i having problem with sessions in localhost, the problem is the session doesn’t work actually when it redirects to new post page it response’s as you should login first
Login code
<?php
include '../Class/db.class.php';
include '../Class/validation.class.php';
@session_start();
if(!$_SESSION['user']){
$link=$_GET['dir'];
if($link){
echo <<<EOF
<html> <head><title>ورود</title></head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<form method='post' action='index.php?dir=$link'>
Username: <input type='text' name='user'><br />
password<input type='password' name='pass'><br />
<input type='hidden' name='hidd' value=1>
<input type='submit' value='login'><br />
</form>
EOF;
}
else {
echo <<<EOF
<html> <head><title>login</title></head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<form method='post' action='index.php'>
username: <input type='text' name='user'><br />
password: <input type='password' name='pass'><br />
<input type='hidden' name='hidd' value=1>
<input type='submit' value='login'><br />
</form>
EOF;
}
}
$db=new db("localhost", "root", "", "blog");
$con=$db->connect();
$logout=$_GET['logout'];
$user=$_POST['user'];
$pass=$_POST['pass'];
$hidden=$_POST['hidd'];
if($hidden){
if(!$user){
echo "username field can't left blank";
}
elseif (!$pass) {
echo 'password field can't left blank!';
}
else{
$userres=$db->usersearch($user, $pass);
if($userres==FALSE){
echo 'username or password is wrong';
}
else {
$_SESSION['user']=$user;
}
}
}
if($_SESSION['user']){
$link=$_GET['dir'];
echo "you logged in ".$_SESSION['user'];
if($link=="new")
echo '<meta http-equiv="REFRESH" content="0;url=../admin/post/new.php">';
}
if($logout)
session_destroy();
if($_SESSION['user'])
echo '<br /><a href="?logout=1">logout</a>';
?>
new post code
<?php
@session_start();
if($_SESSION['user']=="admin"){
include '../../Class/db.class.php';
echo <<<EOF
<form method=post action="new.php">
<br /> subject:
<br />
<input type="text" name="title"><br />
post:<br />
<textarea cols=50 rows=10 name="post"></textarea><br />
<input type="submit" value="send">
EOF;
$title=$_POST['title'];
$post=$_POST['post'];
$db=new db("localhost", "root", "", "blog");
$db->connect();
if($title && $post){
$d=$db->post_insert($title, $title, 1);
if($d==TRUE)
echo "post created";
else
echo "an error occurred while sending the post";
}
$dd=$db->read(0, 20);
for($i=0;$i<20;$i++){
echo $dd['content'][$i]."<br />";
}
}
else
{
echo "you should login first";
echo $_SESSION['user'];
}
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
?>
please help me!
The fact you’re suppressing error output from session_start() with the @ symbol suggests that session_start is reporting errors that you’re ignoring.
If it’s reporting errors, you should look at the error it’s generating to determine what’s wrong.
Usually, session_start fails due to headers having already been sent. This happens if your script outputs any text before session_start is called. Once headers have been sent, the session cannot be started as it depends on sending headers.
The fix for this is to make sure that session_start is the first thing to happen in your script. As session_start happens as the first thing after your includes, then this means there’s either whitespace at the start of your script, or whitespace or statements that generate output in the scripts you include. You need to check the included files and fix any white space (anything that’s outside of the PHP tags) and check that they don’t output anything until the session_start occurs.
On a side note, never use @ for error suppression. It’s the coding equivalent of sweeping potentially serious problems that need to be addressed under the carpet.