Posted by Gordon Burditt on 09/13/05 18:25

>My login.htm takes the value (a password) of a textfield and POSTS it
>to page2.php. This works correctly.
>
>The first thing Page2.php does is start a session, put the password in
>it, then open a MySQL database, and insert various values (which start
>off NULL) and then closes the connection. Following this, an HTML form
>is displayed and the user enters values. This form is POSTed to itself
>(no 'action') and the idea is that the php at the head of the page will
>run the SQL query again with the new values. Unfortunately, on
>reloading the page, my $_SESSION['pass'] variable has nothing in it.
>
>the relevant code looks like this ;
>
><?php
>session_start();
> $_SESSION['pass']=$_POST['pass']; //posted from login page

When the user clicks SUBMIT (on Page2, not the login page), the HTML
form doesn't have a $_POST['pass'] in it, so you wipe out the one from
the session.

>
>......
> $pass=$_SESSION['pass']; //turn it into var for MySQL
>query
>
>?>
>
>The first time I get to this page, via login page, it works correctly
>because the password is posted. When it rePOSTs to itself however, the
>$_SESSION['pass'] remains empty.

Seems like it doesn't REMAIN empty, your code empties it.

>Does the php need to be inside the
>form ?
>I have tried adding session_write_close() directly after writing
>$_SESSION['pass'], but to no avail.

Gordon L. Burditt

[Back to original message]