Page 1 of 1

session problem

Posted: Tue Nov 23, 2004 5:21 am
by mcog_esteban
hi all.
can someone explain this strange behaviour:
i have a login system based on sessions, but sometimes(few and random) everytime i login, i get send back to login again, the page simply expires.
there's nothing wrong with logins and passwords, the problem is the session functions, maybe i'm forgetting something.

thanks.

Posted: Tue Nov 23, 2004 5:23 am
by Maugrim_The_Reaper
Example of the code involved?

Posted: Tue Nov 23, 2004 5:29 am
by mcog_esteban
i have only these:

session_save_path(...);
session_start();

the logout has the code i saw on http://www.php.net documentation about session_destroy()

Posted: Tue Nov 23, 2004 5:35 am
by mcog_esteban
this is the code i use to logout

Code: Select all

<?php
<?php
// Initialize the session.
// If you are using session_name("something"), don't forget it now!
session_start();

// Unset all of the session variables.
$_SESSION = array();

// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (isset($_COOKIE[session_name()])) {
   setcookie(session_name(), '', time()-42000, '/');
}

// Finally, destroy the session.
session_destroy();
<?php
?>

Posted: Tue Nov 23, 2004 5:59 am
by Maugrim_The_Reaper
Logout looks fine - but your problem seems to be logging in...

Check you have something in your code that checks whether the user of a session is logged in or out.

For example after checking password, set $_SESSION[online] = "true", then check that value on each page to ensure the user who sent the page request is logged in...

only use $_SESSION = array()/session_destroy() on logout - neither should be present in the initial login code - unless the user got the password wrong and you want to delete any session data.

Posted: Tue Nov 23, 2004 6:07 am
by mcog_esteban
well i have a small script that checks is the user is a certain session value is set

ex: if (empty($_SESSION['username'])) header("Location: login.php");

at the beginning of each script.

<?php
include "checkLogin.php";

session_save_path(...);
session_start();
.....
?>