Page 1 of 1

session_start(); HELP!

Posted: Fri Aug 04, 2006 4:36 am
by SomeOne
feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


i need some help here guys...
i have a code like this...

Code: Select all

<?php session_start();
include_once'settings.php';
  $username = $_POST['username'];
  if (file_exists("$users/$username.php")) 
{
  $user = file_get_contents("$users/$username.php");
  $user_name = explode ("=", $user);
  $pass_is = $user_name[1];
  $password = $_POST['password'];
    if ($pass_is == $password){	
	
  $_SESSION['is_logged']=1;
  setcookie("Test", $username, time()+3600, "/","this.com");  /* expire in 1 hour */
  } else {
  $_SESSION['is_logged']=0;
  }
}
if(!$_SESSION['is_logged']){
   header("location: logon.php");
}
?>
and i include this code on top of every page i use....it works well....
though...i have a slight problem...
i open a PopUp window with JavaScript and in this window i have alsow included this code and in mozilla works fine though in IE sends me on login screen..
Can anyone explain this to me?


feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

Posted: Fri Aug 04, 2006 4:54 am
by shiznatix
sessions only work for each browser occurance. FF apparently is smart and will help carry the session to the new window but IE consideres it a second browser window and will get a new session.

Posted: Fri Aug 04, 2006 5:27 am
by Jenk
You could probably 'hack' it but it won't be the best implementation..

Code: Select all

<? session_start();

echo '<a href="newpage.php?' . session_name() . '=' . session_id() .'" target="_blank">Link to new window!</a>';

?>
Will output similar to:

Code: Select all

<a href="newpage.php?PHPSESSID=4db890c811601a05d2ac96f73248d8fe" target="_blank">Link to new window!</a>
or:

Code: Select all

echo "window.open('newpage.php?" . session_name() . "=" . session_id() . "', 'name', 'options');\n";
Will output similar to:

Code: Select all

window.open('newpage.php?PHPSESSID=4db890c811601a05d2ac96f73248d8fe', 'name', 'options');
so that the new browser window 'hijacks' the session.