Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

PHP Session broken after server (Linux Redhat) move

Posted on 2010-09-24
5
Medium Priority
?
263 Views
Last Modified: 2013-12-12
I have a login section of my website that features a sessionvalidate.php script that is included on each page to make sure that a person is authorized to view the web page.  The server move was a lateral move with PHP 5 and MySQL 5 and Apache on both machines.  Obviously there is some PHP variable not turned on possibly?

Here is the code for the validate page that works on the original server and not on the new server.

<?Php
	session_start();
	include "../scripts/dbconnection.php";
	$myConn		= dbConnect();
	if(myConn==false)	header("Location: index.php?errCode=-3");
	
	$session_array=$HTTP_SESSION_VARS;
	if($session_array){
		$adminid	= $session_array['adminid'];
		$adminuser	= $session_array['adminuser'];
		$sql 		= "";
		$sql 		= "SELECT * FROM tbl_admin 
						WHERE user_uid='$adminid' AND
						username='$adminuser'";
		if(mysql_num_rows(mysql_query($sql,$myConn))<1)
		{
			header("Location: index.php?errCode=-4");
		}
	}else{
		header("Location: index.php");
	}
?>

Open in new window

0
Comment
Question by:pda4me
  • 3
  • 2
5 Comments
 
LVL 7

Expert Comment

by:ziceva
ID: 33752425
You did not tell us what the actual error is ...
This is the script, but when you run it, where does it take you? index.php, index.php?errCode=-3 or index.php?errCode=-4?

Also, I would suggest using $_SESSION instead of $HTTP_SESSION_VARS ....
0
 

Author Comment

by:pda4me
ID: 33752466
ziceva, that worked!  I changed it to $_SESSION and its working fine?  Why is that, what is the difference?
0
 
LVL 7

Expert Comment

by:ziceva
ID: 33752587
$HTTP_SESSION_VARS is the deprecated version of $_SESSION (php4 or so)
0
 
LVL 7

Accepted Solution

by:
ziceva earned 2000 total points
ID: 33752610
And a more complete answer

$_SESSION

$_SESSION variable is an associative array hold session variable available to the current script. This is automatic global variable also called super global variable. By default, this variable is available in all scopes throughout the script.

$HTTP_SESSION_VARS

Despite of $_SESSION variable, $HTTP_SESSION_VARS variable is not by default auto global but hold same information as $_SESSION variable. register_globals directive is required to set in php.ini file to make this variable available throughout the script.

So the register_globals was the culprit ... anyway, it is good practice to use $_SESSION instead of $HTTP_SESSION_VARS

0
 

Author Closing Comment

by:pda4me
ID: 33752645
Awesome help and one of the most complete answers I have ever had from an Expert.  Thanks for the help!
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
Recursive SQL is one of the most fascinating and powerful and yet dangerous feature offered in many modern databases today using a Common Table Expression (CTE) first introduced in the ANSI SQL 99 standard. The first implementations of CTE began ap…
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Suggested Courses

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question