PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
I'm having a problem retaining session info across some pages.
I've got a login page that takes in a username from a text field and checks it against a database. If it exists, it starts a new session and stores the username as a variable (see below).
In the main.php page, I can access the $_SESSION['userid'] variable without any problem. The main.php also uses a JQuery/AJAX script which in turn retrieves dynamically generated XML content from another PHP script, xmldata.php. The problem is that xmldata.php can't see the $_SESSION['userid'] variable for some reason. I've also noticed that while main.php can see the $_SESSION['userid'] after login, it disappears when the page is refreshed.
Make sure you have session_start() at the top of all pages in question. Also, if it disappears after refreshing, odds are that you're setting it to something else in a different place in main.php
Putting session_start() at the top of each page was the first thing I did, but that didn't do anything at all. Also, main.php doesn't change any of the session variables. Below are the only PHP tags I'm using in main.php...
edit: I just found out that xmldata.php can read $_SESSION['username'] if I remove both PHP tags above from main.php. Was main.php somehow interfering with the session?
My guess would be that the session data isn't being saved. My suggestion would be to end every script with session_write_close(). This is generally unnecessary, but when dealing with AJAX or frames, this is the most reliable way to ensure your session data persists through all of the simultaneous page loads.
DC200 wrote:Was main.php somehow interfering with the session?
No, I don't see how it could. You're not showing us enough of your code to give you an answer, but my second guess (my first is always the lack of session(start), but you've already answered that) would be that either the variable $username is empty at the time you are setting the session variable, or that your script is ending prematurely, never reaching the line where you are testing for the session variable. You can test this by inserting a debugging line like:
Putting session_write_close() at the end of each page did the trick. Apparently main.php was the culprit, though I don't yet understand why. I understood that we needed to close sessions after writing to them, but I didn't think it would be necessary for reading variables.
No problem. Session data is like working with your FTP. You can save files from your FTP to your local computer and work on them, but those changes don't show up on the live site until you upload your changed files. Your session data existed locally in the pages that created them, but was never saved in order for the other pages to make use of the data.
superdezign wrote:No problem. Session data is like working with your FTP. You can save files from your FTP to your local computer and work on them, but those changes don't show up on the live site until you upload your changed files. Your session data existed locally in the pages that created them, but was never saved in order for the other pages to make use of the data.
Is that true for simple sessions? I've never "closed" a session and I've never had a problem with that. I thought that, like several other defaults, when a PHP script ends, buffers are flushed. I thought "closing" was required only if you have explicitly opened a stream or a buffer or something. A hasty check with the manual doesn't seem to require closing for a simple session.
The asynchronous nature of AJAX would suggest that the session data may not be synchronized. lol
But still, I agree with you that sessions shouldn't require explicit closing. I think the manual states that PHP is supposed to wait for any script that is making use of the session to finish before starting another. But, I'm not familiar with the way that PHP is actually processed on the server. I'd suspect that, if all scripts were handled by one process, they could be synchronized easily. But, if each script had it's own process on the server, they could end up with unsynchronized data, and possibly issues with data locks and overwriting.
Thanks for the info. You have a deeper knowledge of server internals than I do. For the simple uses I make of sessions, it has never been an issue. I imagine that more complex tasks with multiple threads would have problems I've never had to deal with.