0

I have a php script that I call through ajax to initialize session variables for a user login. When I retrieve the session info later on it doesn't seem to be there. What is missing from this. I must say I am assuming that the $_SESSION variable is there. I haven't done this before.

PHP code that searches for user in db and initializes session variable

while (true) {
    $md5_pw = md5($password_text);
    $r_getuser = mysql_query("SELECT * FROM users WHERE (user_name = BINARY '".mysql_real_escape_string($l_un_em)."' OR email = '".mysql_real_escape_string($l_un_em)."') AND (password = '$md5_pw' OR temp_password = '$md5_pw') AND status >= 0");
    if (mysql_num_rows($r_getuser) == 0) {
        /* echo $messages['log_un_em_pw_incorrect'];
        return; */
        $return['return_code'] = -1;
        $return['return_msg'] = $messages['log_un_em_pw_incorrect'];
        echo json_encode($return);
    }
    $row = mysql_fetch_assoc($r_getuser);
    /* if ($row['privs'] < 1) { echo $messages['log_no_privs']; break; } */
    if ($row['temp_password'] == $md5_pw) { //new password
        mysql_query("UPDATE users SET password = '".$md5_pw."', temp_password = NULL WHERE user_id = '{$row['user_id']}'");
    }
    $today = date('Y-m-d');
    if ($row['login_0'][0] == '9') { //first login
        mysql_query("UPDATE users SET login_0 = '".$today."', login_1 = '".$today."', login_cnt = 1 WHERE user_id = '{$row['user_id']}'");
    } else {
        mysql_query("UPDATE users SET login_1 = '".$today."', login_cnt = login_cnt+1 WHERE user_id = '{$row['user_id']}'");
    }
    $_SESSION['uid'] = $row['user_id'];
    $_SESSION['unm'] = stripslashes($row['user_name']);
    $_SESSION['uml'] = stripslashes($row['email']);
    $_SESSION['cL'] = $row['language'];
    /* echo '<meta http-equiv="refresh" content="0;url=livemass_CENTER34.php">'; */ //default page
    break;
}

PHP code to retrieve session variable.

<?php
ini_set('display_errors', 1);
error_reporting(E_ALL);

echo 'user id '.$_SESSION['uid'].'<br/>';
echo 'username '.$_SESSION['unm'].'<br/>';
echo 'uml '.$_SESSION['uml'].'<br/>';
echo 'cL '.$_SESSION['cL'].'<br/>';

?>

Javascript to show session info.

$.ajax({
      url: "get_session_info.php",
      type: "GET",
      data: {},
      cache: false,
      async: false,
      success: function (response) {
      alert ('session info response <br/>'+response);
      },
});
Improve this question
7
  • I see no session_start(); anywhere? Commented Apr 21, 2012 at 16:06
  • please post entire php code instead of snippets.. are you sure u added a session_start()? It should be added on every page u plan to use $_SESSION Commented Apr 21, 2012 at 16:08
  • Please stop writing new code with the ancient mysql_* functions. They are no longer maintained and community has begun the deprecation process . Instead you should learn about prepared statements and use either PDO or MySQLi. If you care to learn, here is a quite good PDO-related tutorial. Commented Apr 21, 2012 at 16:08
  • This appears to be a duplicate question; please take a look at: stackoverflow.com/questions/1787292/… Commented Apr 21, 2012 at 16:10
  • @tereško If PDO is a sane and sound language and an improvement over MySQL I am willing to learn! Quick question... MySQL allowed you to select the database separate from the connection, i.e. you connect with mysql_connect then you select a db with mysql_select_db. Is there a similar way in PDO. Commented Apr 21, 2012 at 17:48

2 Answers 2

Reset to default
0

add session_start() to all your files which access session varibale values

<?php
session_start();
ini_set('display_errors', 1);

// remaining items

?>

http://php.net/manual/en/function.session-start.php

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Great. That was the problem!
0

To build on what @Frits said. To use php sessions you must place the function session_start(); at the beginning of every page that you want to access $_SESSION on.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.