OK thanx figured out a workaround in the meantime, I am setting and retaining part of the session, but not all session variables, am I doing this wrong???
$ip = $REMOTE_ADDR; // Check for session - if session is set user has already logged in session_start(); $login_state = &$_SESSION["login_state"]; if ($login_state["hasLoggedIn"] === 1) $hasLoggedIn = 1; if ($login_state["ip"] != $REMOTE_ADDR) $hasLoggedIn = 0; // Prevents session stealing $temp .= "Your new session id is: " . $login_state["ip"] . "<br>"; $login_state["ip"] never exists, though it's supposed to when the session is created upon successful login: // Set up session variable with username and redirect to pic upload lib session_start(); $login_state["hasLoggedIn"] = 1; $login_state["ip"] = $ip; session_register("login_state"); header("Location: http://" . $HTTP_HOST . $PHP_SELF); You can see I am going to be a big problem :( Phil "Uchendu Nwachukwu" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Make sure you aren't sending any HTML to the browser for any reason before > the session_start(); call. > > Surefire way to prevent this error: place the following line as the first > line of PHP script you execute on every page: > > ob_start(); > > Check out http://www.php.net/ob_start for details on what that does. > > -- > Uchendu Nwachukwu > newsreply AT unndunn DOT com - www.unndunn.com > > "Phil Powell" <[EMAIL PROTECTED]> wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > I am now getting the following errors on every page: > > > > Warning: Cannot send session cache limiter - headers already sent (output > > started at c:\program files\apache > > group\apache\htdocs\webmissions\picupload\miss_pic_upload.php:25) in > > c:\program files\apache > > group\apache\htdocs\webmissions\picupload\miss_pic_upload.php on line 81 > > > > This is when I use the following block of code to first SET the session > for > > the very first time: > > > > if (mysql_num_rows($results) == 0) { > > // Could not find info in db redirect to login library with error msg > > $errorHTML .= "<font color=cc0000>We could not find your information > "; > > $errorHTML .= " in our database. Please try again.</font><p>"; > > $hasLoggedIn = 0; > > } else if (strcmp(session_name(), "hasLoggedIn") != 0) { > > // Set up session variable with username and redirect to pic upload > lib > > session_name("hasLoggedIn"); > > $name = session_name(); > > session_start(); > > $HTTP_SESSION_VARS["username"] = $username; > > $HTTP_SESSION_VARS["ip"] = $REMOTE_ADDR; // To prevent session > stealing > > } > > > > I am completely confused! > > > > Phil > > > > "Michael Virnstein" <[EMAIL PROTECTED]> wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > you have to put this on top of every of your pages: > > > --------------------------------- > > > session_name("hasLoggedIn"); > > > $stuff = session_name(); > > > session_start(); > > > --------------------------------- > > > session_name first sets the name. then you call session_start which will > > > look for the > > > sessionid in ${session_name()}. that is why you have to call > > session_name() > > > BEFORE calling > > > session_start(); > > > > > > Regards Michael > > > > > > > > > "Phil Powell" <[EMAIL PROTECTED]> schrieb im Newsbeitrag > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > Thanx, however, I cannot retain the session_name when I go to the next > > > URL. > > > > How do I retain the session_name especially when I have to use a form > > > > method=POST? > > > > > > > > I have a URL that will be the login > > > > > > > > Once you login you will have a session (that works now) > > > > > > > > That page with the session will have a form with five <input=file> > type > > > form > > > > elements > > > > > > > > Once submitted you will be at a "thank-you" page and files uploaded, > but > > > > then the session is gone (session_name is back to PHPSESSID again) > > > > > > > > What do I do to keep it? I cannot use cookies and putting it in the > URL? > > > > > > > > Phil > > > > "Michael Virnstein" <[EMAIL PROTECTED]> wrote in message > > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > > session_name will retur the previos name of the session, so in your > > case > > > > > $stuff will contain "PHPSESSID" > > > > > and i think you have to call session_start(); before you do > > > > > $HTTP_SESSION_VARS["username"] = $username; > > > > > > > > > > so perhaps this will work: > > > > > > > > > > session_name("hasLoggedIn"); > > > > > $stuff = session_name(); > > > > > session_start(); > > > > > $HTTP_SESSION_VARS["username"] = $username; > > > > > > > > > > Regards, Michael > > > > > > > > > > "Phil Powell" <[EMAIL PROTECTED]> schrieb im Newsbeitrag > > > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > > > Will the following lines set up a session by the name of > > "hasLoggedIn" > > > > > with > > > > > > HTTP_SESSION_VARS["username"]? > > > > > > > > > > > > $stuff = session_name("hasLoggedIn"); > > > > > > $HTTP_SESSION_VARS["username"] = $username; > > > > > > session_start(); > > > > > > > > > > > > I am trying to create a page that sets a session variable upon > > > > successful > > > > > > login, problem is, the session_name() never changes it always > > remains > > > > the > > > > > > default PHPSESSID what am I doing wrong now? > > > > > > > > > > > > I fixed the problem with multiple files, that was bizarre! > > > > > > > > > > > > Thanx > > > > > > Phil > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > "Uchendu Nwachukwu" <[EMAIL PROTECTED]> wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > In your example, simply place this line in your code (on *every* page > you > > > want the session to be on): > > > > > > session_name("HasLoggedIn"); > > > session_register("username"); > > > > > > If your PHP was compiled with '--enable-trans-sid' you shouldn't have to > > > worry about anything else. PHP will automatically store the session ID > in > > a > > > cookie, or it will pass the session ID in your HTML links. If it wasn't > > > compiled with '--enable-trans-sid', you'll need to use the constant SID. > > > > > > Example: > > > ------------------------------------------------------------------ > > > <?php > > > session_name("HasLoggedIn"); > > > session_register("username"); ?> > > > > > > Welcome <?=$username;?>. <!-- assumes user has already entered a > username > > on > > > some other page --> > > > > > > <a href="nextpage.php?<?=SID;?>">Click here to continue.</a> > > > ------------------------------------------------------------------ > > > > > > Hope that helps! Check out http://www.php.net/manual/en/ref.session.php > > for > > > more info > > > > > > -- > > > Uchendu Nwachukwu > > > newsreply AT unndunn DOT com - www.unndunn.com > > > > > > "Phil Powell" <[EMAIL PROTECTED]> wrote in message > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > Thanx, however, I cannot retain the session_name when I go to the next > > > URL. > > > > How do I retain the session_name especially when I have to use a form > > > > method=POST? > > > > > > > > I have a URL that will be the login > > > > > > > > Once you login you will have a session (that works now) > > > > > > > > That page with the session will have a form with five <input=file> > type > > > form > > > > elements > > > > > > > > Once submitted you will be at a "thank-you" page and files uploaded, > but > > > > then the session is gone (session_name is back to PHPSESSID again) > > > > > > > > What do I do to keep it? I cannot use cookies and putting it in the > URL? > > > > > > > > Phil > > > > "Michael Virnstein" <[EMAIL PROTECTED]> wrote in message > > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > > session_name will retur the previos name of the session, so in your > > case > > > > > $stuff will contain "PHPSESSID" > > > > > and i think you have to call session_start(); before you do > > > > > $HTTP_SESSION_VARS["username"] = $username; > > > > > > > > > > so perhaps this will work: > > > > > > > > > > session_name("hasLoggedIn"); > > > > > $stuff = session_name(); > > > > > session_start(); > > > > > $HTTP_SESSION_VARS["username"] = $username; > > > > > > > > > > Regards, Michael > > > > > > > > > > "Phil Powell" <[EMAIL PROTECTED]> schrieb im Newsbeitrag > > > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > > > Will the following lines set up a session by the name of > > "hasLoggedIn" > > > > > with > > > > > > HTTP_SESSION_VARS["username"]? > > > > > > > > > > > > $stuff = session_name("hasLoggedIn"); > > > > > > $HTTP_SESSION_VARS["username"] = $username; > > > > > > session_start(); > > > > > > > > > > > > I am trying to create a page that sets a session variable upon > > > > successful > > > > > > login, problem is, the session_name() never changes it always > > remains > > > > the > > > > > > default PHPSESSID what am I doing wrong now? > > > > > > > > > > > > I fixed the problem with multiple files, that was bizarre! > > > > > > > > > > > > Thanx > > > > > > Phil > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php