Newly created session vars not persistent
I have an event management system where there are super admins (only one for now - me) and event admins. The event they can manage is in the same table as the login information. On the login page as a part of the login I get the event info and save them. The problem is the event for Super Admins is "NONE" SO on the page the login jumps to (admin.php) I set a new session variable for that event name passing it to that page using a URL var (GET). The problem is my new session variable does not persist and I know it is something I am doing wrong. I am sure this is a simple fix but I have tried EVERYTHING I can. Do I need to add the session variables by calling some function within the authentication.php???
LOGIN.PHP snippet showing passing posted event name through the URL to the admin.php page:
<?php require_once('/removed/Connections/conWEBPRO.php'); ?>
<?php require_once('/removed/webassist/mysqli/authentication.php'); ?>
<?php require_once('/removed/webassist/mysqli/rsobj.php'); ?>
<?php @session_start(); ?>
<?php
$rsWN = new WA_MySQLi_RS("rsWN",$conWEBPRO,0);
$rsWN->setQuery("SELECT wed_name, wed_key FROM security WHERE wed_name <> 'None' GROUP BY wed_name, wed_key");
$rsWN->execute();
?>
<?php
$Authenticate = new WA_MySQLi_Auth($conWEBPRO);
$Authenticate->Action = "authenticate";
$Authenticate->Trigger = ((((isset($_POST["attempt"]))?$_POST["attempt"]:"") != ""));
$Authenticate->Name = "username";
$Authenticate->Table = "security";
$Authenticate->addFilter("username", "=", "s", "".((isset($_POST["un"]))?$_POST["un"]:"") ."");
$Authenticate->addFilter("password", "=", "s", "".((isset($_POST["pw"]))?$_POST["pw"]:"") ."");
$Authenticate->storeResult("idx", "widx");
$Authenticate->storeResult("adm_lvl", "alvl");
$Authenticate->storeResult("admlvl", "lvl");
$Authenticate->storeResult("username", "unm");
$Authenticate->storeResult("wed_name", "wnm");
$Authenticate->storeResult("wed_key", "wky");
$Authenticate->RememberMe = (true);
$Authenticate->SaveLogin = (true);
$Authenticate->AutoReturn = false;
$SuccessRedirect = "admin.php?awn=".$_POST['wnm'];
$FailedRedirect = "failure.php";
if (function_exists("rel2abs")) $SuccessRedirect = $SuccessRedirect?rel2abs($SuccessRedirect,dirname(__FILE__)):"";
if (function_exists("rel2abs")) $FailedRedirect = $FailedRedirect?rel2abs($FailedRedirect,dirname(__FILE__)):"";
$Authenticate->SuccessRedirect = $SuccessRedirect;
$Authenticate->FailRedirect = $FailedRedirect;
$Authenticate->execute();
?>
ADMIN.PHP snippet (the wedname and wedkey session variables are not persistent):
<?php require_once('/removed/Connections/conWEBPRO.php'); ?>
<?php require_once('/removed/webassist/mysqli/authentication.php'); ?>
<?php require_once('/removed/webassist/mysqli/rsobj.php'); ?>
<?php @session_start(); ?>
<?php
if (true) {
$RestrictAccess = new WA_MySQLi_Auth();
$RestrictAccess->Action = "restrict";
$RestrictAccess->Name = "username";
$RestricAccessRedirect = "login.php";
if (function_exists("rel2abs")) $RestricAccessRedirect = $RestricAccessRedirect?rel2abs($RestricAccessRedirect,dirname(__FILE__)):"";
$RestrictAccess->FailRedirect = $RestricAccessRedirect;
$RestrictAccess->execute();
}
?>
<?php
if ($_SESSION["lvl"] == 9) { $sql = "SELECT wed_name, wed_key FROM security where wed_name = '".$_GET["awn"]."' group by wed_name, wed_key"; }
if ($_SESSION["lvl"] <> 9) { $sql = "SELECT wed_name, wed_key FROM security where wed_name = '".$_SESSION["wnm"]."' group by wed_name, wed_key"; }
$rsADHOC1 = new WA_MySQLi_RS("rsADHOC1",$conWEBPRO,0);
$rsADHOC1->setQuery($sql);
$rsADHOC1->execute();
$rsADHOC1->TotalRows;
$_SESSION["wedname"] = ($rsADHOC1->getColumnVal("wed_name"));
$_SESSION["wedkey"] = ($rsADHOC1->getColumnVal("wed_key"));
?>
