I have using session variable for log in form validation. When the user gives correct name and password then the session variable will set and the page will redirect. The page checks the session variable and load related contents.
My code works fine in local server, but in online server, the session variable was not set.
admin.php
<?php
session_start();
$admin = 0;
if(isset($_SESSION['admin'])){
$admin = $_SESSION['admin'];
}
if($admin == 0){
?>
<form action="" class="login">
<label>User Name :</label>
<input type="text" class="uname"/>
<label>Password :</label>
<input type="password" class="pwd"/>
<input type="submit" class="lSubmit" value="SUBMIT"/>
<p class="alert lAlert">test alert</p>
</form>
<?php }elseif($admin == 1){ ?>
<h1>Welcome Site Admin..!!</h1>
<?php } ?>
jQuery
$('.lSubmit').click(function(){
var name = $('.uname').val();
var pwd = $('.pwd').val();
$.post("validation/login.php",{name:name,pwd:pwd}).success(function(data){
var obj = jQuery.parseJSON(data);
if(obj.success == 1){
$('.alert').css('color','#067800');
window.location = "/admin.php";
}else{
$('.alert').css('color','#CC0000');
}
$('.lAlert').text(obj.msg);
$('.lAlert').fadeIn('slow');
});
return false;
});
validation/login.php
<?php
session_start();
$name = $_POST['name'];
$pwd = $_POST['pwd'];
$err['success'] = 0;
$err['msg'] = '';
if($name == ''){
$err['msg'] = 'Name required';
}else if($pwd == ''){
$err['msg'] = 'Password required';
}else if($name != 'admin'){
$err['msg'] = 'Wrong username';
}else if($pwd != 'admin'){
$err['msg'] = 'Wrong password';
}else{
$err['msg'] = 'Success';
$err['success'] = 1;
$_SESSION['admin'] = 1;
}
echo json_encode($err);
?>
When user gives name and password as admin, it was successfully loaded the welcome text in local server. But in online server the form only loaded again. The $_SESSION['admin'] was not set in online server. Can anybody help me?
Looks like your online server does not provide enough permissions for web-server user to store sessions in /var/lib/php5.
You should ask your host to check it. The easiest way to check if it is sessions problem is to write simple script:
if (empty($_SESSION['some_counter'])) {
$_SESSION['some_counter'] = 0;
}
echo $_SESSION['some_counter']++;
Then just refresh a page few times. If variable is not changed - then you can be sure that it is session management problem, that should be solved by your hosting provider.
In case if they don't want to help you - you can change the sessions folder to another directory and see what happens.
EDIT:
You can try to change storage folder to /tmp for example, just to check - normally, it is public folder for all users on server. But it is bad practice to have sessions stored in public places...
session_save_path('/tmp');
If it didn't help - try to use ini_set()
ini_set('session.save_path', '/tmp');
You should call one of these functions before session starts.
Should help ;)
Try this:
<?php
session_start() ;
$err = array() ;
if ((empty($_POST["name"])) or ($_POST["name"] != "admin")) {
$err[] = "Wrong username" ;
}
if ((empty($_POST["pwd"])) or ($_POST["pwd"] != "admin")) {
$err[] = "Wrong password" ;
}
if (count($err) == 0){
$message = "Success" ;
$_SESSION['admin'] = true;
}
?>
NOTE: You must use session_start() before outputting anything to your webpage. No echoes, no symbols, no html before starting this function. Place it on the top of your webpage. Also, if you have it on the top, but still cannot start the session, the encoding may be the problem, because an empty string is considered to be a symbol as well. Encode you file in UTF-8 without BOM
Hope this helps :)