www.webdeveloper.com
Results 1 to 7 of 7

Thread: [RESOLVED] In 1 of 3 circumstances, session variables are sometimes erased

  1. #1
    Join Date
    Dec 2002
    Location
    St. Louis, MO, USA
    Posts
    1,582

    resolved [RESOLVED] In 1 of 3 circumstances, session variables are sometimes erased

    Hello, everyone.

    I have an issue with a particular session variable that I can't quite figure out.

    Unfortunately, I cannot provide a live link as I'm working on a dev server that is inside my internal network, no port forwarding, my IP address changes daily, and I do not have a dynamic DNS account. I will post code that is related.

    Basically, I have a registration form that posts data to a Stored Procedure in MS-SQL Server 2008 R2. Within that SP, I am declaring a variable called @rtnMsg, and am defaulting it to a value of 'A'. If the user already exists based upon first and last name, the default value 'A' stays; if the email address that the user supplied already exists in the database, the value is changed to 'C'; if the user/email doesn't exist and the user is successfully inserted into the database, the value is changed to 'B'. The last line of code then does the following:
    Code:
    SELECT @rtnMsg as rtnMsg
    I am checking the value that is being returned to the web server, and it is always 'A', 'B', or 'C'.

    Once this process is complete, I set a PHP string to that value:
    Code:
    	$thisQuery = sqlsrv_fetch_array($stmt);
    	$queryStatus = $thisQuery['rtnMsg'];
    Based upon the value of the $queryStatus string, a switch/case statement will set a session variable, and return to the registration form.
    Code:
    	switch(trim($queryStatus)) {
    		case "A":
    			unset($_SESSION['register']);
    			$_SESSION['regAlert'] = "An account with that name already exists.";
    			session_write_close();
    			header("Location: " . sanitize($_POST['returnTo']) . "");
    			exit; ob_end_flush();
    		break;
    		case "B":
    			include('register_validate.php');
    			unset($_SESSION['register']);
    			$_SESSION['regAlert'] = "You are now registered. Check your email for the validation and respond by clicking the link included.";
    			session_write_close();
    			header("Location: " . sanitize($_POST['returnTo']) . "");
    			exit; ob_end_flush();
    		break;
    		case "C":
    			unset($_SESSION['register']);
    			$_SESSION['regAlert'] = "An account with that email address already exists.";
    			session_write_close();
    			header("Location: " . sanitize($_POST['returnTo']) . "");
    			exit; ob_end_flush();
    		break;
    		default:
    			$_SESSION['regAlert'] = "I don't know what you did, but you broke the registration form.";
    			session_write_close();
    			header("Location: " . sanitize($_POST['returnTo']) . "");
    			exit; ob_end_flush();
    		break;
    		}
    The form contains code that will display the value of the session variable in the top part of the form, and then unset the session variable.
    PHP Code:
    <?php
        
    if(isset($_SESSION['regAlert']) && trim($_SESSION['regAlert']) != "") {
    ?>
    <tr>
        <td colspan="2" style="font-weight:normal; text-align:left; color:red; vertical-align:top;"><?php print $_SESSION['regAlert']; ?></td>
    </tr>
    <?php
            
    } unset($_SESSION['regAlert']);
    ?>
    The code executes perfectly every time IF the value is 'A' or 'C' (already exists); but if the returned value is 'B', sometimes it will show, sometimes it will not. Now I've placed code inside the 'B' switch-case that will die and then print the value of the session variable, and it's always there; but something is killing it before or just after the header redirect.

    I can't track down what is happening, here. Anybody else see anything that could be causing this?

    Thanks,
    |||||
    o . Q
    ___ "You live and you learn; or you don't live long." - Lazarus Long

    ^_^

  2. #2
    Join Date
    Sep 2008
    Posts
    95
    One obvious difference with case B is the "include('register_validate.php');".

    if you comment out that line, does it consistently set the session var? Could it be that the included file is throwing an error? For troubleshooting, what if you try replacing case B code with case A's?

    2 other thoughts (take em or leave em):

    1. You could save a lot of code by using an array to hold your messages:
    Code:
    $msg=array(
         'A'=>"An account with that name already exists.",
         'B'=>"...",
         'C'=>"..."
    );
    $switch=trim($queryStatus);
    if($switch=='B'){include('register_validate.php');}
    unset($_SESSION['register']);
    $_SESSION['regAlert'] = $msg[$switch];
    session_write_close();
    header("Location: " . sanitize($_POST['returnTo']) . "");
    exit; ob_end_flush();
    2. I believe calling ob_end_flush() after exit has no effect since the script would have already exited by that point.

  3. #3
    Join Date
    Dec 2002
    Location
    St. Louis, MO, USA
    Posts
    1,582
    The "register_validate.php" include is a document that contains code that will email the user with a link that will allow him/her to report back to the database that they did receive the email and will mark the user as a valid user. I will include all of that code, here, but I do not believe that it contains anything that would, or could, kill the $_SESSION['regAlert'] variable.

    PHP Code:
    <?php
    $thisHost 
    str_replace("www."""$_SERVER['HTTP_HOST']);
    $to  "\"" $_SESSION['register']['fullName'] . "\" <" $_SESSION['register']['emailAddress'] . ">";

    // subject
    $subject "Complete Registration Process (Validation)";

    // message
    $message "Hello, " $_SESSION['register']['firstName'] . ", and welcome to " $thisHost ".

    <br /><br />Your registration process at " 
    $thisHost " is almost complete.  

    <br /><br />All that's left is to validate your registration process by clicking here.  
    <br />This will open a new browser or browser-tab to access the page that will 
    <br />validate your account.

    <br /><br />If you have any questions, please email them to me at 
    <br />xxxxxxxxxxxxxxx@gmail.com.

    <br /><br />Hope to see you online!

    <br /><br />Jack
    <br />"
    ;

    // To send HTML mail, the Content-type header must be set
    $headers "From: \"Aquinas-Mercy Reunions 86\" <xxxxxxxxxxxxxx@gmail.com>" "\n"
    $headers .= "MIME-Version: 1.0" "\n"
    $headers .= "Content-type: text/html; charset=iso-8859-1" "\r\n";

    // Mail it
    mail($to$subject$message$headers);
    ?>
    I like the array idea for the messages. I don't work with arrays much, that's why I used the switch/case (I'm more accustomed to them.) But I'll give that a shot. Thanks!

    I figured output buffering would at least wait until the flush command before redirecting/exiting. Still kind of new to PHP, so not sure how that works.
    |||||
    o . Q
    ___ "You live and you learn; or you don't live long." - Lazarus Long

    ^_^

  4. #4
    Join Date
    Sep 2008
    Posts
    95
    For troubleshooting, still, I would just try commenting out that line and the other lines in case 'B' one at a time until message B is consistently displayed. Then uncomment the lines one at a time to see which one(s) might be causing the issue?

    Just another thought. Maybe it's in your code elsewhere but the session is never started in any of the code you've presented. Do you have a 'session_start();' in advance of using the $_SESSION vars?

    Also, if you put the following code on the page with the form just before you'd try to print the error message, do you see any of your other session vars? Is there a key for 'regAlert'? What's the value?

    Code:
    <?php
    echo "<pre>";print_r($_SESSION);echo "</pre>";
    ?>

  5. #5
    Join Date
    Jan 2007
    Location
    Wisconsin
    Posts
    2,120
    Very peculiar ... Can we see the whole file?
    Jon Wire

    thepointless.com | rounded corner generator

    I agree with Apple. Flash is just terrible.

    Use CODE tags!

  6. #6
    Join Date
    Dec 2002
    Location
    St. Louis, MO, USA
    Posts
    1,582
    Yes, the session.auto_start is configured to be on, so I don't need to put session_start() anywhere. I'll try your suggestion and report what it does. Thanks.

    EDIT: When the form submits, if the user or email doesn't already exist, it will send the validation email and insert the user into the database, but when it redirects to the form, the 'regAlert' session variable is blank.
    Last edited by WolfShade; 02-03-2012 at 01:10 PM.
    |||||
    o . Q
    ___ "You live and you learn; or you don't live long." - Lazarus Long

    ^_^

  7. #7
    Join Date
    Dec 2002
    Location
    St. Louis, MO, USA
    Posts
    1,582
    I don't know what I did, but I just got three successful regAlert messages with three successful user inserts.

    ????

    I hate it when that happens.

    Thanks!
    |||||
    o . Q
    ___ "You live and you learn; or you don't live long." - Lazarus Long

    ^_^

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles