer is logged in and also when the users name is.

    this is the login script. youll see then once everything has been validated it changes the session variables

    PHP Code:
    <?PHP //LOGIN PAGE

    if(!isset($_SESSION['username']) || !isset($_SESSION['loggedin']))
    {
        
    $_SESSION['username']='Guest';
        
    $_SESSION['loggedin']=0;
    }

    //IF LOGGED IN, LOGIN AGAIN IS NOT ALLOWED
    if($_SESSION['loggedin']!=0){
        echo 
    '<p class="warning">You are already logged in.</p>';
        exit();
        }

    $home_page_link '<a href="index2.php" target="_self">click here</a>';

    //CREATE FORM TO BE USED WHEN NEEDED
    $login_form='<form method="post">'."\n";
    $login_form.='<fieldset class="login">'."\n";
    $login_form.='<dl>'."\n";
    $login_form.='<dt><label>Username:</label></dt>'."\n";
    $login_form.='<dd><input name="username" id="username" type="text" maxlength="15" value="" /></dd>'."\n"
    $login_form.='<dt><label>Password:</label></dt>'."\n";
    $login_form.='<dd><input name="password" id="password" type="password" maxlength="15" value="" /></dd>'."\n"
    $login_form.='<input name="submit" id="submit" type="submit" value="Submit" />'."\n";
    $login_form.='</dl>'."\n";
    $login_form.='</fieldset>'."\n";
    $login_form.='</form>'."\n";

    if(isset(
    $_POST['submit'])){
        
        
    //ASSAIGN DATA FROM FORM TO A VARIABLE
        
    $user_name $_POST['username'];
        
    $user_pword $_POST['password'];
        
        
    //CHECK FOR ANY BLANK UNPIT FIELDS
        
    if (!$user_name || !$user_pword) {
                    
            
    $login_warn_msg='You have left a one of the login field\'s blank';
            
    $login_warn='<p class="warning">'.$login_warn_msg.'</p>'."\n";
                
            echo 
    $login_warn.$login_form;
            exit();
        }
        
    //CHECK USERNAME AND PASSWORD FOR VALID CHARICTERS
        
    if (preg_match('/[^\w.-]/'$user_name)) {
            
            
    $login_warn_msg='You have entered invalid characters in the username field.';
            
    $login_warn='<p class="warning">'.$login_warn_msg.'</p>'."\n";
            
            echo 
    $login_warn.$login_form;
            exit();
        }
        if (
    preg_match('/[^\w.-]/'$user_pword)) {
                
            
    $login_warn_msg='You have entered invalid characters in the password field.';
            
    $login_warn='<p class="warning">'.$login_warn_msg.'</p>'."\n";
            
            echo 
    $login_warn.$login_form;
            exit();
        } 

        
    //DATABASE STUFF STARTS HERE
        
    include 'db/config.php';
        include 
    'db/opendb.php';
        
        
    //CHECK TO SEE IF USERNAME EXISTS
        
    $dbunames mysql_query('SELECT * FROM `monkeyu_tournament`.`users` WHERE `username`="'.$user_name.'"');
        if(
    mysql_num_rows($dbunames) < ) {

            
    $login_warn_msg=$user_name.' does not exist';
            
    $login_warn='<p class="warning">'.$login_warn_msg.'</p>'."\n";
        
            echo 
    $login_warn.$login_form;
            exit();        
        }    

        
    //THIS GETS THE USER ID USING VALIDATOR CODE AND ALSO GENERATES THE VALIDATE LINK
        
    $login_query 'SELECT id, username, password FROM `monkeyu_tournament`.`users` WHERE `username`="'.$user_name.'"';
        
    $find_user mysql_query($login_query) or die('Error, insert query failed');
        
        while(
    $value mysql_fetch_assoc($find_user))
        {
            
    $user_pass $value['password'];
            
    $user_id $value['id'];
        }
        include 
    'db/closedb.php';
        
        
    //VALIDATE LOGIN DETAILS WITH DETAILS ON DATABASE
        
    if(sha1($user_pword)!=$user_pass){
            
            
    $login_warn_msg='Your user name or password do not match any on our database.';
            
    $login_warn='<p class="warning">'.$login_warn_msg.'</p>';
            
            echo 
    $login_warn.$login_form;
            exit();
        }

        
    //IF USER LOGGED IN REDIRECT THEM OR MAKE THEM CLICK LINK
        
        
    $_SESSION['username']=$user_name;
        
    $_SESSION['id']=$user_id;
        
    $_SESSION['loggedin']=1;

        echo 
    '<p id="test">Thank you for signing in, you will now be redirected in 5 seconds,<br />';
        echo 
    'If this doesnt happen '.$home_page_link.'</p>'."\n";
        
        exit();
    }
    echo 
    $login_form;

    ?>
    and here is the included status box.

    PHP Code:
    <?PHP //STATUS PAGE

    if(!isset($_SESSION['username']) || !isset($_SESSION['loggedin']))
    {
        
    $_SESSION['username']='Guest';
        
    $_SESSION['loggedin']=0;
    }

    //VARIABLES FOR TOP LOGIN SECTION
    $guest_links='<a href="index2.php?page=signup" target="_self">Register</a> / ';
    $guest_links.='<a href="index2.php?page=login" target="_self">Sign-in</a>';

    $member_links ='<a href="index2.php?page=logout" target="_self">Log out</a>';

    //IF SESSION SAYS USER IS NOT LOGGED IN SHOW LOGIN FORM ELSE JUST WELCOME THE USER
    switch($_SESSION['loggedin']){
        case 
    0:
            echo 
    'Welcome '.$_SESSION['username'].', '.$guest_links;
        break;
        case 
    1:    
            echo 
    'Welcome '.$_SESSION['username'].', '.$member_links;
        break;
    }

    ?>
    when the customer does log in it doesn updete the username on the page and the page has to be manually refreshed to see the change, is there anyway of getting around this, thanks.

    hope the notes on the code are sufficiant.
    Last edited by shakeuk; 07-02-2008 at 05:14 AM.

  2. #2
    Join Date
    Jul 2008
    Posts
    13
    You might make sure the session is started at the top of each page. That has gotten me in the past.

    Code:
    <?php
    if(!session_id())session_start();
    ?>

  3. #3
    Join Date
    Jun 2008
    Location
    England
    Posts
    121
    as far as i am aware the session has started because i have:

    PHP Code:
    session_start(); 
    at the top of the index page, remember the status code is brought in using includes.

    do u reckon it could still be my problem?

  4. #4
    Join Date
    Jun 2008
    Location
    England
    Posts
    121
    *bump*

  5. #5
    Join Date
    Jun 2008
    Posts
    13
    bump

    I am having some of the same exact problems and can't find any other solutions on Google or anywhere.

  6. #6
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    18,923
    One thing to watch out for is if you access the site initially as "http://example.com/page.php", but then you do a header/meta redirect or have links that use "http://www.example.com/page.php", then the browser may not send the session cookie to the "www." pages unless you ensure that the session.cookie_domain setting is explicitly set to ".example.com" (note the leading ".") in order to associate the cookie with any sub-domain of the site.
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles