Session Breaking

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
adcworks
Forum Newbie
Posts: 4
Joined: Fri Oct 18, 2002 3:35 am

Session Breaking

Post by adcworks »

OK, I am now very frustrated indeed with PHP's session handling. It may well be my fault but I need some pointers.

I use WXP, PHP 4.2.3 and Linux and PHP too .. same problem for both.

I have a login form which posts to a login logic script. If the user is validated I set

$_SESSION["loggedin"] = $userID;

I then include the menu for logged in users. This included page checks for $SESSION["loggedin"] and if it exists shows all the links.

Each link goes to a page and the session variable is always checked.

However the first link I click no matter what it is will redirect to my login form again because it no longer can see "loggedin"!!!!!

It's driving me nuts. I have tried session_start, session_register and tried manually appending session_id onto URLs but nothing works. I tried editing my ini file too to autostart sessions but no luck.

Does anyone know why it works on a successful login but then disappears when I click another link?

Thanks!
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

You do have session_start() at the top of any script that sets or tries to access session variables?

Mac
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

  • in your php.ini check
  • session.save_path points to a valid path (use / rather than \ )
  • session.use_cookies = 1
  • session.cookie_lifetime = 0
take a look into your server's error.log-file and make sure there is nothing like "...Cannot add header information..." in it
adcworks
Forum Newbie
Posts: 4
Joined: Fri Oct 18, 2002 3:35 am

Getting Somewhere

Post by adcworks »

Right,

Thanks for that. No I was not using session_start on every page that accesses $_SESSION. I also found that the save path did not exist and cookies were off.

This now works except for one thing..

Warning: Cannot send session cache limiter - headers already sent (output started at c:\program files\apache group\apache\htdocs\sjfs\admin\l_login.php:1) in c:\program files\apache group\apache\htdocs\sjfs

appears at the top of my page on the first login and then disappears. I tried

error_reporting(0);

I have an architechure where every page is rendered with the 1 inde.php and specific content gets included in the middle depending on query params. Can I stop this warning?
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

Make sure that session_start() appears before any output to the browser, including HTML and have a read of this:
viewtopic.php?t=1157

Mac
Post Reply