Session problems
Posted: Fri May 19, 2006 5:46 pm
I have a problem with the following code where whenever I click on a link, the session vars are not passed, but when I wait for the meta refresh, it gets passed. While this works on my local server, when uploaded to the production server it doesn't.
On my index.php
session.php
backend.php
The redir function which is in functions.php (functions.php is properly included on all the needed files)
Again, ok. On my local server, everything just works fine. But uploaded on the production server it doesn't. After logging in, it says "Login successful." using the redir() function. So in that Login Successful page, I have a choice to either wait for the meta refresh to take me to the next page or click the link. What happens is if I wait, it gets redirected fine, but if I click on the link, I get to a "Please login first." page using the redir() function and is executed in backend.php. And again, if I wait for the meta refresh, I get redirected to the main panel with more links (imagine an IPB acp). Clicking on the menu links gives me the "Please login first." page.
Again take note this all works fine on my local server and I did not intend for any advanced security on these pages as I still have alot to learn about it.
Kindly point out any errors in my code and I am happy to take criticism aswell. Thanks.
On my index.php
Code: Select all
...
...
if ($auth) {
require_once 'session.php';
setcookie("login");
$cookieValue = mt_rand() . "_" . $POST_username;
setcookie('login',$cookieValue,time()+3600);
$_SESSION['login'] = $cookieValue;
// add_access_entry("Logged in as $POST_username");
redir("YES","Login successful.","backend.php?page=general&subpage=news");
}Code: Select all
ini_set('register_globals','Off');
ini_set('session.use_cookies',1);
ini_set('session.use_only_cookies',1);
ini_set('session.referer_check',1);
ini_set('session.use_trans_sid',0);
ini_set('url_rewriter.tags','');
session_start();
header("Cache-control: private"); // IE FixCode: Select all
require_once 'session.php';
... other requires ...
...
print_r($_SESSION); //debug
print_r($_COOKIE); // debug
if(isset($_COOKIE['login']) && isset($_SESSION['login'])) {
if($_COOKIE['login'] == $_SESSION['login']) {
$logged = true;
} else {
$logged = false;
}
} else {
$logged = false;
}
if (!$logged)
{
setcookie('login');
unset($_SESSION['login']);
session_unset();
session_destroy();
redir("YES","Please login first.","index.php");
}Code: Select all
function redir($redir, $msg, $page, $time = 6) {
if ($redir == "YES")
{
$msg .= "<br />
Click <a href=\"$page\">here</a> to continue.";
$refresh = " <meta http-equiv=\"refresh\" content=\"$time; url=$page\">";
$title = " <title>Redirecting to $page .. - MAO</title>";
}
else
{
$refresh = " <meta http-equiv=\"refresh\" content=\"$time; url=$page\">";
$title = " <title>Page terminated .. - MAO</title>";
}
echo "
<!DOCTYPE html
PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"
\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">
<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">
<head>
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1252\" />
$refresh
<link rel=\"stylesheet\" type=\"text/css\" href=\"style.css\" />
$title
</head>
<body>
<div class=\"redir\" id=\"redir\">
<p align=\"center\">
<img border=\"0\" src=\"images/redirecting.jpg\" width=\"400\" height=\"100\">
</p>
<p align=\"center\">
$msg <br />
</p>
<hr noshade size=\"1\" width=\"70%\" />
<p align=\"center\">
© 2006. Programmed and Designed by **
</p>
</div>
</body>
</html>";
exit();
}Again take note this all works fine on my local server and I did not intend for any advanced security on these pages as I still have alot to learn about it.
Kindly point out any errors in my code and I am happy to take criticism aswell. Thanks.