Expiry of page when using sessions

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
mjseaden
Forum Contributor
Posts: 458
Joined: Wed Mar 17, 2004 5:49 am

Expiry of page when using sessions

Post by mjseaden »

Dear All,

I just today implemented the beginnings of a user authentication system into my new site, designed to handle multiple pages so that I can limit access to those pages available to those logged in only.

It all works fine, but when I use the 'back' button on my browser whilst navigating the pages I have limited to logged in users, internet explorer tells me that the web page has expired, and I cannot access the page, despite being logged in.

Is there any way I can avoid this problem, and stop web pages from 'expiring' and so not hindering navigation of the site?

Many thanks to you all,

Mark (mjseaden@hotmail.com)
platinum
Forum Newbie
Posts: 6
Joined: Sat Feb 21, 2004 4:20 pm

Post by platinum »

Don't think theres any viable solution unless you use cookies instead/as well, or hit the Refresh button!!
mjseaden
Forum Contributor
Posts: 458
Joined: Wed Mar 17, 2004 5:49 am

Post by mjseaden »

Sorry I wasn't very clear. I have implemented user authentication using cookies - I get this expiration problem with any page using those wholesome authentication cookies.

I don't think the cookies would have expired so quickly unless I had explicitly asked them to do so, but this may be the problem. I do however think it is something else - any ideas?

Many thanks

Mark
User avatar
m3mn0n
PHP Evangelist
Posts: 3548
Joined: Tue Aug 13, 2002 3:35 pm
Location: Calgary, Canada

Post by m3mn0n »

Was the page that expires one that handles a login from a form?
mjseaden
Forum Contributor
Posts: 458
Joined: Wed Mar 17, 2004 5:49 am

Post by mjseaden »

Yes
malcolmboston
DevNet Resident
Posts: 1826
Joined: Tue Nov 18, 2003 1:09 pm
Location: Middlesbrough, UK

Post by malcolmboston »

i will make it quite clear now,i dont use cookies, in actuality i hate cookies, sessions are much better however..........

have you tried

Code: Select all

setcookie("CookieName", $data, time()+7200);  /* expire in 2 hours
this guarantees ths cookie wont be destroyed

also you can check your cookies existance on the next page by using

Code: Select all

<?php print_r($_COOKIE); ?>
mjseaden
Forum Contributor
Posts: 458
Joined: Wed Mar 17, 2004 5:49 am

Post by mjseaden »

Okay - now I'm a little confused. I've been using PHP's session_start() and $_SESSION variables to communicate across the secure pages that a user is/isn't properly logged in. That means that the session variables aren't stored in cookies?

In any case, it is sessions I am using, and it is the page that handles login from a form that expires when I hit the 'back' button.

Many thanks for your help.
User avatar
m3mn0n
PHP Evangelist
Posts: 3548
Joined: Tue Aug 13, 2002 3:35 pm
Location: Calgary, Canada

Post by m3mn0n »

mjseaden wrote:Yes
Well in Internet Explorer if you ever fill out a form and go to a page that handles this form, then click away, and click back again, it will disallow this procedure and give you that error.

I recommend giving your users a page that confirms their login, and then from there they can click to the site navigation/main user area.

This way they won't ever need to go back to the page that handles the login.

Hope this helps.
Last edited by m3mn0n on Sat Mar 20, 2004 6:49 am, edited 1 time in total.
malcolmboston
DevNet Resident
Posts: 1826
Joined: Tue Nov 18, 2003 1:09 pm
Location: Middlesbrough, UK

Post by malcolmboston »

lol, posted on the wrong topic (just woke up :lol: )

anyway have you tried print out some of your $_SESSION['value'] after this page?

usually, IE anyway, asks you if you want to send the data again when you press the back button
User avatar
Bill H
DevNet Resident
Posts: 1136
Joined: Sat Jun 01, 2002 10:16 am
Location: San Diego CA
Contact:

Post by Bill H »

Put thus at the top of each page:

Code: Select all

session_cache_limiter("private,must-revalidate");
I put it just before session_start(), but some people put it right after that call.
Post Reply