I tried to search an answer for this in the earlier topics but couldn't find it so here it is. I tested this system on my own localhost and it works fine but when I uploaded it to my host this problem started. The problem is that it takes about 2-5 minutes and the session becomes obsolete. That is very annoying because you can spend more time in my admin panel than that. And to say again...in localhost it worked fine. Here's how I did it.
I just first start the session with session_start(); and then I see if the the username and password are correct and if they are I session_register some variables like username and userlevel to session. Then at every page I try to see if a $_SESSION['session_userlevel']; still exists and if it does the user is logged in but if it doesn't he's not. So this is the problem. Could it be something related to PHP version? My host just recently updated their PHP version to 4.3.3RC1. If you need more info just ask and hopefully you can help me.
Session keeps disappering
Moderator: General Moderators
- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK
If you have something like:session_register()
Code: Select all
$variable = $_POSTї'variable'];
session_register($variable);Code: Select all
$_SESSION['variable'] = $_POST['variable'];Have a look at Jason's session management sticky:
viewtopic.php?t=6521
Mac
ok, sorry for doublepost but I was celebrating too early. It still looses the session. Here's how I have my code.
login_process.php
and this is an example page where you can see how I check the login
login_process.php
Code: Select all
<?php
require_once '../functions.php';
// check that the form fields are not empty, and redirect back to the login page if they are
if(empty($username) || empty($password))
{
redirect('index.php');
}
else
{
$password = md5($password);
// connect to the database
dbConnect();
$sql = mysql_query("SELECT id, nickname, level, userlevel FROM eon_members WHERE nickname = '".$username."' AND password = '".$password."'");
$result = mysql_fetch_array($sql);
$session_nickname = $result['nickname'];
$session_userlevel = $result['userlevel'];
$session_memberid = $result['id'];
$session_level = $result['level'];
//check that at least one row was returned
$rowCheck = mysql_num_rows($sql);
if($rowCheck > 0)
{
//start the session and register a variable
session_start();
$_SESSION['session_nickname'] = $session_nickname;
$_SESSION['session_userlevel'] = $session_userlevel;
$_SESSION['session_memberid'] = $session_memberid;
$_SESSION['session_level'] = $session_level;
//we will redirect the user to another page where we will make sure they're logged in
redirect('index.php');
}
else
{
//if nothing is returned by the query, unsuccessful login code goes here...
echo"
Something went horribly wrong
";
}
}
?>Code: Select all
<?php
//start the session
session_start();
require_once 'admintemplate_header.php';
//check to make sure the session variable is registered
if($_SESSION['session_userlevel'] >= 1)
{
}
else
{
//the session variable isn't registered, send them back to the login page
redirect('login.php');
}
require_once 'admintemplate_footer.php';
?>Code: Select all
// check that the form fields are not empty, and redirect back to the login page if they are
if(empty($username) || empty($password))See the last link in my signature and read about $_POST