Page 1 of 1

session issues

Posted: Thu Sep 26, 2002 2:22 am
by ridwan
I have recently tried to create an administration session, everything seems to work including login except when I redirect to a session holding page for some reason the sessions do not maintain state and I'm driving myself crazy trying to find out why. This is what I am using to try and get the sessions to work, according to the tutorial nothing should be going wrong!!!!

Code: Select all

<?php
ob_start(); // turn output buffering on
// mainadmin.php - secure page

// session check
session_start();
if (!session_is_registered("SESSION"))
&#123;
	// if session check fails, invoke error handler
      echo "nothing is registered";
	// header ("Location: validate.php");
	exit();
&#125;
?>
The problem is that it keeps going to "nothing is registered " instead of (code i did not include) processing the HTML frameset.

Posted: Thu Sep 26, 2002 2:46 am
by Takuma
That function seems not working on mine... Try using $_SESSION.

IT WORX

Posted: Thu Sep 26, 2002 3:03 am
by ridwan
your'e great something that baffled me the whole day you managed to sort out pretty quickly.

Was that b'cos I didn't register the sesion as a variable or what??

thanks again

Posted: Thu Sep 26, 2002 4:01 pm
by Takuma
Yeah, try starting session my work, but I recommend using $_SESSION

Posted: Fri Sep 27, 2002 8:23 am
by nielsene
Well one thing to watch out for is that header() won't propagate the session if the user denied the cookie and is using GET style sessionID propagation. The work around I use:

Code: Select all

function localRedirect($url)
{
    GLOBAL $HTTP_COOKIE_VARS;
    if (isset($HTTP_COOKIE_VARS&#1111;"PHPSESSID"]))
        header($url);
    else
        header($url . "?" .SID);
}
Use this function exactly like header() but for redirects within your site. Use header for links out of your site to avoid spilling your identifiers.

This is a very simple function and won't work if you regularly use GET style urls in your site. If you do you'll have to slightly modify the else portion to figure out if an ampersand or a '?' is needed.