php - isset(SESSION['user']) not working -

php - isset(SESSION['user']) not working -

i have php script cannot observe if session variable exists. have been looking around stack overflow while , haven't found solves problem. here code:

<?php session_start(); if(isset($_session['user'])){ ?> <html> <head> </head> <body> exists </body> </html> <?php } else{ ?> <html> <head> </head> <body> nope </body> </html> <?php } } else{ ?> <html> <head> </head> <body> doesn't </body> </html> <?php } ?>

here code setting session:

<?php session_start(); $dsn = 'mysql:host=localhost;dbname=noterate'; $usernameforsql = '*******'; $passwordforsql = '*********'; $db = new pdo($dsn, $usernameforsql, $passwordforsql); function checklogin($usrn, $pswd, $database){ $query = "select * accounts username='$usrn' , userpassword='$pswd'"; $statement = $database->prepare($query); $statement->execute(); if($statement->rowcount() > 0){ homecoming true; } else{ homecoming false; } } if(isset($_post['username']) && isset($_post['password'])){ $username = $_post['username']; $password = $_post['password']; if(checklogin($username, $password, $db, 'accounts')){ $_session['user'] = $username; ?>

see post how handle passwords... uses mysqli should able see how work pdo. http://stackoverflow.com/a/26321573/623952

insert passwords this:

$password_to_insert_into_db = password_hash($plaintext_password, password_bcrypt);

i changed variable names , things. b/c easier me.

<?php session_start(); // testing... $_post['username'] = 'noterate'; $_post['password'] = 'noteratee'; // ----------------------------------- $dsn = 'mysql:host=localhost;dbname=test'; $usernameforsql = 'root'; $passwordforsql = ''; $db = new pdo($dsn, $usernameforsql, $passwordforsql); $user = isset($_post['username']) ? $_post['username'] : ''; $pass = isset($_post['password']) ? $_post['password'] : ''; if (!empty($user) && !empty($pass)) { if (checklogin($user, $pass, $db)) { $_session['user'] = $user; } else echo "error: user not validated<br/>"; } function checklogin($user, $pass, $db) { $query = "select * user username = ? "; $stmt = $db->prepare($query); $stmt->execute(array($user)); $result = $stmt->fetch(pdo::fetch_assoc); if ($result) { if (password_verify($pass, $result['password'])) { $_session['user'] = $user; homecoming true; } // else... password doesn't match } // else... username doesn't exist homecoming false; } /* mysql> describe user; +----------+-------------+------+-----+---------+----------------+ | field | type | null | key | default | | +----------+-------------+------+-----+---------+----------------+ | userid | int(11) | no | pri | null | auto_increment | | username | varchar(60) | yes | uni | null | | | password | varchar(60) | yes | | null | | +----------+-------------+------+-----+---------+----------------+ 3 rows in set (0.02 sec) mysql> select * user; +--------+-------------+--------------------------------------------------------------+ | userid | username | password | +--------+-------------+--------------------------------------------------------------+ | 1 | my_username | $2y$10$fc48jba0dq5dbb8mmxjvqumph1brb/4zbzkifovic9/tqon7ui59e | | 2 | stuff | $2y$10$o3s39w.9hqeuup0j7o9qv.nymsfmfbsa6sznzi2gnoo4zol69w/mm | | 17 | new_user | $2y$10$lifiun2q0uzb9wtmc/kucuw7driqkpzhipiiwqpskanspxqqbxzgu | | 18 | noterate | $2y$10$yeshg2x4rjparviztutm4ues27e.gr7g05t7ajno2j0aogmxadbq2 | +--------+-------------+--------------------------------------------------------------+ 4 rows in set (0.00 sec) */ ?> <?php session_start(); var_dump($_session); if (isset($_session['user'])) { ?> <div>it exists</div> <?php } else { ?> <div>nope</div> <?php } ?>

php