How to use Jquery ajax to set $_SESSION?

I am trying to create a simple log in system that uses ajax but the problem I am having it wont set the $_SESSION.

login.js:

 $('#bt-login').click(function(){
        var login = $('#login').serialize();
        $.ajax({
            type: "POST",
            url: 'widgets/Login/loginFunction.php',
            data: login,
            cache: false,
            success: function(msg){alert(msg)}
        });
});

loginFunction.php:

 <?php
     include_once '../../dbConfig.php';
     include_once '../../config.php';

     session_start();

      $usr = mysql_escape_string($_POST['username']);
      $pass = mysql_escape_string($_POST['password']);
      $remember = intval($_POST['rememberMe']);

      $row = mysql_fetch_assoc(mysql_query("SELECT usr, id FROM members WHERE usr='".$usr."' AND pass='".md5($pass)."'"));

      if($row['usr']){
          $_SESSION['usr'] = $row['usr'];
          $_SESSION['id'] = $row['id'];
          $_SESSION['rememberMe'] = $remember;
          setcookie('DirtPileGames',$remember);
      }

 ?>

Now for some reason loginFunction.php is not setting the $_SESSION. I do a refresh and $_SESSION is blank.

Does anyone have any ideas why this wont work.

Answers


Don't know the specific problem, because the session should be valid assuming you're not accidentally calling session_destroy() somewhere. Some advice for debugging - make sure the session_id() matches on the pages; if it doesn't something funny is going on. Could try explicitly calling session_write_close(). In addition set something in $_SESSION for the error case (when the user doesn't exist) to make sure its not a simple logic error. Also, don't use an md5 pretty please. Use some variant of sha, and salt it.

Edit: you mention session_name()

This call fixes the name of the session so you can refer to it on other pages. If you do a session_start() on another page without naming the session identically, it will spawn a new session with a new id.

Note from the php documentation: The session name is reset to the default value stored in session.name at request startup time. Thus, you need to call session_name() for every request (and before session_start() or session_register() are called).


Make sure you call session_start() every time you want to access or set session variables. It will be blank when you refresh a page unless you first call session_start().


Sessions are dependent on cookies, try an leave out the

setcookie('DirtPileGames',$remember);

See if this clears up the issue, a lot of problems depend on your php stack.


Need Your Help

Sqlite, How to check if a row contains either string

android string sqlite row

Using the code below i can check if a row contains a single string ( String a) but how would i check if a row equals either string (String a or b)?

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.