session problem

Okay I've been trying to get the sessions to work but this is what I get:


Here's the error I get:

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /var/www/html/webdev/uploads/index.php:6) in /var/www/html/webdev/uploads/index.php on line 7

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /var/www/html/webdev/uploads/index.php:6) in /var/www/html/webdev/uploads/index.php on line 7
You left the username or password field blank.

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /var/www/html/webdev/uploads/index.php on line 59
Welcome

PHP:

Here's the code:

<?php
session_start(); 

   echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">';
   echo "<head><title> {$title} </title>";

   echo '<style type="text/css">

         #forms { position:absolute;top:75px;left:200px;align:right;padding-bottom:5px;}
         #text { position:absolute; top:75px; left:125px; align:left;} 
         .text2 { padding-top:8px;} 
         .forms2 { padding-bottom:6px;} 
         #login {position:absolute;top:100px;left:75%;} 
         .nav{position:absolute; top:75px; left:10%; right:10%; width:80%;background-color:#0099FF;text-align:right;a}
         .input{width:100px;} </style>
          </head><body>';
   

$logout = '<a href="logout.php">Logout</a>';

   echo '<div class="nav"><a href="index.php">Home</a> |', $logout  , ' | <a href="register.php">Register</a> | <a href="links.php">Links</a> | <a href="faq.php">FAQ</a></div>';


   echo "<div id=\"login\"><form action=\"index.php\" method=\"post\">
         Login:<br>
         Username: <input type=\"text\" name=\"username\" cols=\"60\" class=\"input\"><br>
         Password: <input type=\"password\" name=\"password\" cols=\"60\" class=\"input\"><br>
         <input type=\"submit\"></form></div>";




mysql_connect(localhost,username,pass);


//check to see if sessions are set if not set them 
if(!isset($_SESSION['user_name']) || !isset($_SESSION['user_password'])){ 
if(!empty($_POST['username']) || !empty($_POST['userpassword'])){ 
$_SESSION['username'] = $_POST['username']; 
$_SESSION['password'] = $_POST['password']; 
}
else{ 
echo'You left the username or password field blank.'; 
} 
} 

$sql = "SELECT * FROM user WHERE User = '$_SESSION[username]' && Password='$_SESSION[password]'"; 
$result = mysql_query($sql); 
$row = mysql_fetch_array($result); 
//compare sessions to those in table 
//Incorrect username and password 
if($_SESSION['username'] != $row['username'] && $_SESSION['password'] != $row['password']){ 
$_SESSION = array(); 
if (isset($_COOKIE[session_name()])) { 
setcookie(session_name(), '', time()-42000, '/'); 
}
 
@session_destroy(); 
echo'Incorrect Username or password'; 
} 
//correct username and password 
else{ 
echo'Welcome '.$_SESSION['username']; 
} 




    echo '</body></html>';




?>

PHP:

Basically what I need the session to remember the username/password that it calls from the database for the user to log in.

 

You are trying to set the session after you output something to the browser. This cannot be done unless you use something called output buffering.

 

1. Delete everything before "<?php" (spaces, tabs, new lines...)
2. You don't need sessions in this case...

 

1. Might be my problem. I have a space before <?php

2. I know. I have it working without sessions - I want to add the ability to change data in the database - and I need sessions for that.

 

Okay, I got rid of the dead space. Now I get this error:

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /var/www/html/webdev/uploads/index.php on line 50
Welcome 

PHP:

 

Replace this

$result = mysql_query($sql); 

PHP:

with this and see what error you get

$result = mysql_query($sql) OR die( mysql_error() );

PHP:

 

Replace:

$sql = "SELECT * FROM user WHERE User = '$_SESSION[username]' && Password='$_SESSION[password]'"; 

Code (markup):

with:

$sql = "SELECT * FROM user WHERE User = '" . mysql_real_escape_string($_SESSION[username]) . "' AND Password='" . mysql_real_escape_string($_SESSION[password]) . "'"; 

Code (markup):

 

Okay, I did some of the things recommeneded. The error result I get is that there is no database selected. But there should be.

<?php
session_start(); 

mysql_connect(localhost,username,pass);

   echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">';
   echo "<head><title> {$title} </title>";

   echo '<style type="text/css">

         #forms { position:absolute;top:75px;left:200px;align:right;padding-bottom:5px;}
         #text { position:absolute; top:75px; left:125px; align:left;} 
         .text2 { padding-top:8px;} 
         .forms2 { padding-bottom:6px;} 
         #login {position:absolute;top:100px;left:75%;} 
         .nav{position:absolute; top:75px; left:10%; right:10%; width:80%;background-color:#0099FF;text-align:right;a}
         .input{width:100px;} </style>
          </head><body>';
   

$logout = '<a href="logout.php">Logout</a>';

//menu
   echo '<div class="nav"><a href="index.php">Home</a> |', $logout  , ' | <a href="register.php">Register</a> | <a href="links.php">Links</a> | <a href="faq.php">FAQ</a></div>';

//login form
   echo '<div id="login"><form action="index.php" method="post">
         Login:<br>
         Username: <input type="text" name="username" cols="60" class="input"><br>
         Password: <input type="password" name="password" cols="60" class="input"><br>
         <input type="submit"></form></div>';



$connection = mysql_connect("localhost", "username", "pass");

if (!connection)
{
die('Could not connect to database:' . mysql_error());
}


//check to see if sessions are set if not set them 
if(!isset($_SESSION['username']) or !isset($_SESSION['password'])){ 
if(!empty($_POST['username']) or !empty($_POST['password'])){ 
$_SESSION['username'] = $_POST['username']; 
$_SESSION['password'] = $_POST['password']; 
}
else{ 
echo'You left the username or password field blank.'; 
} 
} 


$sql = "SELECT User, Password FROM user WHERE User = '$_SESSION[username]' AND Password='$_SESSION[password]'"; 
$result = mysql_query($sql) OR die( mysql_error() ); 
$row = mysql_fetch_array($result, MYSQL_NUM); 
//compare sessions to those in table 
//Incorrect username and password 
if($_SESSION['username'] != $row['username'] AND $_SESSION['password'] != $row['password']){ 
$_SESSION = array(); 
if (isset($_COOKIE[session_name()])) { 
setcookie(session_name(), '', time()-42000, '/'); 
}
 
@session_destroy(); 
echo'Incorrect Username or password'; 
} 
//correct username and password 
else{ 
echo'Welcome '.$_SESSION['username']; 
} 




    echo '</body></html>';




?>

PHP:

 

I don't see where you select a database. I see you connecting to it twice, but not actally selecting a database.

mysql_select_db($dbname);

PHP:

 

Ah. Of course.

What I did was modify this code from existing stuff I had... must have edited it out in the process I guess. Thanks.

 

Here is the slightly updated code. However, it still spits out an error.

<?php
session_start(); 

   echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">';
   echo "<head><title> {$title} </title>";

   echo '<style type="text/css">

         #forms { position:absolute;top:75px;left:200px;align:right;padding-bottom:5px;}
         #text { position:absolute; top:75px; left:125px; align:left;} 
         .text2 { padding-top:8px;} 
         .forms2 { padding-bottom:6px;} 
         #login {position:absolute;top:100px;left:75%;} 
         .nav{position:absolute; top:75px; left:10%; right:10%; width:80%;background-color:#0099FF;text-align:right;a}
         .input{width:100px;} </style>
          </head><body>';
   

$logout = '<a href="logout.php">Logout</a>';

//menu
   echo '<div class="nav"><a href="index.php">Home</a> |', $logout  , ' | <a href="register.php">Register</a> | <a href="links.php">Links</a> | <a href="faq.php">FAQ</a></div>';

//login form
   echo '<div id="login"><form action="index.php" method="post">
         Login:<br>
         Username: <input type="text" name="username" cols="60" class="input"><br>
         Password: <input type="password" name="password" cols="60" class="input"><br>
         <input type="submit"></form></div>';

$connection = mysql_connect("localhost", "username", "password");

if (!connection)
{
die('Could not connect to database:' . mysql_error());
}
mysql_select_db("database", $connection); 

//check to see if sessions are set if not set them 
if(!isset($_SESSION['username']) or !isset($_SESSION['password'])){ 
if(!empty($_POST['username']) or !empty($_POST['password'])){ 
$_SESSION['username'] = $_POST['username']; 
$_SESSION['password'] = $_POST['password']; 
}
else{ 
echo'You left the username or password field blank.'; 
} 
} 


$sql = "SELECT User, Password FROM user WHERE User = '$_SESSION[username]' AND Password='$_SESSION[password]'"; 
$result = mysql_query($sql) OR die( mysql_error() ); 
$row = mysql_fetch_array($result, MYSQL_NUM); 
//compare sessions to those in table 
//Incorrect username and password 
if($_SESSION['username'] != $row['username'] AND $_SESSION['password'] != $row['password']){ 
$_SESSION = array(); 
if (isset($_COOKIE[session_name()])) { 
setcookie(session_name(), '', time()-42000, '/'); 
}
 
@session_destroy(); 
echo'Incorrect Username or password'; 
} 
//correct username and password 
else{ 
echo'Welcome '.$_SESSION['username']; 
} 

    echo '</body></html>';

?>

PHP:

Error:

Warning: mysql_connect(): Access denied for user: 'username@localhost' (Using password: YES) in /var/www/localhost/htdocs/webdev/uploads/index.php on line 31

Warning: mysql_select_db(): supplied argument is not a valid MySQL-Link resource in /var/www/localhost/htdocs/webdev/uploads/index.php on line 37
No Database Selected

PHP:

 

You have to replace username and password with your actual username and password for the database access.

mysql_connect("localhost", "username", "password");

PHP:

 

^ I know. I did. I just changed them for this post.

 

The error you're gettig says the login details are wrong.

 

You can't echo any content to the browser before you set the cookie. You are echoing right at the top of the script.

 

ugh. *sigh* Still not getting it. I get errors whenever I do it any other way. Any suggestions?

 

Just to test, replace

$connection = mysql_connect("localhost", "username", "password");
if (!connection){die('Could not connect to database:' . mysql_error());}
mysql_select_db("database", $connection); 

PHP:

with

$db=mysql_connect("localhost","yourusername","yourpassword");
mysql_select_db("yourdatabasename", $db);

PHP:

and see if it works, if so, check your database base is definately correct and that the log in name and password you are using definately has access to said database.

 

The reason I was getting database connection errors is that I recently had a server move. It will connect now, though it still doesn't login/work with sessions.

Here's what I have:

<?php
session_start(); 



$db=mysql_connect("localhost","username","password");
mysql_select_db("database", $db);



//check to see if sessions are set if not set them 
if(!isset($_SESSION['username']) or !isset($_SESSION['password'])){ 
if(!empty($_POST['username']) or !empty($_POST['password'])){ 
$_SESSION['username'] = $_POST['username']; 
$_SESSION['password'] = $_POST['password']; 
}
else{ 
echo'You left the username or password field blank.'; 
} 
}


$_POST['username'] = $_SESSION['username']; 
$_POST['password'] = $_SESSION['password']; 

$sql = "SELECT User, Password FROM user WHERE User = '$_SESSION[username]' AND Password ='$_SESSION[password]'"; 
$result = mysql_query($sql) OR die( mysql_error() ); 
$row = mysql_fetch_array($result, MYSQL_NUM); 
//compare sessions to those in table 
//Incorrect username and password 
if($_SESSION['username'] !== $row['username'] AND $_SESSION['password'] !== $row['password']){ 
$_SESSION = array(); 
if (isset($_COOKIE[session_name()])) { 
setcookie(session_name(), '', time()-42000, '/'); 
}
 
@session_destroy(); 
echo'Incorrect Username or password'; 

//debug info
echo $_SESSION['username'] ."and ". $_SESSION['password'];

} 

//correct username and password 
else{ 
echo'Welcome '. $_SESSION['username']; 
} 




   echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">';
   echo '<head><title> {$title} </title>';

   echo '<style type="text/css">

         #forms { position:absolute;top:75px;left:200px;align:right;padding-bottom:5px;}
         #text { position:absolute; top:75px; left:125px; align:left;} 
         .text2 { padding-top:8px;} 
         .forms2 { padding-bottom:6px;} 
         #login {position:absolute;top:100px;left:75%;} 
         .nav{position:absolute; top:75px; left:10%; right:10%; width:80%;background-color:#0099FF;text-align:right;a}
         .input{width:100px;} </style>
          </head><body>';
   

$logout = '<a href="logout.php">Logout</a>';

//menu
   echo '<div class="nav"><a href="index.php">Home</a> |', $logout  , ' | <a href="register.php">Register</a> | <a href="links.php">Links</a> | <a href="faq.php">FAQ</a></div>';

//login form
   echo '<div id="login"><form action="index.php" method="post">
         Login:<br>
         Username: <input type="text" name="username" cols="60" class="input"><br>
         Password: <input type="password" name="password" cols="60" class="input"><br>
         <input type="submit"></form></div>';




    echo '</body></html>';

?>

PHP:

Basically it spits out "welcome," and nothing. If I enter username and password (which is should call to database/compare with sessions) it says "" and "". It should say "useranme" and "password".

What am I missing? Advice/guidance is appreciated.

 

...Anyone???

 

remove $_SESSION = array(); your emptying the session array which by the way, is always an array, the above line is never needed.