session and redirects

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Charles256
DevNet Resident
Posts: 1375
Joined: Fri Sep 16, 2005 9:06 pm

session and redirects

Post by Charles256 »

Okay. here's the system..user logs in.if login successful redirect to a new page.however, whenever I redirect to a new page all the session information is lost and they are not logged.if i do not redirect it works. and yes, the redirect comes after the set session variables code. can anyone think of any reason for this? it's IIS server running PHP4.
User avatar
Oren
DevNet Resident
Posts: 1640
Joined: Fri Apr 07, 2006 5:13 am
Location: Israel

Post by Oren »

The two things that come to my mind which might help you are:

1. Set PHP to show all kind of errors and see what you get.
2. If you have a firewall, turn it off and see what happens.
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

Are you calling exit; after your redirect? This could have an effect if the code after your redirect is ran and effects the session.
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

might need to tack in session_write_close() .. or add the session id to the URL you redirect toward to make sure it transfers.
Charles256
DevNet Resident
Posts: 1375
Joined: Fri Sep 16, 2005 9:06 pm

Post by Charles256 »

thanks for the suggestions.i'll get back with yoyu all once i try them.
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

Sorry to bump... but I'm having this same problem... tried all of these suggestions... no luck.
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

This may be painstakingly obvious..... but is session_start() called on the page that is being redirected to?

Also.. try passing the session id via the url, something like:

Code: Select all

header('Location: next_page.php?PHPSESSID='.session_id());
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

scottayy wrote:This may be painstakingly obvious..... but is session_start() called on the page that is being redirected to?
yes
scottayy wrote:Also.. try passing the session id via the url, something like:

Code: Select all

header('Location: next_page.php?PHPSESSID='.session_id());
no luck :(
GeXus
Forum Regular
Posts: 631
Joined: Sat Mar 11, 2006 8:59 am

Post by GeXus »

The Ninja Space Goat wrote:
scottayy wrote:This may be painstakingly obvious..... but is session_start() called on the page that is being redirected to?
yes
scottayy wrote:Also.. try passing the session id via the url, something like:

Code: Select all

header('Location: next_page.php?PHPSESSID='.session_id());
no luck :(
comment out your redirect and try checking isset session_id
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

it's set... everything is fine until the redirect
GeXus
Forum Regular
Posts: 631
Joined: Sat Mar 11, 2006 8:59 am

Post by GeXus »

The Ninja Space Goat wrote:it's set... everything is fine until the redirect

Code: Select all

header('Location: next_page.php?PHPSESSID=test');
will that work?
Last edited by GeXus on Thu Aug 31, 2006 5:49 pm, edited 1 time in total.
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

Is any session data being saved at all? Try echo session_id().

Not too long ago I had a session_id() set to the value 'deleted', and all my session data was lost. It's a PHP bug.
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

this is driving me nuts. It doesn't matter if I redirect or not. I can just click in the url and push enter and ALL session data is gone. could it have something to do with my session class?

Code: Select all

<?php
/**
* Registry class for storing just about anything
*
* This class is basically just a wrapper for an associative array. It
* can be used to store any type of data that an associative array can.
* The most common use for this class is to extend it to allow storage
* in almost any type of class that needs to store data such as
* a session class, an object registry, etc.
*
* @abstract
* @author       Luke Visinoni <luke.visinoni@gmail.com>
* @copyright    Luke Visinoni August 20th 2006
*/
class Registry{

	/**
	* Container for all registered data passed to this class
	* @access protected
	*/
	protected $entries = array();
	
	/**
	* Add a value to registry data
	* @access public
	* @param string $key 	Associative data array key
	* @param mixed	$value	Associative data array value
	*/
	public function register($key, $value){
		$this->entries[$key] = $value;
	}
	
	/**
	* Remove a value from registry data
	* @access public
	* @param string $key 	Associative data array key
	*/
	public function unregister($key){
		unset($this->entries[$key]);
	}
	
	/**
	* Retrieve a value from registry data
	* @access public
	* @param string $key 	Associative data array key
	* @return mixed
	*/
	public function get($key){
		return isset($this->entries[$key]) ? $this->entries[$key] : null;
	}
	
	/**
	* Check that a key exists within registry data
	* @access public
	* @param string $key 	Associative data array key
	* @return bool
	*/
	public function has($key){
		return $key ? isset($this->entries[$key]) : false;
	}
	
	/**
	* Destroy all information stored in this registry
	* @access public
	*/
	public function flush(){
		$this->entries = array();
	}
	
	/**
	* Magic wrapper for get()
	* @access public
	* @param string $key 	Associative data array key
	* @return mixed
	*/
	/*
	public function __get($key){
		return $this->get($key);
	}*/
	
	/**
	* Magic wrapper for register()
	* @access public
	* @param string $key 	Associative data array key
	* @param string $value 	Associative data array value
	*/
	/*
	public function __set($key, $value){
		$this->register($key, $value);
	}*/
}
?>
<?php
// This is for debug use only
//set_include_path(get_include_path() . PATH_SEPARATOR . "../../libraries" . DIRECTORY_SEPARATOR);
//require_once 'Registry.php';
//require_once 'Database.php';

/**
* Session handler
*
* A class for working with a session. This class is extended
* to provide a particular object or area of an application with its
* own namespace within the session data. This allows for different
* classes to play nicely together and not overwrite or delete session
* data they aren't supposed to.
*
* @author       Luke Visinoni <luke.visinoni@gmail.com>
* @copyright    Luke Visinoni August 20th 2006
*/
class Session extends Registry{
	
	/**
	* Container for session id
	* @access public
	* @var string
	* @static
	*/
	public static $id = null; 
	
	/**
	* This particular instance's namespace
	* @access public
	* @var string
	*/
	protected $namespace;			
	
	/**
	* Set to true if you would like for session's id to be regenerated
	* @access protected
	* @var bool
	*/
	protected $regenerate;
	
	/**
	* Constructor
	* @param string $namespace
	* @param bool $regenerate
	*/
	public function __construct($namespace='Session', $regenerate=null) {
		
        $this->namespace = $namespace;
        $this->regenerate = $regenerate;
		$this->start();
		
    }
    
	/**
	* Initialize the session
	* 
	* This method starts the session. Once the session is started, it tries to correct
	* a known IE problem. (Need to find out more about this problem). Now it checks
	* regenerates the session id, if specefied, and associates entries with our session.
	* 
	* @access public
	* @todo research ie problem that the session_cache_limiter is supposed to fix
	*/
    public function start(){
		if(session_id() == ''){
			session_start();
			if (strstr($_SERVER['HTTP_USER_AGENT'], 'MSIE')){
				session_cache_limiter('must-revalidate');
			}
			self::$id = session_id();
		}
		if ($this->regenerate){
			session_regenerate_id();
		}
		$this->entries =& $_SESSION[$this->namespace];
    }
    
	//public function __destruct(){
	//	session_write_close();
	//}
    
	/**
	* Destroy the session
	* 
	* This destroys the session, and optionally the cookie
	* 
	* @access public
	* @todo finish cookie destroy
	* @param $killcookie bool
	*/
	public function destroy($killcookie=true){
		$this->flush();
		session_destroy();
		//if($killcookie) setcookie($this->id);
	}
	
	public function close(){
		session_write_close();
	}

	public function __get($key){
		return $this->get($key);
	}
	
	public function __set($key, $value){
		$this->register($key, $value);
	}
}
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

no matter what... it always gives me a new session id for some reason... :?
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

Code: Select all

?> 
<?php
This would be sending headers. But, I don't see how that would affect your sessions. Weird stuff. Sorry, no answer here. =[

[edit]is $session->regenerate being set to true?
Last edited by s.dot on Thu Aug 31, 2006 6:26 pm, edited 1 time in total.
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
Post Reply