html5 php sessions

I am having a problem that i think has been narrowed down to the session not storing my variable and keeping it throughout the pages.  The pages are all in html5, although their endings are .php

When the user logs in, it acts successful and routes them to the next page, but when it reaches the part that talks to the database information is not being entered. I echo'd the sql for the doInsert page and it shows a correct statement but has nothing for the username (which is the session variable) and if i hard code it it goes to the database correctly.

So the session must not be registering or keeping active through all the pages.  Does this have anything to do with html5?  I am using the session start at the beginning of every page.

The code below is what i have for login, i have tried so many different things now though trying to get this to work i can't remember what i started with.
	// start the session
	// open database connection
	$username	= $_POST["username"];
	$passwd		= $_POST["password"];
	$sql = "SELECT userID FROM Users WHERE userID='".$username."' AND Passwd='".$passwd."'";
	 //echo $sql; // to check 
	$result = mysql_query($sql);
	$row = mysql_fetch_row($result);
	if ($row){ // they exist!!
		$_SESSION["username"] = $username;
		header("Location: testA-overheat.php");
		header("Location: error.php");


Open in new window

Who is Participating?

Improve company productivity with a Business Account.Sign Up

Mark BradyConnect With a Mentor Principal Data EngineerCommented:
Just to tidy things up and to get you into some sort of normality when coding, you might like to try the sessions like this. Copy the text below and save it as "session.php" in the same folder as your site. Do this for every site you want to use sessions in. I also use a constants.php file that connects me to the database instead of typing the connection code each time.

<?php // session.php - include with ALL documents you need to work with php sessions()
if(is_array($_REQUEST)) {
  foreach($_REQUEST as $key => $value){
    $_SESSION[$key]      = $value;

Now in your other pages and immediately after the opening tag include that file. I usually put it in a folder called "inc/" short for "includes"

<?php // index.php
include("inc/constants.php"); // this file is your database connection script

Here is the constants.php code if you are interested.

<?php // constants.php located in the 'inc' folder
Turn all error warnings and displays off for security and on for debugging */
error_reporting(0);  // Uncomment this line and comment out next line before making this script public
date_default_timezone_set('Antarctica/McMurdo'); // set your default time zone if required

define("DB_SERVER", ""); // or localhost or your servername
define("DB_USER", "your-mysql-username");
define("DB_PASS", "your-mysql-password");
define("DB_PORT", "3316"); // only set the port number if required. Usually not required so delete this line
define("DB_NAME", "AFM"); // The database name. You can set as many as you need.
define("DB_NAME1", "AFM_SCHOOL"); // This is another DB I need to connect to in this site.
mysql_connect(DB_SERVER.':'.DB_PORT, DB_USER, DB_PASS); // If no port is required this line should read as below
// mysql_connect(DB_SERVER, DB_USER, DB_PASS);
mysql_select_db(DB_NAME); // You database to connect to. To swap databases throughout the website add this line: mysql_select_db(DB_NAME1);

Place that file (constants.php) in the same folder (inc/) and include it like I have done above. Now you can be sure that you will connect every time to the DB AND that every page required to use sessions will have a session started so ALL posted or $GET variables are captured as $_SESSION['variables']; and can be used on ANY page you include the session.php file in.

If you change what you have to this idea then you can rule out that possibility that the session is not valid on one or more of your pages.
First and foremost, you need to increase security. At the very least, change $sql to
	$sql = "SELECT userID FROM Users WHERE userID='".addslashes($username)."' AND Passwd='".addslashes($passwd)."' LIMIT 1";

Open in new window

Second, use mysql_num_rows rather than mysql_fetch_row for verification whether or not a line exists.

Third, use mysql_fetch_assoc instead of mysql_fetch_row when using $row variables. _row will return both a numeric and associative array (0 => 1, 'userID'=>1) effectively doubling the size of the array.

Fourth, does testA-overheat.php start with

Open in new window

Ignore the part about mysql_fetch_row returning a numeric and associative array.
What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

Beverley PortlockCommented:
IE has problems with HTML5 and sessions. Check the following likely causes

1) Check the server date. IE is sensitive to the date being served up and if the server date is wrong it could be expiring the cookie with the session in it.

2) Make sure the domain name has only W3C characters - no underscores and such. Most browsers aren't bothered but IE has

3) If a FRAME or IFRAME is in use the problem could be related to something in the other pages or you may need to create a P3P header for IE
newmie22Author Commented:
i don't use internet explorer, i have tested in and experienced problems in safari, chrome, and firefox, the latest versions, so it must be my code, i'm not very experienced with php and html5 is new to me
Mark BradyPrincipal Data EngineerCommented:
I don't use explorer either I use chrome, safari and Firefox. The main thing that goes wrong in EE5.5 and EE6.0 is div heights which if less than 20px will display at 20px because it thinks you are going to have text in there and their miniumum text size is around 20px. That is easy to get around and all my sites comply with most browsers.

Try my suggestion and see if your problem is still persistent.
newmie22Author Commented:
ok, i will try when i get home tonight to see if that fixes the issue, thanks
newmie22Author Commented:
elvin, changes my pages to be the way you described but still nothing is entered into the database unless i hardcode what is supposed to be the session variable
Please post your code. It'll be easier to debug if we can see what's going on.
Mark BradyPrincipal Data EngineerCommented:
Ok echo your posted variables to make certain they have values in them. Whatever is posted, echo them back and check. Once it has been posted, if there is values in the posted variables they will automatically be inserted into the session variables. So if your post a username like this

<input type="text" name="username" value="<?php echo $_SESSION['username']; ?>" />

That is in your form. Now on the recieving form or any other page with that session file included, you will be able to echo $_SESSION['username'];

Sounds to me like there is nothing in your posted data. Also, don't use the actual $_SESSION['variablename'] inside a mysql statement it for some reason doesn't work as it should always. I always start a new page with

$username = $_SESSION['username'];  etc etc..... So check your posted data for values first.
newmie22Author Commented:
Thanks for the help, i got it to work after organizing the pages like you said and fixing some spelling errors buried in my code!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.