a session problem

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

a session problem

Post by raghavan20 »

I am sorry to say that I cannot present any code for the problem but I will take enough to explain things properly.
I have the following pages,
login page
duty: gets username and password; validates; if successful, sets $_SESSION['userName']=<current_user>

verify session page
duty: verifies whether $_SESSION['userName'] exists and if exists checks whether those names are actually registered with the website.

index page
duty: just holds navigation links

all others pages are not our concern.


first when the user goes to index page, the 'verify session' page is called, it cannot find the session variable 'userName' and it redirects to login page.

after login and successful validation; session variable is set( personally verified by printing out $_SESSSION which holds the userName key ); redirects to index page.

when index page is refreshed, it checks whether session is valid by calling 'session page', when it checks for session variable 'userName', it does not exist. It now has mysteriously disappeared. so this page redirects to login page to login again.


but when i login the second time, gets validated; session variable, 'userName' set; redirects to index page;
when refreshed; session is validated; variable found; stays in index page and no problems there after.

so this problem keeps happening only when i open a new IE of Firefox browser and try to access index page which basically redirects to login and i login and redirects to index page and click on any of the links, session variable disappears and asks me to login.

have any of you guys faced this problem. please advice.
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Post by Weirdan »

Image Does the following work?
index.php

Code: Select all

session_start();
require 'inc/session_check.php';

echo "Only logged in user can see this! Unauthorized people won't see it.";
inc/session_check.php

Code: Select all

if(!isset($_SESSION['username'])) {
    header('Location: /login.php');
    die();
}
login.php

Code: Select all

session_start();
if(isset($_POST['username']) && isset($_POST['password'])) {
   if($_POST['username'] == 'TheUser' && $_POST['password'] == 'ThePassword') {
       // login successful
       $_SESSION['username'] = $_POST['username'];
       header('Location: /index.php');
       die();
   } else {
       // login failed
       header('Location: /login.php');
       die();
   }
} else {
echo <<<HTML
<form action='/login.php' method='post'>
  <label>Username<input type='text' name='username' /></label>
  <label>Password<input type='password' name='password' /></label>
</form>
HTML;
}
Post Reply