So, my sessions are killing me on this!!! I used to use session_register to register my session vars, but as we all know this is a no-no with register_globals turned off.
So, I've switched over to using the $_SESSION array. Here's the glitch. I've got the following to register my user upon login:
Code: Select all
<?php
session_start();
include "../functions/includes.php";
if((isset($_POST['user_name'])) && (isset($_POST['passwd']))) {
//if the user has just tried to log in
db_connect() or die('Cannot connect to the database!');
$query = "SELECT * FROM user WHERE user_name='" . $_POST['user_name'] . "' AND passwd=PASSWORD('" . $_POST['passwd'] . "')";
$result = mysql_query($query);
if(mysql_num_rows($result) > 0) {
//they are in the database - register the user name
$_SESSION['valid_user'] = $_POST['user_name'];
}
}
?>Code: Select all
<?php
session_start();
/* More code here */
if (isset($_SESSION['valid_user'])) {
// do stuff
}
else {?>
<p class="body">You are not currently logged in.</p>
<p class="body">Click <a class="bold" href="../">here</a></strong> to log-in.</p>
</td>
</tr>
</table>
</td>
</table><?php
}
?>I have a link displayed to go back to the log on page if the user ends up here without logging on first. So, when I log-on again...VOILA! I am registered correctly and can go where I please on my session-restricted pages.
To summarize my problem: Why isn't page #2 recognizing that there's already a session initiated, and instead creating a new session?
Any advice? My phpinfo for sessions follows:
Code: Select all
Session Support enabled
Registered save handlers files user
Directive Local Value Master Value
session.auto_start Off Off
session.bug_compat_42 Off Off
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_divisor 1000 1000
session.gc_maxlifetime 1440 1440
session.gc_probability 1 1
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path C:\PHP\sessiondata C:\PHP\sessiondata
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies Off Off
session.use_trans_sid Off Off