/    Sign up×
Community /Pin to ProfileBookmark

Comparing $_SESSION’s

Copy linkTweet thisAlerts:
Oct 04.2011

Hi there,

I am currently learning about sessions in PHP, and I am having a problem with $_SESSION in an IF statement.

I am trying to create a login page that will set $_SESSION[‘login’] from 0 to:
– 1 if successful
– 2 if not successful (i.e, wrong password)

[CODE]if(…username and password are valid…) {
$_SESSION[‘login’] = 1;
}
else {
$_SESSION[‘login’] = 2;
}
}
$loginstatus = $_SESSION[‘login’];
if( $loginstatus == 1 ) {
header(“Location: content.php?cid=100”);
}
else {
header(“Location: login.php”);
}
[/CODE]

Either it is 1 or 2, the page directs to content.php (which is wrong.. if it is 2, it is supposed to go to login.php). If I change

[CODE]$_SESSION[‘login’] = 2;[/CODE]

to:

[CODE]$_SESSION[‘login’] = 0[/CODE]

and I enter incorrect username/password, login.php loads up. So, long story short, it seems like the comparison only works for either 0 or 1. Does anyone know why?

to post a comment
PHP

2 Comments(s)

Copy linkTweet thisAlerts:
@CaptainSessaOct 04.2011 — First of all:

Did you initialize your session with session_start()?

Second:

Why do it your way and not this way:


[CODE]
if(...username and password are valid...) {
$_SESSION['login'] = true;
header("Location: content.php?cid=100");
}
else
{
$_SESSION['login'] = false;
header("Location: login.php");
}
[/CODE]

This code has advantages: It is much shorter, you reduce the values in $_SESSION['login'] from 0,1,2 to true,false.. If a user has performed a valid login you'll only have to check on every page that requires valid login using this function (call this function once on start of every file that needs the user to be logged in)

[CODE]
function checkLogin()
{
if(!isset($_SESSION['login']) || !$_SESSION['login'])
header("Location: login.php");
}
[/CODE]

AND if you are on login.php AND have $_SESSION['login'] set to false you might want to display an error message like "Invalid username or password!"..

That should do it ?
Copy linkTweet thisAlerts:
@dhimoetauthorOct 04.2011 — Hi CaptainSessa,

Thank you for the great input.

However, I found the problem, which was my silly mistake. I put something like this on the login php:
[code=php]
if(...session id has a value...) {
...go to cid=100...
}
[/code]

Now, I will try out your method because it looks more professional. ?

Regards,

dhimoet
×

Success!

Help @dhimoet spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.9,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...