|
Subject:
|
access level
|
|
Posted By:
|
taoufik
|
Post Date:
|
11/11/2004 6:27:12 AM
|
hi there ... can somebody please help me with this problem :
i'm trying to hide some links from unauthorized users by wraping this code around the links :
<?php if ($_Session["MM_UserGroup"]=="1") { ?>
<td height="22"><span class="style7"><a href="edit.htm">Edit Users </a></span></td>
</tr>
<tr>
<td height="21"> </td>
<td height="21"><a href="addnew.htm"><span class="style7">Add New Users </span></a></td>
</tr>
<tr>
<td height="19"> </td>
<td height="19"><span class="style7"><a href="logs.htm">Logs</a> </span></td>
<?php } ?>
i get this error :
Notice: Undefined variable: _Session in c:\inetpub\wwwroot\main.php on line 70
|
|
Reply By:
|
Snib
|
Reply Date:
|
11/11/2004 10:51:12 AM
|
Use $_SESSION not $_Session. Case matters in PHP.
$variable = 'hi';
$Variable = 'hello';
if($variable == $Variable)echo '$variable is $Variable';
else echo '$variable and $Variable are different';
$_SESSION is a superglobal, defined in advanced the PHP preprocessor. $_Session is nothing.
-Snib
Where will you be in 100 years?
Try new FreshView 0.2!
|
|
Reply By:
|
taoufik
|
Reply Date:
|
11/12/2004 6:39:12 AM
|
i still gate the same :
Notice: Undefined variable: _SESSION in c:\inetpub\wwwroot\main.php on line 26
|
|
Reply By:
|
richard.york
|
Reply Date:
|
11/12/2004 7:31:25 AM
|
What version of PHP are you using?
Regards,
Rich
--
[http://www.smilingsouls.net]
Mail_IMAP: A PHP/C-Client/PEAR solution for webmail
Author: Beginning CSS: Cascading Style Sheets For Web Design
|
|
Reply By:
|
taoufik
|
Reply Date:
|
11/12/2004 7:36:02 AM
|
i'm using php version 4.3.5
|
|
Reply By:
|
richard.york
|
Reply Date:
|
11/12/2004 7:42:46 AM
|
Can you post the relevant snip of php.ini related to sessions. php.ini is located in the systemroot directory, for instance, C:\Windows\php.ini.
Locate the session directives and post that portion of the file here.
Regards,
Rich
--
[http://www.smilingsouls.net]
Mail_IMAP: A PHP/C-Client/PEAR solution for webmail
Author: Beginning CSS: Cascading Style Sheets For Web Design
|
|
Reply By:
|
taoufik
|
Reply Date:
|
11/12/2004 8:31:49 AM
|
this is what i can find in the php.ini :
[Session]
; Handler used to store/retrieve data.
session.save_handler = files
; Argument passed to save_handler. In the case of files, this is the path
; where data files are stored. Note: Windows users have to change this
; variable in order to use PHP's session functions.
; As of PHP 4.0.1, you can define the path as:
; session.save_path = "N;/path"
; where N is an integer. Instead of storing all the session files in
; /path, what this will do is use subdirectories N-levels deep, and
; store the session data in those directories. This is useful if you
; or your OS have problems with lots of files in one directory, and is
; a more efficient layout for servers that handle lots of sessions.
; NOTE 1: PHP will not create this directory structure automatically.
; You can use the script in the ext/session dir for that purpose.
; NOTE 2: See the section on garbage collection below if you choose to
; use subdirectories for session storage
session.save_path = C:\PHP\sessiondata ; argument passed to save_handler
; Whether to use cookies.
session.use_cookies = 1
; This option enables administrators to make their users invulnerable to
; attacks which involve passing session ids in URLs; defaults to 0.
; session.use_only_cookies = 1
; Name of the session (used as cookie name).
session.name = PHPSESSID
; Initialize session on request startup.
session.auto_start = 0
; Lifetime in seconds of cookie or, if 0, until browser is restarted.
session.cookie_lifetime = 0
; The path for which the cookie is valid.
session.cookie_path = /
; The domain for which the cookie is valid.
session.cookie_domain =
; Handler used to serialize data. php is the standard serializer of PHP.
session.serialize_handler = php
; Define the probability that the 'garbage collection' process is started
; on every session initialization.
; The probability is calculated by using gc_probability/gc_divisor,
; e.g. 1/100 means there is a 1% chance that the GC process starts
; on each request.
session.gc_probability = 1
session.gc_divisor = 100
; After this number of seconds, stored data will be seen as 'garbage' and
; cleaned up by the garbage collection process.
session.gc_maxlifetime = 1440
; NOTE: If you are using the subdirectory option for storing session files
; (see session.save_path above), then garbage collection does *not*
; happen automatically. You will need to do your own garbage
; collection through a shell script, cron entry, or some other method.
; For example, the following script would is the equivalent of
; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
; cd /path/to/sessions; find -cmin +24 | xargs rm
; PHP 4.2 and less have an undocumented feature/bug that allows you to
; to initialize a session variable in the global scope, albeit register_globals
; is disabled. PHP 4.3 and later will warn you, if this feature is used.
; You can disable the feature and the warning seperately. At this time,
; the warning is only displayed, if bug_compat_42 is enabled.
session.bug_compat_42 = 1
session.bug_compat_warn = 1
; Check HTTP Referer to invalidate externally stored URLs containing ids.
; HTTP_REFERER has to contain this substring for the session to be
; considered as valid.
session.referer_check =
; How many bytes to read from the file.
session.entropy_length = 0
; Specified here to create the session id.
session.entropy_file =
;session.entropy_length = 16
;session.entropy_file = /dev/urandom
; Set to {nocache,private,public,} to determine HTTP caching aspects
; or leave this empty to avoid sending anti-caching headers.
session.cache_limiter = nocache
; Document expires after n minutes.
session.cache_expire = 180
; trans sid support is disabled by default.
; Use of trans sid may risk your users security.
; Use this option with caution.
; - User may send URL contains active session ID
; to other person via. email/irc/etc.
; - URL that contains active session ID may be stored
; in publically accessible computer.
; - User may access your site with the same session ID
; always using URL stored in browser's history or bookmarks.
session.use_trans_sid = 0
; The URL rewriter will look for URLs in a defined set of HTML tags.
; form/fieldset are special; if you include them here, the rewriter will
; add a hidden <input> field with the info which is otherwise appended
; to URLs. If you want XHTML conformity, remove the form entry.
; Note that all valid entries require a "=", even if no value follows.
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldse
|
|
Reply By:
|
richard.york
|
Reply Date:
|
11/12/2004 9:43:24 AM
|
Everything looks good in there to me, so sessions appear to be properly configured.
Do something like this on the page using session data and tell me what happens.
<?php
session_start();
// After calling session_start() output the contents of the
// session variable.
echo "<pre>";
var_dump($_SESSION);
echo "</pre>";
?>
You may have also forgotten to call session_start() at the beginning of the script, which might also cause the problem you're describing.
Regards,
Rich
--
[http://www.smilingsouls.net]
Mail_IMAP: A PHP/C-Client/PEAR solution for webmail
Author: Beginning CSS: Cascading Style Sheets For Web Design
|
|
Reply By:
|
taoufik
|
Reply Date:
|
11/15/2004 3:29:56 AM
|
i still get the same error ... saying undefined variable
|
