Page 1 of 1
Is there a way to preserve SESSIONS after a header redirect?
Posted: Tue Jul 22, 2008 3:57 pm
by antoine
I have set up a login on my website for clients. In my database, I have a row called "redirect", and in the login.php processor, it checks a bunch of 'ifs' and finally outputs a "header(Location: $_SESSION[redirect])" (which is a complete URL). It works fine and redirects each client to their own client redirect page, but I decided I wanted to make one dynamic PHP page for every client, where the content changes based on 'who' is logged in.
However, when I try to call $_SESSION[username], it comes up blank. I have researched a little and found out that this happens after a header redirect, but I haven't been able to find a suitable way to keep the session in tact after the redirect.
I tried using print and echo to redirect to an href, but the redirecting page sits there endlessly doing nothing. So I now was wondering what other method I could use to save the sessions until the client logs out.
Could I add a code in login.php to create a table and store the session variable there, so that I can call it up until I delete the table in logout.php?
If so, what codes would I use and how would I implement them? Also, how would I retrieve this data using PHP (ie on the client home page)? I'm not very advanced, and have used a lot of help to get this far, so the more detailed and simple, the better.
If not, can anyone think of another solution to this problem?
Preferably, I would like to not have to create a static HTML page for every client, unless it's an absolute must (or the only way without reprogramming all of my processing.php [login, logout, admin, etc] pages.
Thanks...
Re: Is there a way to preserve SESSIONS after a header redirect?
Posted: Tue Jul 22, 2008 4:04 pm
by Christopher
Use session_write_close() before the redirect (I think that is what it is called?). The problem is that both pages in the redirect are within one request, so you must manually write the session data between pages.
Re: Is there a way to preserve SESSIONS after a header redirect?
Posted: Tue Jul 22, 2008 4:06 pm
by Dynamis
Header redirect does not remove your session or session variables. I currently use it on a process I'm working on. I call header redirect to another page and can still access all of my session information. Double check and make sure you have
on, or included in, the page you are redirecting to. That must be on every page, as well as your process page if you are processing a form for example. So your form goes to process.php, that better have the session_start() at the top or the session will get out of wack.
Re: Is there a way to preserve SESSIONS after a header redirect?
Posted: Tue Jul 22, 2008 4:12 pm
by antoine
I've already tried both of those things, but the session doesn't seem to save.
Re: Is there a way to preserve SESSIONS after a header redirect?
Posted: Tue Jul 22, 2008 4:42 pm
by Eran
Check if your sessions directory exists and is writeable
Re: Is there a way to preserve SESSIONS after a header redirect?
Posted: Tue Jul 22, 2008 5:29 pm
by antoine
pytrin wrote:Check if your sessions directory exists and is writeable
How do I do this? I use Bravenet Hosting, if that helps.
Also, since it is shared hosting, it is probably safer using another method. I was considering using "fwrite" to write the username to a file, and then in the next file, I would read and echo it, and on logout, I would unlink it. However, I can't seem to write a session variable to it...
Any suggestions/reasons why this method would or wouldn't work?
Re: Is there a way to preserve SESSIONS after a header redirect?
Posted: Tue Jul 22, 2008 5:30 pm
by Eran
Run this on your server:
Code: Select all
var_dump(is_writable(session_save_path()));
Re: Is there a way to preserve SESSIONS after a header redirect?
Posted: Tue Jul 22, 2008 5:34 pm
by mattinahat
this may sound obvious but it didn't look like anybody else has mentioned it...
<?php session_start(); ?>
needs to be the first line of any code on every page. sure you know that already but when I started working with sessions it took me a while to figure that out.
also, some redirect codes can mess with browser cookies, this might possibly be throwing the session out.
Re: Is there a way to preserve SESSIONS after a header redirect?
Posted: Tue Jul 22, 2008 5:35 pm
by antoine
When I write:
Code: Select all
var_dump(is_writable(session_save_path()));
all I get is "bool(true)"... I'm assuming that means it is?
Re: Is there a way to preserve SESSIONS after a header redirect?
Posted: Tue Jul 22, 2008 5:37 pm
by antoine
Thanks mattinahat, but I have that and it still is not working...
Re: Is there a way to preserve SESSIONS after a header redirect?
Posted: Tue Jul 22, 2008 6:39 pm
by antoine
UPDATE:
I have used the "fwrite" and "fread" commands and have been able to save the session as a .txt file.
The stripped down codes:
In login.php:
Code: Select all
[color=#FF0000]<?php[/color]
[color=#0000FF]session_start[/color]();
$username [color=#0000FF]= $_POST[/color][username];
$myFile [color=#0000FF]=[/color] [color=#800000]"ClientUserTest.txt"[/color];
$fh [color=#0000FF]= fopen[/color]($myFile, [color=#800000]'w'[/color]) or die([color=#800000]"Can't open file"[/color]);
$stringData [color=#0000FF]=[/color] [color=#800000]"$username\n"[/color];
[color=#0000FF]fwrite[/color]($fh, $stringData);
[color=#0000FF]fclose[/color]($fh);
[color=#FF0000]?>[/color]
and in the redirected page:
Code: Select all
[color=#FF0000]<?php[/color]
[color=#0000FF]session_start[/color]();
$myFile [color=#0000FF]=[/color] [color=#800000]"../ClientUserTest.txt"[/color];
$fh [color=#0000FF]= fopen[/color]($myFile, [color=#800000]'r'[/color]);
$theData [color=#0000FF]= fgets[/color]($fh);
[color=#0000FF]fclose[/color]($fh);
[color=#FF0000]?>[/color]
[color=#0040BF]<html><head></head><body>[/color]
Welcome, [color=#FF0000]<?php[/color] [color=#0000FF]echo[/color] $theData [color=#FF0000]?>[/color]!
[color=#0040BF]</body></html>[/color]
So this works fine, but I don't think I should have to resort to this. The discussion is still open and any new ideas are welcome.
Thanks