Page 1 of 1

register session var & forward to another pg

Posted: Sun Dec 29, 2002 4:05 am
by justravis
i'm trying to build a backdoor entrance for cetain members, so they do not have to login.

This is what I have in mind:
1.they enter nologin.domain.com
2. nologin.domain.com registers a hardcoded username session var
3. nologin.domain.com forwards them using header() to members.domain.com

Here is the code:

nologin index:

Code: Select all

<?php
function auto_login($user)
{
      session_register('user');
      $_SESSION['user'] = $user;
}

session_start();

auto_login('business');

header("Location: http://members.domain.com");
?>
members index:

Code: Select all

<?php
#Simply determines if session exists & leaves action to page calling it.
function session_check()
{
        if(session_is_registered('user'))
        {
                $loggedin++;
        }

        return $loggedin;
}

#If no session, login form is dsplayed.
if(!session_check())
{
   show form;
}
?>
In session_check(), I have also tried:

Code: Select all

<?php
if(session_is_registered('user'))
if(isset($_SESSION['user']))
if($_SESSION['user'])
?>
All of them seem to have the same result. The username is either not getting registered or it is not being recognized because the login form still appears on the members index. I have realized it does work. It is just inconsistent, but yet seems to follow a pattern.

The pattern goes like this:
1. First time I enter url nologin.domain.com it does not work. It forwards to the right page, but the session var is not sent.
2. It works the second time I enter the url.

It is as if the page does not recognize the session var until after it shows the form. I do set the var before I check for it & show the form though.

Anybody have any ideas?

Posted: Fri Jan 03, 2003 1:18 pm
by daven
You need to have session_start() above your session_register calls. You also need to have session_start() on all the pages you are using session variables on.

Code: Select all

<?php
session_start(); 
function auto_login($user)
{
      session_register('user');
      $_SESSION['user'] = $user;
}
?>
The reason it was working for you the second time through is that you had initiated your session the first time.