$_SESSION vars getting unset automatically?
Posted: Sun Aug 09, 2009 5:33 am
Hi everyone,
I'm having a bit of trouble with a project; session variables keep disappearing! I'm trying to make a simple login system (which I've never had trouble with before) and it uses the $_SESSION array to validate the session. I think I should show you some code just to give an idea of what's happening (btw, the very first thing I do is session_start()):
OK I think the class' variables are pretty self-explanatory (sorry if not!), so the constructor recalls the values for the variables from the $_SESSION array. Here's how recall works:
When someone logs in the login() function set's a few $_SESSION variables, including e.g. $_SESSION['login_id']. So when I run core::recall('user','login_id'), the value of $_SESSION['login_id'] is given to core::$login_id and the $_SESSION var is kept (if the $_SESSION var was set in the first place). If I give recall a third parameter (1/true), the associated $_SESSION var gets unset - so it's fair to say that the calls to core::recall() don't use a third parameter, so it's default behavior is to NOT unset the $_SESSION['var'].
However, the check_auth() function checks to see where a user is in the website, and if they're in a restricted area it first checks to see if they're logged in using the user::is_logged_in() function. Here's that function:
Before the end of the check_auth() function is reached, I run the is_logged_in() function and return to the login page with an error if it returns false, which keeps happening after about a minute of inactivity. So to debug I displayed the contents of the $_SESSION array many times, and all required vars are there when I login, and when check_auth() runs when you reload the page, they've gone! I think I'm going crazy, because I've never had trouble with the session before..! Can anyone possibly give me any advice? I can't see where the problem is!
Thanks in advance, and sorry if this makes little/no sense!
Regards, Ben
I'm having a bit of trouble with a project; session variables keep disappearing! I'm trying to make a simple login system (which I've never had trouble with before) and it uses the $_SESSION array to validate the session. I think I should show you some code just to give an idea of what's happening (btw, the very first thing I do is session_start()):
Code: Select all
class user {
public static
$login_arrive_time,
$login_token,
$username,
$reset_arrive_time,
$reset_token,
$email,
$login_id,
$user_id,
$group,
$last_action,
$meta
;
public function __construct() {
core::recall('user','login_arrive_time');
core::recall('user','login_token');
core::recall('user','username');
core::recall('user','reset_arrive_time');
core::recall('user','reset_token');
core::recall('user','email');
core::recall('user','login_id');
core::recall('user','user_id');
core::recall('user','group');
core::recall('user','meta');
core::recall('user','last_action');
user::validate_login_attempt();
user::validate_reset_attempt();
user::check_auth();
if (stristr(URL_QUERY,'logout')) {
user::logout();
}
} // __construct()
...
}Code: Select all
public function recall($class=false,$var=false,$autounset=false) {
if (!$class) {
return core::error('core::recall() line '.__LINE__.' requires a class name as parameter 1');
} elseif (!class_exists($class)) {
return core::error('core::recall() line '.__LINE__.' class doesn\'t exist: '.$class);
}
if (!$var) {
return core::error('core::recall() line '.__LINE__.' requires a variable name as parameter 2');
}
if (!isset($_SESSION[$var])) {
return false;
}
eval($class.'::${$var} = $_SESSION[$var];');
if ($autounset) {
unset($_SESSION[$var]);
}
return true;
} // recall()However, the check_auth() function checks to see where a user is in the website, and if they're in a restricted area it first checks to see if they're logged in using the user::is_logged_in() function. Here's that function:
Code: Select all
public function is_logged_in() {
if (!isset($_SESSION['login_arrive_time']) ||
!isset($_SESSION['login_token']) ||
!isset($_SESSION['username']) ||
!isset($_SESSION['email']) ||
!isset($_SESSION['login_id']) ||
!isset($_SESSION['user_id']) ||
!isset($_SESSION['group']) ||
!isset($_SESSION['last_action']) ||
!isset($_SESSION['meta'])
) {
return false;
}
if ($_SESSION['login_token']!=user::get_access_token($_SESSION['login_arrive_time'],'login')) {
return false;
}
if ($_SESSION['login_id']!=user::get_login_id()) {
return false;
}
return true;
} // is_logged_in()Thanks in advance, and sorry if this makes little/no sense!
Regards, Ben