Hello,
I'm having a problem with my session handling script. Here's the situation:
1.) Users come to my site and are asked to login using their credentials.
2.) The user enters their credentials into textboxes, which are located on the index.php page. The user presses the submit button and the textbox values are posted back to the index.php page. <form method=post action='index.php'>)
3.) The credentials are authenticated against a mySQL database and a session variable is created:
$query = "select * from members "
."where UserName='$userid' "
." and Password='$password'";
$result = mysql_query($query, $db_conn);
if (mysql_num_rows($result) >0 )
{
// if they are in the database register the user id
$valid_user = $userid;
session_register("valid_user");
4.) Once authenticated, the textboxes are removed and a menu is presented on the index.php page. One of the menu items displayed on the index page is "Documentation".
5.) The user clicks on the "Documentation" link, which transfers them to the documents.php page. The documents.php page starts by checking if a session varible exists:
<?
session_start();
// check session variable
if (session_is_registered("valid_user"))
{
?>
<html>
<head>
<title>Documentation</title>..........
The documents.php page will always load correctly if the user was authenticated.
6.) It's in this next step where I am experiencing the problem. When the user click's on any of the document links contained on the documents.php page they will receive a message (I wrote), indicating that the page they're trying to load is for members only, therefore they'll need to log into the site to view the page.
For some reason the session gets destroyed between the documents.php page (which checks to see if the a session variable exists) and the pages that are linked to the documents.php page.
The STRANGE part is that it works perfectly the second time you log into the site...every time!. Is this problem caused by my ISP, or my script that checks to see if a session variable is registered for the user:
<?
session_start();
// check session variable
if (session_is_registered("valid_user"))
{
?>
<html>
<head>
<title>Documentation</title>.......
Why does it always work the second time I log into the site, but never the first time? I've tried logging in from several different machines at various locations, and the result is always the same.
PLEASE HELP ME!
Thanks,
Andrew
Session Issues
Moderator: General Moderators
-
abromfield
- Forum Newbie
- Posts: 3
- Joined: Tue Nov 19, 2002 8:58 pm
Hey Hedge,
The documents.php page contains standard links to word documents that have been converted to HTML pages, using Word's "Save as Web Page" feature.
Therefore, on the documents page you would have the following:
<center>
<font face="Arial, Helvetica, sans-serif">
<a href="http://www.xyz.ca/documents/UP_Modeling.php">Unified
Process Modeling</a>
</font>
</center>
and the start of the UP_Modeling.php page would look like this:
<?
session_start();
// check session variable
if (session_is_registered("valid_user"))
{
?>
<html xmlns:o="urn:schemas-microsoft-com
office"
xmlns:w="urn:schemas-microsoft-com
word"
xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=windows-1252">
<meta name=ProgId content=Word.Document>
<meta name=Generator content="Microsoft Word 9">
<meta name=Originator content="Microsoft Word 9">
<link rel=File-List href="./UP_%20Modeling_files/filelist.xml">
<title>UP Modeling</title>
<!--[if gte mso 9]><xml>
<o:DocumentProperties>
.......
.......
I hope this is what you were looking for. Any suggestions would be much appreciated.
Andrew
The documents.php page contains standard links to word documents that have been converted to HTML pages, using Word's "Save as Web Page" feature.
Therefore, on the documents page you would have the following:
<center>
<font face="Arial, Helvetica, sans-serif">
<a href="http://www.xyz.ca/documents/UP_Modeling.php">Unified
Process Modeling</a>
</font>
</center>
and the start of the UP_Modeling.php page would look like this:
<?
session_start();
// check session variable
if (session_is_registered("valid_user"))
{
?>
<html xmlns:o="urn:schemas-microsoft-com
xmlns:w="urn:schemas-microsoft-com
xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=windows-1252">
<meta name=ProgId content=Word.Document>
<meta name=Generator content="Microsoft Word 9">
<meta name=Originator content="Microsoft Word 9">
<link rel=File-List href="./UP_%20Modeling_files/filelist.xml">
<title>UP Modeling</title>
<!--[if gte mso 9]><xml>
<o:DocumentProperties>
.......
.......
I hope this is what you were looking for. Any suggestions would be much appreciated.
Andrew
Well your code looks correct to me. How are you propagating the sessionid, I am assuming via cookies.
1 other thing, I never could get things to work using if session_registered, I ended up checking by using isset.
Also if you are using 4.1+ you can set session variables by just setting them in the $_SESSION array and you don't need to register the vars. I have yet to find any problems with this method.
1 other thing, I never could get things to work using if session_registered, I ended up checking by using isset.
Also if you are using 4.1+ you can set session variables by just setting them in the $_SESSION array and you don't need to register the vars. I have yet to find any problems with this method.
I also have not had good luck with session_registered. I usually use
Keith
Code: Select all
<?php
if (isset($_SESSIONї'SOME_VALUE']) {
?>-
abromfield
- Forum Newbie
- Posts: 3
- Joined: Tue Nov 19, 2002 8:58 pm