sessions not working for some users

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
hame22
Forum Contributor
Posts: 214
Joined: Wed May 11, 2005 5:50 am

sessions not working for some users

Post by hame22 »

Hi

I use sessions for my user authentication. This works perfectly fine on my machine however a number of users are being randomly "logged" out of the site when they navigate pages.

My login script is below - any ideas as to why this is happening and how it can be solved?

Thanks in adavance

Code: Select all

function login($username, $password)
{
	global $SITE_PATH;
	
	if(isset($_SESSION['valid_user']))
	{
		$login = 'Y';
		
		//$_SESSION['valid_user']	=	$member_id;
		$member_id = $_SESSION['valid_user'];
					
		$row 				= member_query($member_id);
		$last_login 			= $row['last_login'];
		$firstname			= $row['firstname'];
		$surname				= $row['surname'];
		$digest_format			= $row['digest_format'];
		
		if(empty($firstname) || empty($surname) || empty($digest_format))
				{
					//if first login or user has not completed details redirect to their account page
					if($_SERVER['REQUEST_URI'] != "/accounts/change-details.php?member_id=$member_id")
					{
						//only redirect if they are not on that page at present
						header('location: '.$SITE_PATH.'accounts/change-details.php?member_id='.$member_id.'');
					}
				}
		}
	else {
		if ($username && $password)
		{
			//they have tried to login in
			if (login_query($username, $password))
			{
				$member_id 		= get_memberid_query($username);
				$_SESSION['valid_user']	=	$member_id;
				
				
				$row 					= member_query($_SESSION['valid_user']);
				$last_login 			= $row['last_login'];
				$firstname				= $row['firstname'];
				$surname				= $row['surname'];
				$digest_format			= $row['digest_format'];
								
				update_lastlogin_query($member_id); //update when member last logged in
				
				if(empty($last_login) || empty($firstname) || empty($surname) ||  empty($digest_format))
				{
					//if first login or user has not completed details redirect to their account page
					if($_SERVER['REQUEST_URI'] != "/accounts/change-details.php?member_id=$member_id")
					{
						//only redirect if they are not on that page at present
						header('location: '.$SITE_PATH.'accounts/change-details.php?member_id='.$member_id.'');
					}
				}
				$login = 'Y';
			}
			else {
				//unsuccessful login
				//print '<p>You could not be logged in</p>';
				//return false;
				$login = 'N';
			}
		}	
	}
	return $login;
}
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Post by Benjamin »

Your code is a bit messy. Without seriously looking at it, do you think that perhaps one of these could be evaluating to false?

Code: Select all

if(empty($firstname) || empty($surname) || empty($digest_format))
hame22
Forum Contributor
Posts: 214
Joined: Wed May 11, 2005 5:50 am

Post by hame22 »

i dont think it is that,

the user can login fine and move around the pages of the site. However on random pages the script does not pick up the user session so it appears that they are logged out.

I have used session_start(); on each of my pages
Post Reply