PHP Sessions - globals off

I am trying to get a login script working with globals turned off...

Page 1 (login.php): Page one has a username and password field, once
submitted it goes to page 2.

Page 2 (login_script.php):
// If $username and $password are set, match data against users table
$query=mysql_query("SELECT * FROM users WHERE username =
'$_POST[username]' AND password = '$_POST[password]'")
or die ("For some reason the script wasn't able to check the
username/password.<br> ".mysql_error());

// If num_rows from users table = 1, set session variables
if (mysql_num_rows($query) == "1") {

if(!session_id()){
session_start();
}
// i want to "register" these thing to display the info later
$_SESSION['valid_user'] = $_POST['username'];
$_SESSION['ip_address'] = $_SERVER['REMOTE_ADDR'];
$_SESSION['seclevel'] = $data->seclevel;
$rowid = $data->id;

header("Location: ./index.php?$id");
}

Page 3 (index.php):
I'm trying to call the variables (session variables) here:
Username: <? print "{$_SESSION['valid_user']}"; ?><br />
Security Level: <? print "{$_SESSION['seclevel']}"; ?>

The script works with globals on, but I want to turn that off in the
php.ini on my server.

What am I doing wrong with the $_SESSION side of things?

thanks

*** aaron wrote/escribió (8 Jun 2004 06:04:51 -0700):
> Page 3 (index.php):
> I'm trying to call the variables (session variables) here:
> Username: <? print "{$_SESSION['valid_user']}"; ?><br />
> Security Level: <? print "{$_SESSION['seclevel']}"; ?>

Do you load session data with session_start() ?

--
--
-- Álvaro G. Vicario - Burgos, Spain
--

Alvaro G Vicario <alvaro_QUITAR_REMOVE@telecomputeronline.com> wrote in message news:<gpu1r8udpx6j$.ctv7tgsna9ry.dlg@40tude.net>.. .
> *** aaron wrote/escribió (8 Jun 2004 06:04:51 -0700):
> > Page 3 (index.php):
> > I'm trying to call the variables (session variables) here:
> > Username: <? print "{$_SESSION['valid_user']}"; ?><br />
> > Security Level: <? print "{$_SESSION['seclevel']}"; ?>
>
> Do you load session data with session_start() ?
>
> --


Yes, I am doing a session_start();

I think you need to get rid of the if statement... you can check to see if
you are hitting the session_start function like this:
<?
if (!session_id()) {
session_start();
exit('session started');
}
exit('session NOT started');
?>

I don't think you need the session_id function at all.... I'd change it to
this:
<?
session_start();
?>

OR if you want to give it a specific session id... do this:
<?
session_id('MY_SESS_ID');
session_start();
?>


"aaron" <redhatlinux@msn.com> wrote in message
news:dd6e9aa5.0406080504.3eb4c2c3@posting.google.c om...
> I am trying to get a login script working with globals turned off...
>
> Page 1 (login.php): Page one has a username and password field, once
> submitted it goes to page 2.
>
> Page 2 (login_script.php):
> // If $username and $password are set, match data against users table
> $query=mysql_query("SELECT * FROM users WHERE username =
> '$_POST[username]' AND password = '$_POST[password]'")
> or die ("For some reason the script wasn't able to check the
> username/password.<br> ".mysql_error());
>
> // If num_rows from users table = 1, set session variables
> if (mysql_num_rows($query) == "1") {
>
> if(!session_id()){
> session_start();
> }
> // i want to "register" these thing to display the info later
> $_SESSION['valid_user'] = $_POST['username'];
> $_SESSION['ip_address'] = $_SERVER['REMOTE_ADDR'];
> $_SESSION['seclevel'] = $data->seclevel;
> $rowid = $data->id;
>
> header("Location: ./index.php?$id");
> }
>
> Page 3 (index.php):
> I'm trying to call the variables (session variables) here:
> Username: <? print "{$_SESSION['valid_user']}"; ?><br />
> Security Level: <? print "{$_SESSION['seclevel']}"; ?>
>
> The script works with globals on, but I want to turn that off in the
> php.ini on my server.
>
> What am I doing wrong with the $_SESSION side of things?
>
> thanks

Thanks...I'll try it. I've just had issues with sessions since
globals off is the default.

thanks

"Rook" <rook@wasabi-is-good.com> wrote in message news:<2d9yc.11118$H65.4905@nwrddc02.gnilink.net>.. .
> I think you need to get rid of the if statement... you can check to see if
> you are hitting the session_start function like this:
> <?
> if (!session_id()) {
> session_start();
> exit('session started');
> }
> exit('session NOT started');
> ?>
>
> I don't think you need the session_id function at all.... I'd change it to
> this:
> <?
> session_start();
> ?>
>
> OR if you want to give it a specific session id... do this:
> <?
> session_id('MY_SESS_ID');
> session_start();
> ?>
>
>
> "aaron" <redhatlinux@msn.com> wrote in message
> news:dd6e9aa5.0406080504.3eb4c2c3@posting.google.c om...
> > I am trying to get a login script working with globals turned off...
> >
> > Page 1 (login.php): Page one has a username and password field, once
> > submitted it goes to page 2.
> >
> > Page 2 (login_script.php):
> > // If $username and $password are set, match data against users table
> > $query=mysql_query("SELECT * FROM users WHERE username =
> > '$_POST[username]' AND password = '$_POST[password]'")
> > or die ("For some reason the script wasn't able to check the
> > username/password.<br> ".mysql_error());
> >
> > // If num_rows from users table = 1, set session variables
> > if (mysql_num_rows($query) == "1") {
> >
> > if(!session_id()){
> > session_start();
> > }
> > // i want to "register" these thing to display the info later
> > $_SESSION['valid_user'] = $_POST['username'];
> > $_SESSION['ip_address'] = $_SERVER['REMOTE_ADDR'];
> > $_SESSION['seclevel'] = $data->seclevel;
> > $rowid = $data->id;
> >
> > header("Location: ./index.php?$id");
> > }
> >
> > Page 3 (index.php):
> > I'm trying to call the variables (session variables) here:
> > Username: <? print "{$_SESSION['valid_user']}"; ?><br />
> > Security Level: <? print "{$_SESSION['seclevel']}"; ?>
> >
> > The script works with globals on, but I want to turn that off in the
> > php.ini on my server.
> >
> > What am I doing wrong with the $_SESSION side of things?
> >
> > thanks