I just can’t get to set sessions in php, and I can’t find the reason why.
Hope you can give me a clue, on where I might be doing something wrong!
index.php
<?php
// Inialize session
session_start();
include_once("commons/config.php");
$authenticated = checkLoggedIn("yes", FALSE);
//flushMemberSession();
var_dump($authenticated);
echo "<pre>";
var_dump($_SESSION);
echo "</pre>";
?>
... followed by html and some php ifs
jquery ajax call WHICH RETURNS TRUE or FALSE, as it should, from checkPass() inside actions.php
$('#login').click(function(){
var data = $('#login-form').serialize();
$.post('commons/actions.php', data, function(result){
if(result == true){
console.log(result);
//location.reload();
}else{
console.log('not authenthicated');
}
},'json');
return false;
});
actions.php
session_start();
if (!$_SERVER['SERVER_ADDR'] == $_SERVER['REMOTE_ADDR']){
header('HTTP/1.0 400 Unauthorized', true, 400);
exit;
} else {
include('config.php');
$user = mysql_real_escape_string(stripslashes($_POST['username']));
$pass = mysql_real_escape_string(stripslashes($_POST['password']));
$response = checkPass($user, $pass); // false or
$debug = array('user'=>$user, 'pass'=>$pass, 'response'=>$response);
print_r(json_encode($response));
}
functions:
function checkLoggedIn($status, $redirect=TRUE){
switch($status){
case "yes":
if(!isset($_SESSION["loggedIn"])){
if($redirect) {
header("Location: login.php");
exit;
} else {
$authenticated = false;
return $authenticated;
}
} else {
checkLoggedIn("no");
}
break;
case "no":
if(isset($_SESSION["loggedIn"]) && $_SESSION["loggedIn"] === true ){
//header("Location: members.php");
$authenticated = true;
return $authenticated;
}
break;
}
return true;
}
function checkPass($username, $password) {
$query="SELECT username, password FROM users WHERE username='$username' and password='$password'";
$result=mysql_query($query, $link) or die("checkPass fatal error: ".mysql_error());
// Check exactly one row is found:
if(mysql_num_rows($result)==1) {
cleanMemberSession($username);
return true;
/*$row=mysql_fetch_array($result);
return $row;*/
}
//Bad username:
return false;
}
function cleanMemberSession($username) {
session_regenerate_id();
$_SESSION["username"]=$username;
$_SESSION["loggedIn"]=true;
session_write_close();
}
UPDATE
AJAX Headers
Response Headers
Connection Keep-Alive
Content-Length 4
Content-Type text/html
Date Sun, 27 May 2012 19:36:54 GMT
Keep-Alive timeout=5, max=100
Server Apache/2.2.21 (Win32) mod_ssl/2.2.21 OpenSSL/1.0.0e PHP/5.3.8 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By PHP/5.3.8
Request Headers
Accept application/json, text/javascript, */*; q=0.01
Accept-Encoding gzip, deflate
Accept-Language en-us,en;q=0.5
Connection keep-alive
Content-Length 31
Content-Type application/x-www-form-urlencoded; charset=UTF-8
Cookie PHPSESSID=qhbjq76f4np7iug09jrnl4j5j1
Host localhost
Referer http://localhost/tw/Tevienes/web/
User-Agent Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0
X-Requested-With XMLHttpRequest
UPDATE2
BTW, the response to var_dump($_SESSION); is array(0) { }
UPDATE3
I just added $_SESSION['test'] = 'alex'; after session_start(); in index.php, and the session variable has been set… so It must be something with the function setting the variables… or who know what else
Put session_start() in all called .php files, also the ones called from ajax.
Also at the start of actions.php put parentheses on the comparisons. ! operator has higher precedence than < or >.
change
to