Article Discussion: Developing Custom PHP Sessions

Developing Custom PHP Sessions If you have any questions or comments about this article then please post them here.

You can read the article here .

I have problem running this script. What am I doing wrong?

I get the following error msg:

Warning: Cannot add header information - headers already sent by (output started at /opt/www/login.php:13) in /opt/www/sess.php on line 55

Warning: Cannot add header information - headers already sent by (output started at /opt/www/login.php:13) in /opt/www/login.php on line 20

// Frederic Boije

looks like your sending out the headers early, make sure you aint outputting anything or have whitespace

Well if you copy and paste the scripts from the article, I get the same results.

Warning: Cannot add header information - headers already sent by (output started at /usr/local/www/data/sess.php:145) in /usr/local/www/data/sess.php on line 53

Warning: Cannot add header information - headers already sent by (output started at /usr/local/www/data/sess.php:145) in /usr/local/www/data/login1.php on line 13

Line 53 in the sess.php include is:
// set the cookie that will store the session key
setcookie("sess_key",$this->key,time()+3600);
}

Shouldn't the examples from the article work first before I start modifiying & adapting them?

Jim

With the given database schema from the article;



How are we suppose to INSERT using the following query from the example?

$insert = mysql_query("INSERT INTO sessions (sess_key, val, ip, sec_expire, stamp_expire, access) VALUES ('" . $this->key. "', '" . addslashes($val) . "' , '" . $_SERVER["REMOTE_ADDR"] . "' , " . $this->timeout . "," . (time() + $this->timeout) . "," . time() .");");

The above query assumes you have these database fields:
sess_key,
val,
ip,
sec_expire,
stamp_expire,
access

Jim

the article does work! dont you listen to me!



if you copy paste the code it, make sure it doesnt have any white space.

In other words, make sure the VERY first charcters of the file are

<?

there shouldnt be any spaces in front of it

if that still doesnt work, make sure you arnt echoing or printing our anything!

Thanks for your reply!

I took care of the header problem before your repsonse. I set the output buffer to "1" in my php.ini file..... I will go back and check for white space.

How about the database descrepency? Am I overlooking something here? I can't get the INSERT statement to work and I think it is because of the database structure difference...

Thanks!

Jim

I don't doubt that in fact it works, but I have had many problems with this tutorial.

The last one:

Notice: Undefined variable: login in ...\login.php on line 5

I believe that this variable is not defined, neither $logout (in Welcome.php)

Is somebody able to unveil something on the variable $PHP_SELF ?? In the manual only a reference appears about $_SERVER [' PHP_SELF']...

Still is pending the question pointed out by Ozric on the discrepancies in the database (is it maybe a characteristic of MySQL?)

In my opinion the tutorial lack of more additional information and certainly it is not for beginners.

The problem with this example are mainly two things:

1. You need to fix the table fields to match the insert statment. The mySQL table is missing some of the fields in the example. Make sure the fields sec_expire(int 25), access(
timestamp) and stamp_expire(timestamp) is in there.

2. The script automaticly updating both timestamp fields. Why? Because mySQL automaticly updates the first datetime field in a table So if you put access after stamp_expire you are having the same problem as I had. Shift the order - problem fixed.

The good thing about this example is that I really learned somting out of debugging it! Frankly - I would never had learned so much without having to fix the problem!!

It is a very good object-oriented code, and if somebody is interested, I would gladly give the code with my modifications or try to help you guys.

Loboe,

Check to make sure your register_globals setting is set to "off" in your php.ini file... The new way of accessing variables in PHP is by using the SUPERGLOBALS array system:

$_POST['<variableName>']
$_GET['<variableName>']


For your example, you'll need to modify the code so that it uses $_POST['login'] and $_POST['logout'] rather than just $login and $logout

that article was writen when 4.0 (i think) was out. since then with 4.1 and 4.2 you access the vars in a different way, as Frankie suggested. you need to go back, and change all the vars, into super globals

if i'm not mistaken, this article is ment as a means to guide you trough your own session handling, not to completely build it from scratch for you!

If you want to copy/paste some code and hope for it to work, I suggest you go elsewhere. The article tries to give you an insight on how to handle your own session management, and after reading it i must admit it is one of the clearest and best articles on session management so far.

my 2 cents

I have been looking all over the web for an article on this subject and this one is excellent.

The sample code did have a few syntax issues: the included .sql file had minor issues discussed in previous postings, I did have to tweak the variables in the sample files because I'm not using global variables (also discussed) and I did notice the call to the destroy() function within the expire() function listed it as "destory", which again no big deal. Pretty minor debugging overall.

I think this is well written code and is something that you can actually run with. So many times examples prove concepts but don't solve real world issues. This one does. Thanks!!!

Jason

Can this be used for a shopping cart? I keep trying it and can't get the thing to work. I don't need or want someone to have to login just to see the site. I would like to create a session and when they add stuff to a cart it goes into this session and eventually into a database when they submit the order.

The article does work, I took the source and put it into effect to see what all was doing what.. Now I'm using the inspiration I got from the article to make my own

I didn't know squat about sessions before.. and I still don't know as much as I could, but I'm getting there

But it does work without a problem... and as Ben and Frankie said, you may need to change the way that your variables are being handled..

What happen if the user simply close the browserWhat happen if the user simply close the browser

I found bugs and inconsistencies in this code when I started to work with it. (table schema != sql queries, location missing trailing colon, timestamp logic needlessly complex). But I am VERY grateful to Brian for creating this; it served as an excellent starting point for learning about custom sessions.

I tweaked this code for my purposes and it works well. I have added a feature to detect login sharing violations.


Create this table:

CREATE TABLE sessions (
sess_key char(6) NOT NULL,
val varchar(30) NOT NULL,
ip varchar(32) NOT NULL,
unix_time_expire int(20),
PRIMARY KEY(sess_key)
);

sess.php: