losing session variable after Form submit

Forum|Forum|14 years ago
March 30, 2012
1 reply
6059 views

My website's login and data retrieval features were working fine until I added a Form. Upon submit, it calls a php to send the form contents to me in an email (code I copied-pasted from HELP somewhere). After that, the website thinks the user isn't logged in anymore. I'm using the session variable MM_Username for login validation, so it must be getting lost in the Submit process. How do I keep hold of MM_Username?

I appreciate any help you can offer

Server side applications

This topic has been closed for replies.

B

bregent

Participating Frequently

We would obviously need to see the code to troubleshoot. Are you sure the script is not calling session_destroy()?

S

SBubbersAuthor

Participating Frequently

Dear bregent, thank you for taking the time to help. The entire code from the php that is called upon submission of my form is below. I believe that MM_Username is intact upon entry to this code (I did an echo the best I know how, and the user's email (what I'm using as the username) displayed quickly). But, upon calling discangl_classlist_confirm.php, the user name is no longer showing-up (and it did on the previous page, so I know that echo coding is correct). I took-out the behavior to validate the user, so after I/we figure-out the MM_Username thing, I will put that back in.

<?php require_once('Connections/dastudents.php'); ?>
<?php
//initialize the session
if (!isset($_SESSION)) {
session_start();
}
?>

<?php

//--------------------------Set these paramaters--------------------------

// Subject of email sent to you.
$subject = 'Class Completion Information';

// Your email address. This is where the form information will be sent.
$emailadd = 'instructor@centerATLAS.org';

// Where to redirect after form is processed.
$url = 'http://www.centerATLAS.org/discangl_classlist_confirm.php';

// Makes all fields required. If set to '1' no field can be empty. If set to '0' any or all fields can be empty.
$req = '0';

// --------------------------Do not edit below this line--------------------------
$text = "Results from form:\n\n";
$space = ' ';
$line = '
';
foreach ($_POST as $key => $value)
{
if ($req == '1')
{
if ($value == '')
{echo "$key is empty. Please hit browser BACK button and complete the form.";die;}
}
$j = strlen($key);
if ($j >= 30)
{echo "Name of form element $key cannot be longer than 30 characters";die;}
$j = 30 - $j;
for ($i = 1; $i <= $j; $i++)
{$space .= ' ';}
$value = str_replace('\n', "$line", $value);
$conc = "{$key}:$space{$value}$line";
$text .= $conc;
$space = ' ';
}
mail($emailadd, $subject, $text, 'From: '.$emailadd.'');
echo '<META HTTP-EQUIV=Refresh CONTENT="0; URL='.$url.'">';

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>send class completion information in an email</title>
</head>

S

SBubbersAuthor

Participating Frequently

And, in case there's something that works only under certain conditions in the next file, here's the php at the top of discangl_classlist_confirm.php

<?php require_once('Connections/dastudents.php'); ?>
<?php
//initialize the session
if (!isset($_SESSION)) {
session_start();
}

// ** Logout the current user. **
$logoutAction = $_SERVER['PHP_SELF']."?doLogout=true";
if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){
$logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){
//to fully log out a visitor we need to clear the session varialbles
$_SESSION['MM_Username'] = NULL;
$_SESSION['MM_UserGroup'] = NULL;
$_SESSION['PrevUrl'] = NULL;
unset($_SESSION['MM_Username']);
unset($_SESSION['MM_UserGroup']);
unset($_SESSION['PrevUrl']);

$logoutGoTo = "catechism.html";
if ($logoutGoTo) {
    header("Location: $logoutGoTo");
    exit;
}
}
?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
}
return $theValue;
}
}

$colname_studentclassdata = "-1";
if (isset($_SESSION['MM_Username'])) {
$colname_studentclassdata = $_SESSION['MM_Username'];
}
mysql_select_db($database_dastudents, $dastudents);
$query_studentclassdata = sprintf("SELECT firstname, lastname, emailaddress, dateregistered, class1date, class2date, class3date, class4date, class5date, class6date, class7date, class8date, class9date, class10date, class11date, class12date, class13date, class14date, class15date FROM dastudents WHERE emailaddress = %s", GetSQLValueString($colname_studentclassdata, "text"));
$studentclassdata = mysql_query($query_studentclassdata, $dastudents) or die(mysql_error());
$row_studentclassdata = mysql_fetch_assoc($studentclassdata);
$totalRows_studentclassdata = mysql_num_rows($studentclassdata);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded