Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

session authentication help

Posted on 2004-08-23
10
Medium Priority
?
220 Views
Last Modified: 2011-09-20
Hi to all experts,
I'm a asp programmer and know very little about PHP.

Login Form:
I have a login form build in asp which accepts username/password and authenticate against db. If login successful, I set session variable session("userid")

other_web_pages
I check this session variable in every asp webpage. If it is not exist then redirect to login page.

QUESTION:
I have few PHP webpages. How do I check session("userid") in php file.
Here is what I tried. But it is not working....

ob_start();
if (!session_id()) {
    session_start();
}

//checking if user is not authenticated
if (!isset($_SESSION["userid"]))
{
      // redirecting user to the login page
      header("Location: http://myserver.com/login.asp");
      exit;
}

0
Comment
Question by:ayumi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
10 Comments
 
LVL 27

Expert Comment

by:Diablo84
ID: 11873596
heres an overview of how it should work

setting a session variable:

session_start(); //always at top of page to initialize session data

$_SESSION['variable_name'] = "value";


checking if a session variable is set:

session_start();

if (isset($_SESSION['variable_name'])) {
 //session var is set
}


or using your piece of code as an example:

session_start();
ob_start();

if (!isset($_SESSION['userid'])) {
 header("Location: http://myserver.com/login.asp");
 exit;
}
else {
 echo "session variable is not set"; //you can optionally remove this part
}


0
 
LVL 27

Expert Comment

by:Diablo84
ID: 11873605
note regarding the last part above, forgot about the header change, just checking its set on a debugging level:

if (!isset($_SESSION['userid'])) {
 echo "session variable is set";
}
else {
 echo "session variable is not set";
}
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 11873611
oh dear me, im having one of those days apparently :), should be

if (!isset($_SESSION['userid'])) {
 echo "session variable is not set";
}
else {
 echo "session variable is set";
}
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:ayumi
ID: 11873745
As per your suggestion I changed but it always prints "not found"
NOTE: I'm setting session variable in asp file like this : session("username") = "ayumi"
Are you sure, I can access session variables in PHP if above is the case?

if (!session_id()) {
    session_start();
}
ob_start();

if (!isset($_SESSION['username'])) {
   echo "not found";
} else {
   echo "found";
}
0
 
LVL 27

Assisted Solution

by:Diablo84
Diablo84 earned 1000 total points
ID: 11874646
i see, did not realise you was setting the sessions with ASP, as far as i am aware you cannot share sessions between ASP and PHP, atleast not directly.

You may want to look at the comments by RQuadling in the following thread which highlight a potential work around

http://www.experts-exchange.com/Web/Web_Languages/PHP/PHP_Windows/Q_21083695.html

Generally though it is not a done thing.
0
 
LVL 1

Accepted Solution

by:
worm22 earned 1000 total points
ID: 11875209
**DISCLAIMER**
I do not recommend doing this as it would open some nasty security holes.  Better to stick with one language for the whole site.
---------
If you absolutely HAVE to go from an ASP page to a PHP page, you could put all required session variables into GET or POST variables and pass it through an intermediary processing page.

---------

intermediary.php
--
session_start();
$userid = $_POST['userid'];
$_SESSION['userid'] = $userid;
header("Location: target.php");
--
0
 

Author Comment

by:ayumi
ID: 11876154
Diablo84 - Thank you for providing link to other thread which was very informative. Thanks for the time.

worm22's - I liked your approach... Please give me some time to try few things with your suggestion and I will come here tommorow...

You guys are awesome....
Ayumi
0
 

Author Comment

by:ayumi
ID: 11884771
It solved my problem. I put all required session variables into POST variables....
I split the points...
Thanks,
Ayumi
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 11884785
Good luck with your code :)

|)iablo
0
 
LVL 1

Expert Comment

by:worm22
ID: 11886158
No problem.  glad it helped. :)

--
worm
0

Featured Post

Tech or Treat! - Giveaway

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
Developers of all skill levels should learn to use current best practices when developing websites. However many developers, new and old, fall into the trap of using deprecated features because this is what so many tutorials and books tell them to u…
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to count occurrences of each item in an array.

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question