I wrote a whole new script to store my sessions in the database and everything seems to be working. For some reason whenever I open a page the session variables are gone.
I'm assuming this has something to do with me using session_start(); at the top of the page while I use session_start($session_id); on my script to start the session. Does this reset the session_id?
This is the main php script that sets the variables/sessions
<?php
session_start();
include($_SERVER['DOCUMENT_ROOT']. '/../db_connect.php');
if (!Isset($_SESSION['crecketgaming_usergroup'])){
$_SESSION['crecketgaming_usergroup'] = "Guest";
}
try {
$conn = new PDO("mysql:host=$servername:3307;dbname=$dbname", $username, $password);
}catch(PDOException $e){
echo "Connection failed: " . $e->getMessage();
}
onLoad($conn);
function onLoad($conn){
$session_id = "";
if(isset($_COOKIE['Crecketgaming_sessionid'])){
$time = time();
$session_id = $_COOKIE['Crecketgaming_sessionid'];
$addrip = $_SERVER['REMOTE_ADDR'];
$sql = "SELECT * FROM sessions WHERE session_id = :sessionid AND ip = :addrip";
$sth = $conn->prepare($sql);
$sth->bindParam(':sessionid', $session_id, PDO::PARAM_STR);
$sth->bindParam(':addrip', $addrip, PDO::PARAM_STR);
if($sth->execute()){
}else{
echo "error";
}
$rowcount = $sth->rowCount();
$row = $sth->fetch();
$userid = $row['user_id'];
//echo $row['user_id'];
if ($rowcount > 0) {
} else {
$session_id = storeUID($conn);
}
} else {
$session_id = storeUID($conn);
}
if($session_id !== "") {
if($userid === NULL){
}else{
//echo $userid;
setSessionDetails($conn, $userid);
}
}
}
function storeUID($conn){
$addrip = $_SERVER['REMOTE_ADDR'];
$session_id = createUID(100);
$time = time();
if(setcookie("Crecketgaming_sessionid", $session_id, mktime(). time()+60*60*24*30)){
$agent = $_SERVER['HTTP_USER_AGENT'];
$ip = $ip = $_SERVER['REMOTE_ADDR'];
$sql = "INSERT INTO sessions (session_id, ip, time) VALUES (:sessionid, :addrip, :time)";
$sth = $conn->prepare($sql);
$sth->bindParam(':sessionid', $session_id, PDO::PARAM_STR);
$sth->bindParam(':addrip', $addrip, PDO::PARAM_STR);
$sth->bindParam(':time', $time, PDO::PARAM_INT);
$sth->execute();
}
return $session_id;
session_start($session_id);
}
function createUID($length) {
$chars = "abcdefghijkmnopqrstuvwxyz0123456789";
srand((double)microtime()*1000000);
$i = 0;
$pass = '' ;
while ($i < $length) {
$num = rand() % 33;
$tmp = substr($chars, $num, 1);
$pass = $pass . $tmp;
$i++;
}
return $pass;
}
function setSessionDetails($conn, $userid) {
session_start($session_id);
session_id($session_id);
$sql = "SELECT * FROM users WHERE user_ID = :user_ID";
$sth = $conn->prepare($sql);
$sth->bindParam(':user_ID', $userid);
$sth->execute();
$row = $sth->fetch();
$_SESSION['crecketgaming_usergroup'] = $row['Usergroup'];
$_SESSION['crecketgaming_username'] = $row['Username'];
$_SESSION['crecketgaming_userid'] = $row['user_ID'];
}
?>
And at the top of my index page for instance this is my only php code:
<?php
session_start();
include($_SERVER['DOCUMENT_ROOT']. '/../db_connect.php');
include($_SERVER['DOCUMENT_ROOT']. '/includes/page_load.php');
include($_SERVER['DOCUMENT_ROOT']. '/includes/check_session.php');
?>
This is called at the top of the page. db_connect contains my connection details to the server, page_load counts the amount of times a ip address refreshes the page and check_session is the file that was shown above.
I checked and if I put
echo $_SESSION['crecketgaming_userid']; //outputs "1"
echo $_SESSION['crecketgaming_usename ']; //outputs "crecket"
exit;
At the bottom of check_session.php it shows id 1 for example. But on the index page or any page for that matter they are all empty as if no one is logged in.
So my question is does session_start(); remove previous sessions the way I do it. I read that it starts or resumes a session but I never saw anything about session ids.
I'm kind of new to php so if anyone sees something to improve upon anywhere please tell me.
