Page 1 of 2
session and redirects
Posted: Fri Aug 11, 2006 8:39 am
by Charles256
Okay. here's the system..user logs in.if login successful redirect to a new page.however, whenever I redirect to a new page all the session information is lost and they are not logged.if i do not redirect it works. and yes, the redirect comes after the set session variables code. can anyone think of any reason for this? it's IIS server running PHP4.
Posted: Fri Aug 11, 2006 8:43 am
by Oren
The two things that come to my mind which might help you are:
1. Set PHP to show all kind of errors and see what you get.
2. If you have a firewall, turn it off and see what happens.
Posted: Fri Aug 11, 2006 8:56 am
by s.dot
Are you calling exit; after your redirect? This could have an effect if the code after your redirect is ran and effects the session.
Posted: Fri Aug 11, 2006 9:59 am
by feyd
might need to tack in
session_write_close() .. or add the session id to the URL you redirect toward to make sure it transfers.
Posted: Fri Aug 11, 2006 10:50 am
by Charles256
thanks for the suggestions.i'll get back with yoyu all once i try them.
Posted: Thu Aug 31, 2006 5:32 pm
by Luke
Sorry to bump... but I'm having this same problem... tried all of these suggestions... no luck.
Posted: Thu Aug 31, 2006 5:41 pm
by s.dot
This may be painstakingly obvious..... but is session_start() called on the page that is being redirected to?
Also.. try passing the session id via the url, something like:
Code: Select all
header('Location: next_page.php?PHPSESSID='.session_id());
Posted: Thu Aug 31, 2006 5:43 pm
by Luke
scottayy wrote:This may be painstakingly obvious..... but is session_start() called on the page that is being redirected to?
yes
scottayy wrote:Also.. try passing the session id via the url, something like:
Code: Select all
header('Location: next_page.php?PHPSESSID='.session_id());
no luck

Posted: Thu Aug 31, 2006 5:44 pm
by GeXus
The Ninja Space Goat wrote:scottayy wrote:This may be painstakingly obvious..... but is session_start() called on the page that is being redirected to?
yes
scottayy wrote:Also.. try passing the session id via the url, something like:
Code: Select all
header('Location: next_page.php?PHPSESSID='.session_id());
no luck

comment out your redirect and try checking isset session_id
Posted: Thu Aug 31, 2006 5:45 pm
by Luke
it's set... everything is fine until the redirect
Posted: Thu Aug 31, 2006 5:48 pm
by GeXus
The Ninja Space Goat wrote:it's set... everything is fine until the redirect
Code: Select all
header('Location: next_page.php?PHPSESSID=test');
will that work?
Posted: Thu Aug 31, 2006 5:48 pm
by s.dot
Is any session data being saved at all? Try echo session_id().
Not too long ago I had a session_id() set to the value 'deleted', and all my session data was lost. It's a PHP bug.
Posted: Thu Aug 31, 2006 6:07 pm
by Luke
this is driving me nuts. It doesn't matter if I redirect or not. I can just click in the url and push enter and ALL session data is gone. could it have something to do with my session class?
Code: Select all
<?php
/**
* Registry class for storing just about anything
*
* This class is basically just a wrapper for an associative array. It
* can be used to store any type of data that an associative array can.
* The most common use for this class is to extend it to allow storage
* in almost any type of class that needs to store data such as
* a session class, an object registry, etc.
*
* @abstract
* @author Luke Visinoni <luke.visinoni@gmail.com>
* @copyright Luke Visinoni August 20th 2006
*/
class Registry{
/**
* Container for all registered data passed to this class
* @access protected
*/
protected $entries = array();
/**
* Add a value to registry data
* @access public
* @param string $key Associative data array key
* @param mixed $value Associative data array value
*/
public function register($key, $value){
$this->entries[$key] = $value;
}
/**
* Remove a value from registry data
* @access public
* @param string $key Associative data array key
*/
public function unregister($key){
unset($this->entries[$key]);
}
/**
* Retrieve a value from registry data
* @access public
* @param string $key Associative data array key
* @return mixed
*/
public function get($key){
return isset($this->entries[$key]) ? $this->entries[$key] : null;
}
/**
* Check that a key exists within registry data
* @access public
* @param string $key Associative data array key
* @return bool
*/
public function has($key){
return $key ? isset($this->entries[$key]) : false;
}
/**
* Destroy all information stored in this registry
* @access public
*/
public function flush(){
$this->entries = array();
}
/**
* Magic wrapper for get()
* @access public
* @param string $key Associative data array key
* @return mixed
*/
/*
public function __get($key){
return $this->get($key);
}*/
/**
* Magic wrapper for register()
* @access public
* @param string $key Associative data array key
* @param string $value Associative data array value
*/
/*
public function __set($key, $value){
$this->register($key, $value);
}*/
}
?>
<?php
// This is for debug use only
//set_include_path(get_include_path() . PATH_SEPARATOR . "../../libraries" . DIRECTORY_SEPARATOR);
//require_once 'Registry.php';
//require_once 'Database.php';
/**
* Session handler
*
* A class for working with a session. This class is extended
* to provide a particular object or area of an application with its
* own namespace within the session data. This allows for different
* classes to play nicely together and not overwrite or delete session
* data they aren't supposed to.
*
* @author Luke Visinoni <luke.visinoni@gmail.com>
* @copyright Luke Visinoni August 20th 2006
*/
class Session extends Registry{
/**
* Container for session id
* @access public
* @var string
* @static
*/
public static $id = null;
/**
* This particular instance's namespace
* @access public
* @var string
*/
protected $namespace;
/**
* Set to true if you would like for session's id to be regenerated
* @access protected
* @var bool
*/
protected $regenerate;
/**
* Constructor
* @param string $namespace
* @param bool $regenerate
*/
public function __construct($namespace='Session', $regenerate=null) {
$this->namespace = $namespace;
$this->regenerate = $regenerate;
$this->start();
}
/**
* Initialize the session
*
* This method starts the session. Once the session is started, it tries to correct
* a known IE problem. (Need to find out more about this problem). Now it checks
* regenerates the session id, if specefied, and associates entries with our session.
*
* @access public
* @todo research ie problem that the session_cache_limiter is supposed to fix
*/
public function start(){
if(session_id() == ''){
session_start();
if (strstr($_SERVER['HTTP_USER_AGENT'], 'MSIE')){
session_cache_limiter('must-revalidate');
}
self::$id = session_id();
}
if ($this->regenerate){
session_regenerate_id();
}
$this->entries =& $_SESSION[$this->namespace];
}
//public function __destruct(){
// session_write_close();
//}
/**
* Destroy the session
*
* This destroys the session, and optionally the cookie
*
* @access public
* @todo finish cookie destroy
* @param $killcookie bool
*/
public function destroy($killcookie=true){
$this->flush();
session_destroy();
//if($killcookie) setcookie($this->id);
}
public function close(){
session_write_close();
}
public function __get($key){
return $this->get($key);
}
public function __set($key, $value){
$this->register($key, $value);
}
}
Posted: Thu Aug 31, 2006 6:18 pm
by Luke
no matter what... it always gives me a new session id for some reason...

Posted: Thu Aug 31, 2006 6:20 pm
by s.dot
This would be sending headers. But, I don't see how that would affect your sessions. Weird stuff. Sorry, no answer here. =[
[edit]is $session->regenerate being set to true?