PHP session ends when submit button is clicked

Question

I want to make profile upload image for users so they can upload their own avatars on their profile...So the issue here is whenever i click the upload button session gets destroyed.

Here is the form:

if(isset($_SESSION['profileimgID'])){
echo "<form action='upload.php' method='POST' enctype='multipart/form-data'>
<input type='file' name='file'>             
<button type='submit' name='uploadimgsubmt' class='button1'>upload</button></form>";
}
?>

partial code of upload.php file:

<?php
session_start();
include_once 'includes/dbh.inc.php';

$id = $_SESSION['profileimgID'];
if(isset($_POST['uploadimgsubmt'])){

**code code code**

if($fileError === 0){
if($filesize < 1000000){
$fileNameNew = "profile".$id.".".$fileActualExt;
$fileDestination = 'uploads/'.$fileNameNew;
move_uploaded_file($filetmpname, $fileDestination);
$sql = "UPDATE profileimg SET STATUS=0 WHERE userid='$id';";
$result = mysqli_query($conn, $sql);    
header("Location: index.php?upload=success");
}
}

**code code code**

Code if user is successfully logged in, inside loginCheck.php:

session_start();
$_SESSION['userID'] = $row['idusers'];
$_SESSION['username'] = $row['uidusers'];                         
$cmpor = $row['idusers'];
$sql = "SELECT * FROM profileimg WHERE id";
$result = mysqli_query($conn, $sql);
while($row = mysqli_fetch_assoc($result)){
if($row['id'] == $cmpor){   
$_SESSION['profileimgID'] = $row['id'];
}
}
header("Location: ../index.php?login=success");
exit();
}

And the last code section that is related to the problem is located to index.php:

<?php
session_start();
include_once 'includes/dbh.inc.php';
?>
**code code**
<?php
if(isset($_SESSION['profileimgID'])){
echo 'Show this content';
}else{
echo 'Show this content';
}
?>
**code code**

If i remove the 'profileimgID' to nothing ('') everything works fine but isset method doesnt hide-show the content. If i keep it as it's isset method works fine but upload button destroys the session and user is logged out.

print_r($_SESSION) results in both index.php and upload.php if user is successfully logged in: for user #2

Array ( [userID] => 2 [username] => popa [profileimgID] => 2 ) 

I checked the console for requests , when i click the upload button i get this message:

Form contains a file input, 
but is missing method=POST and 
enctype=multipart/form-data on the form. 
The file will not be sent.

This part (isset($_SESSION['profileimgID'])) is interfering somehow with this process. When i remove it, session is maintained and it works fine upload works too.

UPDATE: this is what i get when i click the upload-button: https://i.stack.imgur.com/So7OD.png

this is i guess the right one ?: https://i.stack.imgur.com/HcBqz.png

Im new to php so... sorry for my mistakes.

Answer 1

Exactly how are you maintaining the session-identifier now? "Sessions" rely upon a "session-id" being somehow sent from the client to the host with each exchange: normally, this is done using a cookie, but it could be done using a GET parameter (eg &sessionid=XXXX ) It sounds to me like this information isn't being sent: the session hasn't been "destroyed," actually, but you can't find it.

Probably the fastest way to solve this is to use the network debugging features of your browser: look at the complete packet of data that's being sent, including the HTML headers (which is where cookies will be). First, look at "normal" exchanges. Then, look at the one that happens when you click that button. "Cookies" will be sent every time since they live in the header. But, if you're actually using a GET parameter to send the session-info, you'll have to do it.

Answer 2

Found the problem it seems like i didnt close the form on the index isset condition where logout form was located, my bad because i didnt show u guys the code :D so the problem was </form> ... pff sorry

Lesson of the day , guys always close ur </...> :)