I am a php newbie and I am using MAC OS. I recently set up a website and test it under localhost. It works fine until one day I tried to rename my home folder, and quit halfway when switching from root back to the one that I have renamed. Then I logged out from the root user and loggin in the one that I have renamed. Then I found that I have to reset everything. The application folder had been moved outside the user home dir to the same level with the user folder.
Here’s the problem(I don’t know whether it is caused by the above action.)
I let a user log in with username and password, and use a session variable to store the username. I check with:
echo $_SESSION['name'];
echo session_status();
The first one shows the username I have input, and the second one prints 2
So I think that the username was stored in that session variable.
But then whenever the user enter another page, the session variable is destroyed.
What is the problem?
Here’s the code that I write for every page as page header. It contains the log in box. It used to work fine.
<?php
echo '<div id="pageheader">
<div class="wrap">
<div class="logo">
<a href="index.php"><img src="pics/1.gif" height="45px"></a>
</div>
<ul id="nav">
<li><a href="">New Arrival   /</a></li>
<li><a href="">Hot   /</a></li>
<li><a href="#">By School   /</a>
<ul >
<li><a href="">ADM</a></li>
<li><a href="">CEE</a></li>
<li><a href="">EEE</a></li>
<li><a href="">HSS</a></li>
<li><a href="">MAE</a></li>
<li><a href="">MSE</a></li>
<li><a href="">NBS</a></li>
<li><a href="">SBS</a></li>
<li><a href="">SCBE</a></li>
<li><a href="">SCI</a></li>
<li><a href="">SPMS</a></li>
<li><a href="">SCE</a></li>
</ul>
</li>
<li><a href="#">By Course   /</a>
<ul>
<li><a href="book.php?q=Mathematics">Mathematics</a></li>
<li><a href="book.php?q=Computer">Computing</a></li>
<li><a href="book.php?q=Accounting">Accounting</a></li>
<li><a href="book.php?q=Business">Business Law</a></li>
<li><a href="book.php?q=Physics">Physics</a></li>
<li><a href="book.php?q=Chemistry">Chemistry</a></li>
<li><a href="book.php?q=Biology">Biology</a></li>
</ul>
</li>
<li><a href="#">By Kind   /</a></li>
</ul>
<ul id="log">';
function generateLogin(){
echo ' <li id="login">
<a id="login-trigger" href="#">login <span>▼</span></a>
<div id="login-content">
<form action="'.$_SERVER['PHP_SELF'].'" method="post" enctype="multipart/form-data">
<fieldset class="inputs">
<input name="user" type="text" placeholder="Username" class="reqd" />
<input name="loginpw" type="password" placeholder="Password" class="reqd" />
</fieldset>
<fieldset class="actions">
<input type="submit" class="button1" value="Log in" />
<label><input name="keep" type="checkbox" value="yes" />Keep me signed in</label>
</fieldset>
</form>
</div>
</li>
<li id="signup">
<a id="signup-trigger" href="#">signup <span>▼</span></a>
<div id="signup-content">
<form action="signup.php" method="post" enctype="multipart/form-data">
<fieldset class="inputs">
<input name="username" id="username" type="text" placeholder="Username (at least 6 characters)" class="reqd user" />
<input name="email" id="email" type="email" placeholder="john@example.com" class="reqd email" />
<input id="passwd1" type="password" placeholder="Password (at least 6 characters)" class="reqd pd" />
<input name="pswd" id="passwd2" type="password" placeholder="Confirm your password" class="reqd passwd1" />
</fieldset>
<fieldset class="actions">
<input type="submit" class="button1" value="Sign up" /> <input type="reset" class="button1" />
</fieldset>
</form>
</div>
</li>
';
}
session_start();
if(!isset($_SESSION['name']) or $_GET['logout'] == 1){
if($_GET['logout'] == 1){unset($_SESSION['name']);}
if(isset($_POST['user'])){
$link = mysqli_connect('localhost','root','root','bookstore');
if (!$link){
die('Could not connect: ' . mysqli_error());
}
try {
$sql = "SELECT username FROM user
WHERE username='$_POST[user]' AND
pswd=MD5('$_POST[loginpw]')";
$sqlUser = "SELECT username FROM user
WHERE username='$_POST[user]'";
$result1 = mysqli_query($link, $sql);
$result2 = mysqli_query($link, $sqlUser);
if (!mysqli_fetch_row($result1)){
if(!mysqli_fetch_row($result2)){
throw new Exception("User ".$_POST['user']." does not exist!");
}
else{
throw new Exception("Incorrect password!");
}
}
else{
$_SESSION['name'] = $_POST['user'];
echo '
<ul id="log">
<li><a href="index.php?logout=1">Logout</a></li>
<li><a href="cart.php">Hi, '.$_POST['user'].'</a></li>
</ul>';
}
}catch(Exception $e){
echo "<script type='text/javascript'>alert('".$e->getMessage()."');</script>";
generateLogin();
}
mysqli_close($link);
}
else{
generateLogin();
}
}
else{
$name = $_SESSION['name'];
echo '
<ul id="log">
<li><a href="index.php?logout=1">Logout</a></li>
<li><a href="cart.php">Hi, '.$_SESSION['name'].'</a></li>
</ul>';
}
echo ' </ul>
<div id="search">
<form action="book.php" name="search" method="get" enctype="multipart/form-data">
<input name="q" id="q" autocomplete="off" onkeyup="showHint(this.value)" type="text" size="100" placeholder="Search..." />
<input type="submit" class="button1" value="Search" />
</form>
</div>
<div id="suggestBox">
<ul>
<div id="txtHint">
</div>
</ul>
</div>
</div>
</div>';
?>
You have to start the session on every page you use sessions
You should use
session_start()before any html output so in your case movesession_start()before the first echo!