PHP Sessions not created until second attempt??? Help
Posted: Thu Oct 28, 2004 4:15 pm
I'm running into a problem with PHP Sessions where the set session variables are not passed to another PHP page at first. The funny thing is that the sessions work on the second try when I resubmit my login info *after* failing the original login attempt and being returned to the login page.
The PHP session starts on the second page ("action_page.php"), if the login & password match what's stored on a mySQL database. The PHP database code works fine, and I am able to determine that PHP successfully creates a session following that. After a session is created, PHP forwards the user to the "viewing" page via a PHP "header Location" command.
The problem occurs on the viewing page (third stage), where the PHP code doesn't detect a session or the previously set session variables. However, if I set the viewing page's PHP code to revert back to the original login page, a second login attempt works. A PHP session is detected and the previously set session variables are present. And yes, I do have "session_start( )" set at the top of the page before everything else.
How is this happening? I have another set of PHP pages in a different directory that allows PHP sessions to work, and those PHP pages are nearly identical to these. I've tested these pages on a linux server running PHP and Apache, and these files also fail on the box as well.
I'm all out of ideas, and I'll try to provide what I can here.
Login Process:
------------------
1. login_page.html --> 2. action_page.php --> 3. viewing_page.php
Server info:
---------------
Server OS: Win2000
PHP version: 4.3.6
PHP.ini settings:
---------------------
register_globals = On
session.auto_start = 1
session.use_cookies = 1
action_page.php (this page works correctly and creates a session which is confirmed):
-------------------------------------------------------------------------------------------------------------
viewing_page.php:
------------------------
If anyone could provide any answers, I'd greatly appreciate them. Thanks again.
The PHP session starts on the second page ("action_page.php"), if the login & password match what's stored on a mySQL database. The PHP database code works fine, and I am able to determine that PHP successfully creates a session following that. After a session is created, PHP forwards the user to the "viewing" page via a PHP "header Location" command.
The problem occurs on the viewing page (third stage), where the PHP code doesn't detect a session or the previously set session variables. However, if I set the viewing page's PHP code to revert back to the original login page, a second login attempt works. A PHP session is detected and the previously set session variables are present. And yes, I do have "session_start( )" set at the top of the page before everything else.
How is this happening? I have another set of PHP pages in a different directory that allows PHP sessions to work, and those PHP pages are nearly identical to these. I've tested these pages on a linux server running PHP and Apache, and these files also fail on the box as well.
I'm all out of ideas, and I'll try to provide what I can here.
Login Process:
------------------
1. login_page.html --> 2. action_page.php --> 3. viewing_page.php
Server info:
---------------
Server OS: Win2000
PHP version: 4.3.6
PHP.ini settings:
---------------------
register_globals = On
session.auto_start = 1
session.use_cookies = 1
action_page.php (this page works correctly and creates a session which is confirmed):
-------------------------------------------------------------------------------------------------------------
Code: Select all
<?
include ("../scripts/common_db.php");
// *** LOGIN STRING FROM LOGIN PAGE
if (strlen(trim($_POSTї'login']))>0) {
$strLOGIN = trim($_POSTї'login']);
} else {
header ("Location: login_page.html");
}
// *** PASSWORD STRING FROM LOGIN PAGE
if (strlen(trim($_POSTї'password']))>0) {
$strPASSWORD = trim($_POSTї'password']);
} else {
header ("Location: login_page.html");
}
if (! mysql_connect($dbhost, $dbusername, $dbuserpassword)) {
die('Failed to connect to host "' . $dbhost . '" . ');
}
mysql_select_db("selected_db");
$sql = "SELECT access_level, empl_number FROM employee_table WHERE"
. " login = " . CHR(39) . trim($strLOGIN) . CHR(39)
. " AND password = PASSWORD(" . CHR(39) . trim($strPASSWORD) . CHR(39) . ")"
. " AND access_level = 1";
$rs = mysql_query($sql) or die("Could not execute SQL query");
$rsCOUNT = mysql_num_rows($rs);
$row = mysql_fetch_array($rs);
if ($rsCOUNT>0) {
session_start();
$_SESSIONї'access_level'] = $rowї'access_level'];
$_SESSIONї'empl_number'] = $rowї'empl_number'];
header ("Location: main.php");
} else {
header ("Location: login_page.html");
}
?>viewing_page.php:
------------------------
Code: Select all
<?
session_start();
header("Cache-control: private"); // IE 6 Fix
// phpinfo();
echo "<b>\$_SESSIONї'access_level'] = " . $_SESSIONї'access_level'] . "</b><br />";
echo "<b>\$_SESSIONї'empl_number'] = " . $_SESSIONї'empl_number'] . "</b><br />";
include ("../scripts/common_db.php");
if (strlen(trim($_SESSIONї'access_level']))) {
$intLEVEL = $_SESSIONї'access_level'];
} else {
// header ("Location: login_page.html");
}
if (strlen(trim($_SESSIONї'empl_number']))) {
$INTSESSION_EMPL_NUMBER = $_SESSIONї'empl_number'];
} else {
// header ("Location: login_page.html");
}
echo "<b>\$_SESSIONї'access_level'] = " . $_SESSIONї'access_level'] . "</b><br />";
echo "<b>\$_SESSIONї'empl_number'] = " . $_SESSIONї'empl_number'] . "</b><br />";
?>