session doesn't work properly

Question

i having problem with sessions in localhost, the problem is the session doesn't work actually when it redirects to new post page it response's as you should login first

Login code

<?php
include '../Class/db.class.php';
include '../Class/validation.class.php';
@session_start();
if(!$_SESSION['user']){
    $link=$_GET['dir'];
    if($link){
echo <<<EOF
<html> <head><title>ورود</title></head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<form method='post' action='index.php?dir=$link'>
  Username: <input type='text' name='user'><br />
 password<input type='password' name='pass'><br />
  <input type='hidden' name='hidd' value=1>
    <input type='submit' value='login'><br />
</form>
EOF;
    }
 else {
    echo <<<EOF
<html> <head><title>login</title></head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<form method='post' action='index.php'>
   username: <input type='text' name='user'><br />
 password: <input type='password' name='pass'><br />
  <input type='hidden' name='hidd' value=1>
    <input type='submit' value='login'><br />
</form>
EOF;
    }
}
$db=new db("localhost", "root", "", "blog");
$con=$db->connect();
$logout=$_GET['logout'];
$user=$_POST['user'];
$pass=$_POST['pass'];
$hidden=$_POST['hidd'];
if($hidden){
if(!$user){
    echo "username field can't left blank";
}
 elseif (!$pass) {
    echo 'password field can't left blank!';

}
else{
    $userres=$db->usersearch($user, $pass);

    if($userres==FALSE){
        echo 'username or password is wrong';
    }
 else {
       $_SESSION['user']=$user;

    }
}
}
if($_SESSION['user']){
  $link=$_GET['dir'];


echo "you logged in ".$_SESSION['user']; 
if($link=="new")
    echo  '<meta http-equiv="REFRESH" content="0;url=../admin/post/new.php">';

}

if($logout)
    session_destroy();
if($_SESSION['user'])
echo '<br /><a href="?logout=1">logout</a>';

?>

new post code

<?php
@session_start();

if($_SESSION['user']=="admin"){
   include '../../Class/db.class.php';
echo <<<EOF
<form method=post action="new.php">
 <br />   subject:
    <br />
    <input type="text" name="title"><br />
   post:<br />

   <textarea cols=50 rows=10 name="post"></textarea><br />
    <input type="submit" value="send">

EOF;
$title=$_POST['title'];
$post=$_POST['post'];
$db=new db("localhost", "root", "", "blog");
$db->connect();
if($title && $post){

   $d=$db->post_insert($title, $title, 1);
    if($d==TRUE)
            echo "post created";
    else
        echo "an error occurred while sending the post";




}

$dd=$db->read(0, 20);
for($i=0;$i<20;$i++){
   echo $dd['content'][$i]."<br />";
}

}
else
{
    echo "you should login first";
    echo $_SESSION['user'];
}
/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
?>

please help me!

Answer 1

I found others answers but don't solved my problem.

I have a login page.. it's Works well.

Now I want that user choice your location in index.html.. then the next page the ads will show only images comes from your location.

It's ok but when users visit others links and come back do main page, session has destroyed

I use:

INDEX.HTML

<form ... ok>
<input name="state">
<input type="submit">
</form>


MAINPAGE.PHP

<?php 
session_start();
$_SESSION['local'] = $_POST['estado'];
$_SESSION['local'];
 ?>
 <!--here is ok-->

 OTHER PAGE
 <?php 
session_start();
$_SESSION['local'];
 ?>
 <!--here is ok too.. session keeps alive but when I back with a menu link session is ended -->

Answer 2

The fact you're suppressing error output from session_start() with the @ symbol suggests that session_start is reporting errors that you're ignoring.

If it's reporting errors, you should look at the error it's generating to determine what's wrong.

Usually, session_start fails due to headers having already been sent. This happens if your script outputs any text before session_start is called. Once headers have been sent, the session cannot be started as it depends on sending headers.

The fix for this is to make sure that session_start is the first thing to happen in your script. As session_start happens as the first thing after your includes, then this means there's either whitespace at the start of your script, or whitespace or statements that generate output in the scripts you include. You need to check the included files and fix any white space (anything that's outside of the PHP tags) and check that they don't output anything until the session_start occurs.

On a side note, never use @ for error suppression. It's the coding equivalent of sweeping potentially serious problems that need to be addressed under the carpet.