When I enter the user credentials on the page índex.php
when giving the start section, the information is validated in the file validación.php
in which the session is created and returns with the function echo "<script> window.location.replace('index.php') </script>";
to the initial page, which instead of showing the fields for user input should show the data of the active session but it does not, it is as if when returning from the file validación.php
the session was closed.
Note: I know that the validation in the database with the entered credentials are correct and in fact when executing echo "secion activa ". $_SESSION['usuario'];
it shows that the user who has started said session, but when returning to the index it seems that the session is not kept active.
index.php
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Insercion de registros</title>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css">
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.2/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<body>
<?php
require 'validation.php';
?>
<nav class="navbar navbar-default">
<div class="container">
<ul class="nav navbar-nav">
<li class="active"><a href="index.php">Inicio <span class="sr-only">(current)</span></a></li>
<li class=""><a href="index.php">Clientes <span class="sr-only">(current)</span></a></li>
</ul>
<form action="validation.php" method="post">
<?php
if (isset($_SESSION['usuario'])) { ?>
<br>
<div class="form-group text-right">
<?php echo $_SESSION['usuario']; ?>
<a href="cerrar_sesion.php" class="btn btn-danger btn-xs">Cerrar sesión</a>
</div>
<?php } else {
?>
<div class=" form-group text-right">
<div class="form-group"></div>
<form action="">
<input type="text" name="usuario" value="" PLACEHOLDER="Usuario">
<input type="password" name="password" PLACEHOLDER="Contraseña">
<button type="submit" name="enviar" class="btn btn-primary btn-xs">Ingresar</button>
<a href="#" class="btn btn-default btn-xs">Registrarse</a>
</form>
</div>
<?php } ?>
</form>
</div>
</nav>
<div class="container">
<div class="row">
<div class="col-lg-8">
<h3>Elija el típo de cliente</h3>
<select class="form-control" name="razon_social" id="option_tipo">
<option value="n/a">Seleccione una opción</option>
<option value="natural">Natural</option>
<option value="juridico">juridico</option>
</select>
<br>
<div id="formulario">
<div class="alert alert-warning">Por favor el tipo de solicitud que deséa registrar!</div>
</div>
</div>
</div>
</div>
<script type="text/javascript" src="scripts.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js"></script>
</body>
</html>
validation.php
<?php
require 'conexion.php';
if (isset($_POST['enviar'])) {
$usuario = htmlentities(addslashes($_POST['usuario']));
$password = htmlentities(addslashes($_POST['password']));
if (!$usuario == null && !$password == null) {
$go = new validation();
$go->validate($usuario, $password);
} else {
echo "<script>alert ('Verifique los datos');</script>";
echo "<script> window.location.replace('index.php') </script>";
}
}
class validation
{
private $connection;
public function __construct()
{
$con = new conexion();
$this->connection = $con->getConnection();
}
public function validate($user, $pass)
{
try {
$statement = $this->connection->prepare("select * from login where usuario=:usuario and password=:password");
$statement->execute(array(':usuario' => $user, ':password' => $pass));
if ($statement->rowCount() != 0) {
session_start();
$_SESSION['usuario'] = $user;
echo "secion activa ". $_SESSION['usuario'];
//echo "<script> window.location.replace('index.php') </script>";
} else {
echo "<script>alert ('El usuario no existe');</script>";
echo "<script> window.location.replace('index.php') </script>";
}
} catch (Exception $e) {
echo "Error al ejecutar la consulta" . $e->getMessage();
}
}
}
Mistakes
1.-
session_start()
must be called before sending anything else to the browser, butvalidation.php
you are including the file after<body>
and you have already sent things to the browser (all of theHTML
above).2.- You execute
session_start
only when the data sent by is validPOST
, that is, the session is never recovered since it was never initialized again.Solutions
1.- You should move the
<?php require 'validation.php'; ?>
before<!DOCTYPE html>
index.php
2.-
session_start
Create a temporary file ( depends on the lifetime indicated ) on the server, which is counterproductive if you have too many visits. One way to log in only when a user has been validated is to usesession_name
.validation.php
Try as the friend Omar Miranda says, place it at the beginning of the file
index.php
Declare
session_start()
it in the index so that it remains active, and don't forget to put it in the entire system's navigation.