can help me for this program - Linuxers

5 Sep 2003


      below is the method to create our custom session in php and mysql
but it gives an error to that start() is undefind in login.php
pl help me..
create database session;
create table sessions (
  id int(10) NOT NULL AUTO_INCREMENT,
  sess_key char(6) NOT NULL,
  val varchar(250) NOT NULL,
  ip varchar(35) NOT NULL,
  access int(25) NOT NULL,
  PRIMARY KEY(id)
);
sess.php
<?php
$host = "localhost";
$user = "user";
$pass = "pass";
$db = "db";
$dbc = mysql_connect($host,$user,$pass) or die("Cannot establish a 
connection to the database.");
mysql_select_db($db,$dbc);
class session {
    var $key;
    var $timeout;
}
// start() will initialize the session by generating the session key or ID
function start($timeout = "") {
    // create an array with all the letters of the alphabet
    $letters = range("a","z");
// declare the $key variable
    $key = "";
// generate our session's key formatted such as #a#aa#
    for($i = 0; $i < 6; $i++) {
        if(($i == 0) || ($i == 2) || ($i == 5))
            $key .= rand(0,9);
        if(($i == 1) || ($i == 3) || ($i == 4))
            $key .= $letters[rand(0,25)];
    }
// store the session's key in a method of the class
    $this->key = $key;
// perform a conditional to test if the user defined the timeout and if 
not store the default value.
    if($timeout == "")
        $this->timeout = 300; // five minutes
    else
        $this->timeout = $timeout;
return 0;
}
// this function will register a value to session. (only one value, see 
replace() to update the value)
function register($val) {
    // if key is not generated run start()
    if($this->key == "")
        $this->start();
$insert = mysql_query("INSERT INTO sessions (sess_key, val, ip, 
sec_expire, stamp_expire, access) VALUES ('" . $this->key. "', '" . 
addslashes($val) . "' , '" . $_SERVER["REMOTE_ADDR"] . "' , " . 
$this->timeout . "," . (time() + $this->timeout) . "," . time() .");");
// set the cookie that will store the session key
    setcookie("sess_key",$this->key,time()+3600);
}
function read() {
    // set $sess_val global - the variable of the session value.
    global $sess_val;
// if the cookie doesn't exisit send them back to the login screen.
    if(!$_COOKIE["sess_key"]) {
        header("Location: login.php");
        exit;
    }
// fetch the session key from the cookie.
    $this->key = $_COOKIE["sess_key"];
// fetch the session value
    $query = mysql_query("SELECT val FROM sessions WHERE sess_key = '" . 
$this->key . "'") or die("query failed - line 55");
if(mysql_num_rows($query) == 0) {
        header("Location: login.php");
        exit;
    }
$fetch = mysql_fetch_array($query);
// store the session value to $sess_val
    $sess_val = stripslashes($fetch["val"]);
// test if session has reached the expiration point
    $this->expire();
// this code will only run if expire() returned falsed - we update the 
last access point to now.
    $update = mysql_query("UPDATE sessions SET access = " . time() . " WHERE 
sess_key = '" . $this->key . "'") or die("query failed - line 70");
}
// this function will test if the user has been inactive for the defined 
timeout
function expire() {
    // fetch the last access and expirations from the database
    $query = mysql_query("SELECT access, sec_expire, stamp_expire FROM 
sessions WHERE sess_key = '" . $this->key . "'") or die("query failed - line 
78");
    $fetch = mysql_fetch_array($query);
$access = $fetch["access"];
    $expire = $fetch["sec_expire"];
    $timeout = $fetch["stamp_expire"];
// test if session is expired based on defined timeout
    if(($timeout - $access) <= ($expire - $expire)) {
        $this->destory();
        die("Your session has expired. Please re-login.");
    }
}
// this function will update the session value
function replace($val) {
    // fetch the user key from cookie
    $this->key = $_COOKIE["sess_key"];
// update the database with the new value
    $query = mysql_query("UPDATE sessions SET val = '" . $val . "' WHERE 
sess_key = '" . $this->key) or die("query failed - line 77");
}
// this function will kill the session
function destroy($key = "") {
    // fetch the user key from cookie
    $this->key = $_COOKIE["sess_key"];
// delete session from database
    $query = mysql_query("DELETE FROM sessions WHERE sess_key = '" . 
$this->key . "'") or die("query failed - line 86");
// remove cookie from the user's computer
    $delete = setcookie("sess_key" , $this->key, time()-3600);
if($query && $delete) {
        header("Location login.php");
        exit;
    }
}
login.php
<?php
include "sess.php";
if($login) {
    $sess = new session;
    $sess->start();
    $sess->register($username);
    header("Location: welcome.php");
}
?>
<html>
<head>
<title>login</title>
</head>
<body>
<form method="post" action="<?= $PHP_SELF; ?>">
Username: <input type="text" name="username"><br>
Password: <input type="password" name="password"><br>
<br>
<input type="submit" name="login" value="Login">
</body>
</html>
welcome.php
<?php
include "sess.php";
$sess = new session;
if($logout == "yes") {
    $sess->destroy();
    header("Location: login.php");
    exit;
}
$sess->read();
?>
<html>
<head>
<title>welcome</title>
</head>
<body>
Welcome, <?= $sess_val; ?><br>
<a href="<?= $PHP_SELF; ?>?logout=yes">Logout</a>
</body>
</html>
_________________________________________________________________
On the move? Need to access your mails? 
http://server1.msn.co.in/sp03/mobilesms/index.asp Hotmail is now on your 
mobile!