PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
So I investigated my problem with session again, and I have a quick question:
What can I do about two PHPSESSID cookies being set?
I've tried manually deleting the cookie, but that is not working. Basically, at one point there are two PHPSESSID cookies on the user's computer so they log in, then they get logged out whenever they load the next page, because it's reading the wrong PHPSESSID cookie. Atleast, that's my theory at the moment.
I may be wrong but I believe your problem is with the domain the session is register for. The session cookie may not be registered for both http://www.somedomain.com and domain.com.
neophyte wrote:I may be wrong but I believe your problem is with the domain the session is register for. The session cookie may not be registered for both http://www.somedomain.com and domain.com.
neophyte wrote:So can you reproduce the error yet?
No, I have to wait until one of the users comes to me and says it happened, then I investigate it, but I've spent hours on it and really come to no conclusion or solution.
When it happens, I check both the session file on the server and the cookie on the local and they match fine. Then I log in as them. Then, as soon as they click to go to another page within the application, they are logged out and they are given a new local cookie... which on the server does not contain the username variable which is what I use to identify that they are logged in, the question is.. why is a new cookie assigned? When there is definately already another one, the only thing I've noticed is there are 2 PHPSESSIDs, so it can just be endlessly checking the wrong one and creating a new one.
I can only think of two reasons the cookie expired or they're on a different domain. But because there are two cookies, I'd say different domain.
Are they logged in on 'http' and then going to an 'https' second page? That can cause the same problem too.
Are there any php header() calls going to the browser on the second page?
I'm just throwing out suggestions now....
I hate login issues, I had one once I couldn't figure out. It involved IE. Cookie was present but no login. Users had to dump their cookies and what not to get in. Never could figure out if it was my script or the browser.
neophyte wrote:I can only think of two reasons the cookie expired or they're on a different domain. But because there are two cookies, I'd say different domain.
Are they logged in on 'http' and then going to an 'https' second page? That can cause the same problem too.
Are there any php header() calls going to the browser on the second page?
I'm just throwing out suggestions now....
I hate login issues, I had one once I couldn't figure out. It involved IE. Cookie was present but no login. Users had to dump their cookies and what not to get in. Never could figure out if it was my script or the browser.
Yeah, that issue you had sounds similar to this... Though I doubt my bosses will settle for "It's the browser's fault"