Page 1 of 2

session and redirects

Posted: Fri Aug 11, 2006 8:39 am
by Charles256
Okay. here's the system..user logs in.if login successful redirect to a new page.however, whenever I redirect to a new page all the session information is lost and they are not logged.if i do not redirect it works. and yes, the redirect comes after the set session variables code. can anyone think of any reason for this? it's IIS server running PHP4.

Posted: Fri Aug 11, 2006 8:43 am
by Oren
The two things that come to my mind which might help you are:

1. Set PHP to show all kind of errors and see what you get.
2. If you have a firewall, turn it off and see what happens.

Posted: Fri Aug 11, 2006 8:56 am
by s.dot
Are you calling exit; after your redirect? This could have an effect if the code after your redirect is ran and effects the session.

Posted: Fri Aug 11, 2006 9:59 am
by feyd
might need to tack in session_write_close() .. or add the session id to the URL you redirect toward to make sure it transfers.

Posted: Fri Aug 11, 2006 10:50 am
by Charles256
thanks for the suggestions.i'll get back with yoyu all once i try them.

Posted: Thu Aug 31, 2006 5:32 pm
by Luke
Sorry to bump... but I'm having this same problem... tried all of these suggestions... no luck.

Posted: Thu Aug 31, 2006 5:41 pm
by s.dot
This may be painstakingly obvious..... but is session_start() called on the page that is being redirected to?

Also.. try passing the session id via the url, something like:

Code: Select all

header('Location: next_page.php?PHPSESSID='.session_id());

Posted: Thu Aug 31, 2006 5:43 pm
by Luke
scottayy wrote:This may be painstakingly obvious..... but is session_start() called on the page that is being redirected to?
yes
scottayy wrote:Also.. try passing the session id via the url, something like:

Code: Select all

header('Location: next_page.php?PHPSESSID='.session_id());
no luck :(

Posted: Thu Aug 31, 2006 5:44 pm
by GeXus
The Ninja Space Goat wrote:
scottayy wrote:This may be painstakingly obvious..... but is session_start() called on the page that is being redirected to?
yes
scottayy wrote:Also.. try passing the session id via the url, something like:

Code: Select all

header('Location: next_page.php?PHPSESSID='.session_id());
no luck :(
comment out your redirect and try checking isset session_id

Posted: Thu Aug 31, 2006 5:45 pm
by Luke
it's set... everything is fine until the redirect

Posted: Thu Aug 31, 2006 5:48 pm
by GeXus
The Ninja Space Goat wrote:it's set... everything is fine until the redirect

Code: Select all

header('Location: next_page.php?PHPSESSID=test');
will that work?

Posted: Thu Aug 31, 2006 5:48 pm
by s.dot
Is any session data being saved at all? Try echo session_id().

Not too long ago I had a session_id() set to the value 'deleted', and all my session data was lost. It's a PHP bug.

Posted: Thu Aug 31, 2006 6:07 pm
by Luke
this is driving me nuts. It doesn't matter if I redirect or not. I can just click in the url and push enter and ALL session data is gone. could it have something to do with my session class?

Code: Select all

<?php
/**
* Registry class for storing just about anything
*
* This class is basically just a wrapper for an associative array. It
* can be used to store any type of data that an associative array can.
* The most common use for this class is to extend it to allow storage
* in almost any type of class that needs to store data such as
* a session class, an object registry, etc.
*
* @abstract
* @author       Luke Visinoni <luke.visinoni@gmail.com>
* @copyright    Luke Visinoni August 20th 2006
*/
class Registry{

	/**
	* Container for all registered data passed to this class
	* @access protected
	*/
	protected $entries = array();
	
	/**
	* Add a value to registry data
	* @access public
	* @param string $key 	Associative data array key
	* @param mixed	$value	Associative data array value
	*/
	public function register($key, $value){
		$this->entries[$key] = $value;
	}
	
	/**
	* Remove a value from registry data
	* @access public
	* @param string $key 	Associative data array key
	*/
	public function unregister($key){
		unset($this->entries[$key]);
	}
	
	/**
	* Retrieve a value from registry data
	* @access public
	* @param string $key 	Associative data array key
	* @return mixed
	*/
	public function get($key){
		return isset($this->entries[$key]) ? $this->entries[$key] : null;
	}
	
	/**
	* Check that a key exists within registry data
	* @access public
	* @param string $key 	Associative data array key
	* @return bool
	*/
	public function has($key){
		return $key ? isset($this->entries[$key]) : false;
	}
	
	/**
	* Destroy all information stored in this registry
	* @access public
	*/
	public function flush(){
		$this->entries = array();
	}
	
	/**
	* Magic wrapper for get()
	* @access public
	* @param string $key 	Associative data array key
	* @return mixed
	*/
	/*
	public function __get($key){
		return $this->get($key);
	}*/
	
	/**
	* Magic wrapper for register()
	* @access public
	* @param string $key 	Associative data array key
	* @param string $value 	Associative data array value
	*/
	/*
	public function __set($key, $value){
		$this->register($key, $value);
	}*/
}
?>
<?php
// This is for debug use only
//set_include_path(get_include_path() . PATH_SEPARATOR . "../../libraries" . DIRECTORY_SEPARATOR);
//require_once 'Registry.php';
//require_once 'Database.php';

/**
* Session handler
*
* A class for working with a session. This class is extended
* to provide a particular object or area of an application with its
* own namespace within the session data. This allows for different
* classes to play nicely together and not overwrite or delete session
* data they aren't supposed to.
*
* @author       Luke Visinoni <luke.visinoni@gmail.com>
* @copyright    Luke Visinoni August 20th 2006
*/
class Session extends Registry{
	
	/**
	* Container for session id
	* @access public
	* @var string
	* @static
	*/
	public static $id = null; 
	
	/**
	* This particular instance's namespace
	* @access public
	* @var string
	*/
	protected $namespace;			
	
	/**
	* Set to true if you would like for session's id to be regenerated
	* @access protected
	* @var bool
	*/
	protected $regenerate;
	
	/**
	* Constructor
	* @param string $namespace
	* @param bool $regenerate
	*/
	public function __construct($namespace='Session', $regenerate=null) {
		
        $this->namespace = $namespace;
        $this->regenerate = $regenerate;
		$this->start();
		
    }
    
	/**
	* Initialize the session
	* 
	* This method starts the session. Once the session is started, it tries to correct
	* a known IE problem. (Need to find out more about this problem). Now it checks
	* regenerates the session id, if specefied, and associates entries with our session.
	* 
	* @access public
	* @todo research ie problem that the session_cache_limiter is supposed to fix
	*/
    public function start(){
		if(session_id() == ''){
			session_start();
			if (strstr($_SERVER['HTTP_USER_AGENT'], 'MSIE')){
				session_cache_limiter('must-revalidate');
			}
			self::$id = session_id();
		}
		if ($this->regenerate){
			session_regenerate_id();
		}
		$this->entries =& $_SESSION[$this->namespace];
    }
    
	//public function __destruct(){
	//	session_write_close();
	//}
    
	/**
	* Destroy the session
	* 
	* This destroys the session, and optionally the cookie
	* 
	* @access public
	* @todo finish cookie destroy
	* @param $killcookie bool
	*/
	public function destroy($killcookie=true){
		$this->flush();
		session_destroy();
		//if($killcookie) setcookie($this->id);
	}
	
	public function close(){
		session_write_close();
	}

	public function __get($key){
		return $this->get($key);
	}
	
	public function __set($key, $value){
		$this->register($key, $value);
	}
}

Posted: Thu Aug 31, 2006 6:18 pm
by Luke
no matter what... it always gives me a new session id for some reason... :?

Posted: Thu Aug 31, 2006 6:20 pm
by s.dot

Code: Select all

?> 
<?php
This would be sending headers. But, I don't see how that would affect your sessions. Weird stuff. Sorry, no answer here. =[

[edit]is $session->regenerate being set to true?