sessions not working for some users
Posted: Thu Mar 29, 2007 4:42 am
Hi
I use sessions for my user authentication. This works perfectly fine on my machine however a number of users are being randomly "logged" out of the site when they navigate pages.
My login script is below - any ideas as to why this is happening and how it can be solved?
Thanks in adavance
I use sessions for my user authentication. This works perfectly fine on my machine however a number of users are being randomly "logged" out of the site when they navigate pages.
My login script is below - any ideas as to why this is happening and how it can be solved?
Thanks in adavance
Code: Select all
function login($username, $password)
{
global $SITE_PATH;
if(isset($_SESSION['valid_user']))
{
$login = 'Y';
//$_SESSION['valid_user'] = $member_id;
$member_id = $_SESSION['valid_user'];
$row = member_query($member_id);
$last_login = $row['last_login'];
$firstname = $row['firstname'];
$surname = $row['surname'];
$digest_format = $row['digest_format'];
if(empty($firstname) || empty($surname) || empty($digest_format))
{
//if first login or user has not completed details redirect to their account page
if($_SERVER['REQUEST_URI'] != "/accounts/change-details.php?member_id=$member_id")
{
//only redirect if they are not on that page at present
header('location: '.$SITE_PATH.'accounts/change-details.php?member_id='.$member_id.'');
}
}
}
else {
if ($username && $password)
{
//they have tried to login in
if (login_query($username, $password))
{
$member_id = get_memberid_query($username);
$_SESSION['valid_user'] = $member_id;
$row = member_query($_SESSION['valid_user']);
$last_login = $row['last_login'];
$firstname = $row['firstname'];
$surname = $row['surname'];
$digest_format = $row['digest_format'];
update_lastlogin_query($member_id); //update when member last logged in
if(empty($last_login) || empty($firstname) || empty($surname) || empty($digest_format))
{
//if first login or user has not completed details redirect to their account page
if($_SERVER['REQUEST_URI'] != "/accounts/change-details.php?member_id=$member_id")
{
//only redirect if they are not on that page at present
header('location: '.$SITE_PATH.'accounts/change-details.php?member_id='.$member_id.'');
}
}
$login = 'Y';
}
else {
//unsuccessful login
//print '<p>You could not be logged in</p>';
//return false;
$login = 'N';
}
}
}
return $login;
}