OK, I am now very frustrated indeed with PHP's session handling. It may well be my fault but I need some pointers.
I use WXP, PHP 4.2.3 and Linux and PHP too .. same problem for both.
I have a login form which posts to a login logic script. If the user is validated I set
$_SESSION["loggedin"] = $userID;
I then include the menu for logged in users. This included page checks for $SESSION["loggedin"] and if it exists shows all the links.
Each link goes to a page and the session variable is always checked.
However the first link I click no matter what it is will redirect to my login form again because it no longer can see "loggedin"!!!!!
It's driving me nuts. I have tried session_start, session_register and tried manually appending session_id onto URLs but nothing works. I tried editing my ini file too to autostart sessions but no luck.
Does anyone know why it works on a successful login but then disappears when I click another link?
Thanks!
Session Breaking
Moderator: General Moderators
- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK
Getting Somewhere
Right,
Thanks for that. No I was not using session_start on every page that accesses $_SESSION. I also found that the save path did not exist and cookies were off.
This now works except for one thing..
Warning: Cannot send session cache limiter - headers already sent (output started at c:\program files\apache group\apache\htdocs\sjfs\admin\l_login.php:1) in c:\program files\apache group\apache\htdocs\sjfs
appears at the top of my page on the first login and then disappears. I tried
error_reporting(0);
I have an architechure where every page is rendered with the 1 inde.php and specific content gets included in the middle depending on query params. Can I stop this warning?
Thanks for that. No I was not using session_start on every page that accesses $_SESSION. I also found that the save path did not exist and cookies were off.
This now works except for one thing..
Warning: Cannot send session cache limiter - headers already sent (output started at c:\program files\apache group\apache\htdocs\sjfs\admin\l_login.php:1) in c:\program files\apache group\apache\htdocs\sjfs
appears at the top of my page on the first login and then disappears. I tried
error_reporting(0);
I have an architechure where every page is rendered with the 1 inde.php and specific content gets included in the middle depending on query params. Can I stop this warning?
- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK
Make sure that session_start() appears before any output to the browser, including HTML and have a read of this:
viewtopic.php?t=1157
Mac
viewtopic.php?t=1157
Mac