The PHP session starts on the second page ("action_page.php"), if the login & password match what's stored on a mySQL database. The PHP database code works fine, and I am able to determine that PHP successfully creates a session following that. After a session is created, PHP forwards the user to the "viewing" page via a PHP "header Location" command.
The problem occurs on the viewing page (third stage), where the PHP code doesn't detect a session or the previously set session variables. However, if I set the viewing page's PHP code to revert back to the original login page, a second login attempt works. A PHP session is detected and the previously set session variables are present. And yes, I do have "session_start( )" set at the top of the page before everything else.
How is this happening? I have another set of PHP pages in a different directory that allows PHP sessions to work, and those PHP pages are nearly identical to these. I've tested these pages on a linux server running PHP and Apache, and these files also fail on the box as well.
I'm all out of ideas, and I'll try to provide what I can here.
Login Process:
------------------
1. login_page.html --> 2. action_page.php --> 3. viewing_page.php
Server info:
---------------
Server OS: Win2000
PHP version: 4.3.6
PHP.ini settings:
---------------------
register_globals = On
session.auto_start = 1
session.use_cookies = 1
action_page.php (this page works correctly and creates a session which is confirmed):
-------------------------------------------------------------------------------------------------------------
Code: Select all
<?
include ("../scripts/common_db.php");
// *** LOGIN STRING FROM LOGIN PAGE
if (strlen(trim($_POSTї'login']))>0) {
$strLOGIN = trim($_POSTї'login']);
} else {
header ("Location: login_page.html");
}
// *** PASSWORD STRING FROM LOGIN PAGE
if (strlen(trim($_POSTї'password']))>0) {
$strPASSWORD = trim($_POSTї'password']);
} else {
header ("Location: login_page.html");
}
if (! mysql_connect($dbhost, $dbusername, $dbuserpassword)) {
die('Failed to connect to host "' . $dbhost . '" . ');
}
mysql_select_db("selected_db");
$sql = "SELECT access_level, empl_number FROM employee_table WHERE"
. " login = " . CHR(39) . trim($strLOGIN) . CHR(39)
. " AND password = PASSWORD(" . CHR(39) . trim($strPASSWORD) . CHR(39) . ")"
. " AND access_level = 1";
$rs = mysql_query($sql) or die("Could not execute SQL query");
$rsCOUNT = mysql_num_rows($rs);
$row = mysql_fetch_array($rs);
if ($rsCOUNT>0) {
session_start();
$_SESSIONї'access_level'] = $rowї'access_level'];
$_SESSIONї'empl_number'] = $rowї'empl_number'];
header ("Location: main.php");
} else {
header ("Location: login_page.html");
}
?>viewing_page.php:
------------------------
Code: Select all
<?
session_start();
header("Cache-control: private"); // IE 6 Fix
// phpinfo();
echo "<b>\$_SESSIONї'access_level'] = " . $_SESSIONї'access_level'] . "</b><br />";
echo "<b>\$_SESSIONї'empl_number'] = " . $_SESSIONї'empl_number'] . "</b><br />";
include ("../scripts/common_db.php");
if (strlen(trim($_SESSIONї'access_level']))) {
$intLEVEL = $_SESSIONї'access_level'];
} else {
// header ("Location: login_page.html");
}
if (strlen(trim($_SESSIONї'empl_number']))) {
$INTSESSION_EMPL_NUMBER = $_SESSIONї'empl_number'];
} else {
// header ("Location: login_page.html");
}
echo "<b>\$_SESSIONї'access_level'] = " . $_SESSIONї'access_level'] . "</b><br />";
echo "<b>\$_SESSIONї'empl_number'] = " . $_SESSIONї'empl_number'] . "</b><br />";
?>