Page 1 of 1
session problem
Posted: Tue Nov 23, 2004 5:21 am
by mcog_esteban
hi all.
can someone explain this strange behaviour:
i have a login system based on sessions, but sometimes(few and random) everytime i login, i get send back to login again, the page simply expires.
there's nothing wrong with logins and passwords, the problem is the session functions, maybe i'm forgetting something.
thanks.
Posted: Tue Nov 23, 2004 5:23 am
by Maugrim_The_Reaper
Example of the code involved?
Posted: Tue Nov 23, 2004 5:29 am
by mcog_esteban
i have only these:
session_save_path(...);
session_start();
the logout has the code i saw on
http://www.php.net documentation about session_destroy()
Posted: Tue Nov 23, 2004 5:35 am
by mcog_esteban
this is the code i use to logout
Code: Select all
<?php
<?php
// Initialize the session.
// If you are using session_name("something"), don't forget it now!
session_start();
// Unset all of the session variables.
$_SESSION = array();
// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time()-42000, '/');
}
// Finally, destroy the session.
session_destroy();
<?php
?>
Posted: Tue Nov 23, 2004 5:59 am
by Maugrim_The_Reaper
Logout looks fine - but your problem seems to be logging in...
Check you have something in your code that checks whether the user of a session is logged in or out.
For example after checking password, set $_SESSION[online] = "true", then check that value on each page to ensure the user who sent the page request is logged in...
only use $_SESSION = array()/session_destroy() on logout - neither should be present in the initial login code - unless the user got the password wrong and you want to delete any session data.
Posted: Tue Nov 23, 2004 6:07 am
by mcog_esteban
well i have a small script that checks is the user is a certain session value is set
ex: if (empty($_SESSION['username'])) header("Location: login.php");
at the beginning of each script.
<?php
include "checkLogin.php";
session_save_path(...);
session_start();
.....
?>