Why $ _SESSION is not accessible on another page

Question

Why $ _SESSION is not accessible on another page

Navigation

#1 by (0 votes)

0

In my site I have a profile page, when the user logs in he is redirected to the perfil.php page, this login is done on the entrar.php page.

Then on the page I enter:

login.php

<?php include "controller/functions.php";?>
<?php include "controller/db_ss_user_entrar.php";?>
<?php include "view/doctype.php";?>
<html>
    <?php include "view/head.php";?>
    <body>
        <?php include "view/header.php";?>
        <div id="content">
            <?php include "view/wrap_entrar.php";?>
        </div>
            <?php include "view/footer.php";?>
        <script src=js/entrar.js></script>
    </body>
</html>

The relevant login file is db_ss_user_entrar.php . The part related to the session is indicated in the code below:

db_ss_user_entrar.php

<?php
include 'db_conect.php';
$place_email = "Insira um email";
$place_senha = "Insira uma senha";*/
$email_place = "Insira um email";
$email_err = "";
$senha_place = "Insira uma senha";
$senha_err = "";
$error = 0;
if($_SERVER["REQUEST_METHOD"] === "POST")
{       $value_email =  mysqli_real_escape_string($con, preg_replace('/\s+/', '', $_POST['email']));
        if(empty($_POST["email"]) || 
                $value_email === "" || 
                $value_email === "Email inválido" || 
                !preg_match("/^([\w-]+(?:\.[\w-]+)*)@((?:[\w-]+\.)*\w[\w-]{0,66})\.([a-z]{2,6}(?:\.[a-z]{2})?)$/i",$value_email))
        {       $value_email = "Email inválido";
                $error++;
        }else
        {       $value_email = mysqli_real_escape_string($con, preg_replace('/\s+/', '', $_POST['email']));
        }
        $value_senha = mysqli_real_escape_string($con, $_POST['senha']);
        if(empty($_POST["senha"]) || 
                !preg_match("/^\S*$/",$value_senha))
        {       $place_senha = "Senha inválida";
                $error++;
        }else
        {       $value_senha = mysqli_real_escape_string($con, $_POST['senha']);
        }
        if($error !== 0)
        {       return false;
        }
        $sql = "SELECT input_nome,input_email,input_tel,input_senha,user_id,img_perfil FROM form_user WHERE input_email = '$value_email' AND input_senha = '$value_senha'";
        $result = $con->query($sql);
        $linha = $result->num_rows;
        if($linha != 1)
        {       $error++;
                $value_email = "Email inválido";
                $value_senha = "";
                $place_senha = "Senha inválida";
                $con->close();
                return false;
        }else //<-----------------Aqui começa o trecho relativo a sessão
        {       $row = $result->fetch_object();
                session_start();
                $_SESSION['ss_nome'] = $row->input_nome;
                $_SESSION['ss_email'] = $row->input_email;
                $_SESSION['ss_id_user'] = $row->user_id;
                $_SESSION['ss_tel'] = $row->input_tel;
                $_SESSION['ss_s_user'] = $row->input_senha;
                if(($row->img_perfil) === "")
                {   $_SESSION['ss_img_perfil'] = "img/icon_perfil_bluegrey.svg";
                }else
                {   $_SESSION['ss_img_perfil'] = $row->img_perfil;
                }
                header('location:perfil');
        }
}
?>

So far it goes all right the user is redirected to the profile page and giving a var_dump($_SESSION) , I see that the session has the data I need.

The problem occurs on the profile page that has a link that allows the user to edit the profile:

<a href="editar-perfil" class="btn_fImob">Editar Perfil</a>

Then on page editar-perfil.php I have the following code:

<?php include "controller/functions.php";?>
<?php include "controller/security.php";?>
<?php include "controller/db_select_user.php";?>
<?php include "view/doctype.php";?>
<html>
    <?php include "view/head.php";?>
    <body>
        <?php include "view/header.php";?>
        <div id="content">
            <div id="content_perfil">
                                <?php include 'view/wrap_perfil_edit.php';?>
            </div>
        </div>
            <?php include "view/footer.php";?>
    </body>
</html>

The problem is that when you redirect from page perfil.php to editar-perfil.php , the session variable is null and automatically redirects to enter, the code that does this is from the file security.php :

security.php

<?php
session_start();
if(empty($_SESSION['ss_email']))
{       session_destroy();
        unset ($_SESSION['ss_email']);
        header('location:entrar');
}
?>

In other words, the session data is not being passed to the page editar-perfil.php , and I do not understand why.

php session

asked by anonymous 16.03.2018 / 01:04

1 answer

Error opening any PHP page in XAMPP [closed] Multiple Gallery with LightGallery

score 0 · Answer 1

I use this code for $_SESSION

    if (!isset($_SESSION)) {
  session_start();
}
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";

function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { 

  $isValid = False; 

  if (!empty($UserName)) { 
    $arrUsers = Explode(",", $strUsers); 
    $arrGroups = Explode(",", $strGroups); 
    if (in_array($UserName, $arrUsers)) { 
      $isValid = true; 
    } 
    if (in_array($UserGroup, $arrGroups)) { 
      $isValid = true; 
    } 
    if (($strUsers == "") && true) { 
      $isValid = true; 
    } 
  } 
  return $isValid; 
}

$MM_restrictGoTo = "../index.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {   
  $MM_qsChar = "?";
  $MM_referrer = $_SERVER['PHP_SELF'];
  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
  if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0) 
  $MM_referrer .= "?" . $_SERVER['QUERY_STRING'];
  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
  header("Location: ". $MM_restrictGoTo); 
  exit;
}