[gilsal]

Theres not much else code other than that.

This is when login is validated and before moving to secured page.

$_SESSION['user']=$user;

This is from the secured page.

$user = $_SESSION['user'];
$username = $user->username;

This is the class page

class sessionUserInfo {
    public $username;
    public $time;
    public $name;
    public $email;
     
    public function setUsername($x){
        $this->username = $x;
    }
    public function setTime($x){
        $this->time = $x;
    }
    public function setName($x){
        $this->name = $x;
    }
    public function setEmail($x){
        $this->email = $x;
    }
}

There is also a function that creates the session.

	public function createUserSession($x){
		$getUser = mysql_query("
			SELECT *
			FROM supply_users
			WHERE supply_users.supply_user_username = '$x'
		") or die(mysql_error());
		while($row=mysql_fetch_assoc($getUser)){
			$name = $row['supply_user_name'];
			$email = $row['supply_user_email'];
			$username = $row['supply_user_username'];
		}
		$time = date("D, d M Y H:i:s");
		$userSession = new sessionUserInfo;
		$userSession->setUsername($username);
		$userSession->setTime($time);
		$userSession->setName($name);
		$userSession->setEmail($email);
		return $userSession;
	}

Other than these snippets theres not much else on the three files that should affect the script.

This post has been edited by gilsal: 24 May 2011 - 05:28 AM

[Dormilich]

what is the assignment code to $user ? there’s also no guarantee that the properties are set at all (e.g. if you have no result set).

besides that, the class could use some better design (why using setters when you have public properties?)

you can make the DB code populate the class itself:

// omitting the connection code …
// don’t fetch more than you need
$ps = $pdo->prepare("SELECT supply_user_name AS name, supply_user_email AS email, supply_user_username AS username FROM supply_users WHERE supply_users.supply_user_username = ?");
// safely submit
$ps->execute(array($x));
// create object
return $ps->fetch(PDO::FETCH_CLASS, "sessionUserInfo");

This post has been edited by Dormilich: 24 May 2011 - 05:38 AM

[CTphpnwb]

There is also no indication that you ever start a session!

[gilsal]

I thought this was what stored the session.

$_SESSION['user']=$user;

Or do you mean, which I do have but is the very first line of code.

session_start();

As for creating the object I did verify that the object $user had all of it's attributes in the login.

Also, I'm looking at Dormilich post of the DB populating the class itself and it seems interesting but I'm not fully understanding how it works. Sorry my knowledge in php is quite limited.

[CTphpnwb]

gilsal, on 24 May 2011 - 01:38 PM, said:

Or do you mean, which I do have but is the very first line of code.

session_start();

Is it the first line of code for each file? If you have two files: index.php and somefile.php where index.php starts a session and a link/form/etc. points to somefile.php, if you want somefile.php to recognize the session be sure it calls session_start() as well.

[gilsal]

Yup I learned that mistake a while back and have made session_start() the very first line of code in my projects that require a login or a session variable to be checked and or stored. There is however comments infront but I'm not sure if that would affect the code.

[codeprada]

gilsal, on 24 May 2011 - 01:38 PM, said:

I thought this was what stored the session.

$_SESSION['user']=$user;

Yes it's suppose to be but firstly what assigns a value to $user?

[Dormilich]

gilsal, on 24 May 2011 - 07:38 PM, said:

Also, I'm looking at Dormilich post of the DB populating the class itself and it seems interesting but I'm not fully understanding how it works. Sorry my knowledge in php is quite limited.

therefore I’ve made some tutorials:
http://www.dreaminco...duction-to-pdo/
http://www.dreaminco...tabase-results/

[gilsal]

Sorry I didn't realize I had omitted the assignment statement of $user.

$generateSession = new userAction;
// This will go through a function that will return an object.
$user = $generateSession->createUserSession($username);
$_SESSION['user']=$user;

[Dormilich]

what does var_dump() give you for the user class before/after setting/retrieving the data to/from the session?

[CTphpnwb]

gilsal, on 25 May 2011 - 08:38 AM, said:

Sorry I didn't realize I had omitted the assignment statement of $user.

Maybe now you're starting to see why handing out tiny snippets of your code is a long, slow way towards finding the solution. There's a wide gap between providing far too little information and far too much.You need to find that middle ground! Provide all the relevant code in one easy to read post. That exercise alone may point you towards your solution.

This post has been edited by CTphpnwb: 25 May 2011 - 05:56 AM

[gilsal]

This is outputted for the first page

object(sessionObject)#6 (4) { ["username"]=> string(6) "gilsal" ["time"]=> string(25) "Wed, 25 May 2011 09:00:43" ["name"]=> string(14) "Gil Salumbides" ["email"]=> string(33) "gsalumbides@gmail.com" }

This is from the second page

object(__PHP_Incomplete_Class)#2 (5) { ["__PHP_Incomplete_Class_Name"]=> string(13) "sessionObject" ["username"]=> string(6) "gilsal" ["time"]=> string(25) "Wed, 25 May 2011 09:00:43" ["name"]=> string(14) "Gil Salumbides" ["email"]=> string(33) "gsalumbides@gmail.com" }

And yes, I will try to locate all relevant files of my issues from now on so that a solution may be found quicker. I realize now how missing snippets of code can prolong the life of a possibly simple issue.

This post has been edited by gilsal: 25 May 2011 - 06:05 AM

[Dormilich]

gilsal, on 25 May 2011 - 03:04 PM, said:

object(__PHP_Incomplete_Class)#2 (5) // …

you need to load the class definition before deserialisation (i.e. starting the session).

This post has been edited by Dormilich: 25 May 2011 - 06:16 AM

[gilsal]

I found my issue. I didn't serialize my objects from point A and unserialze at point b. Adding those lines of code is correcting my mistakes. I do however still need to read up more on this process as I sort of know what it does unfortunately I do not know the intricacies of what happens during this process. Sorry for being difficult and thank you again for all your help.

[Dormilich]

most tutorials about making own session handlers (a.k.a. session_set_save_handler()) cover aspects of sessions as that is necessary to understand the code. also read through the comments of the session functions in the Manual.