Page 1 of 1

sessions not carried over in firefox new tabs...

Posted: Wed Sep 24, 2008 5:05 am
by pavanpuligandla
hii..
herez a small problem with session handling,
when i login to my application sessions are being registered, that is okay, and after getting logged in i can see the members page well, but when i'm opening the the loginpage.htm again in the new tab of firefox browser, i'm able to see the login page itself and not the members page.
the sessions are not being synchronized, why is this happening?

i tried to include session.php in the login page itself, so if the user is already logged in even though when i open a login page it shld be redirected to members page instead itz showing me server configuration error on the browser.
i'm here with attaching my code..kindly help me with ur ideas and suggestions..
logincheck.php

Code: Select all

<?php
 session_start();
 require_once 'securesession.class.php';
 //Connect to mysql server
    $link=mysql_connect("localhost","root","");
    if(!$link) {
        die('Failed to connect to server: ' . mysql_error());
    }
    //Select database
    $db=mysql_select_db("tge");
    if(!$db) {
        die("Unable to select database");
    }
 
$username = strip_tags($_POST['username']);
$password = strip_tags($_POST['password']);
$encrypt = sha1($password);
 
$query="SELECT * FROM login WHERE username='" . mysql_real_escape_string($username) . "' AND password='".   mysql_real_escape_string ($encrypt). "'";
    
    //require_once('attempt.log.class.php'); 
    $result=mysql_query($query);
    $rows2=mysql_fetch_array($result);
    if($rows2["password"] == $encrypt && $rows2["username"] == $username )
        {
        if(mysql_num_rows($result)>0) 
            {
            //Login Successful
            
            $start=time();
            $_SESSION['time_start']=$start; 
            $_SESSION['username']=$username;
            $_SESSION['password']=$encrypt;
            $_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
            
            $ss = new SecureSession();
      $ss->check_browser = true;
      $ss->check_ip_blocks = 2;
      $ss->secure_word = 'SALT_';
      $ss->regenerate_id = true;
      $ss->Open();
      $_SESSION['logged_in'] = true;
      
            //include "ip_bann.php";
            include "authn.php";
            include "scsession.php";
            header("Location: redirect.php");
            exit(); 
            }
            
      else {
            //Login failed
            require_once('attempt.log.class.php');
            session_destroy();
            header("location: loginfail.htm");
            exit();
            }
        }
      else{
           require_once('attempt.log.class.php');
           session_destroy();
           header("location: loginfail.htm");
          }
 
?>
authn.php code goes here:

Code: Select all

<?php
 require_once 'securesession.class.php';
    //Start session
    session_start();
    //Check whether the session variable
    //SESS_username is present or not
    $ss = new SecureSession();
  $ss->check_browser = true;
  $ss->check_ip_blocks = 2;
  $ss->secure_word = 'SALT_';
  $ss->regenerate_id = true;
  if (!$ss->Check() || !isset($_SESSION['logged_in']) || !$_SESSION['logged_in'])
  {
      header("location: login.htm");
        exit();
  }
?>
can anyone help me out,how to overcome this..
if user logs in to gmail.com and tries to open gmail.com/login in the same browser's new tab, then the mailbox of tht particular user's loads not the login page of gmail. rite..
but in my applicationn, the login page is being opened instead of members page.
hope u understand my problem..
Many thnx,
pavan

Re: sessions not carried over in firefox new tabs...

Posted: Wed Sep 24, 2008 11:02 am
by Christopher
Tabs are all within the same session. You will probably need to session_write_close() (?) and possibly refresh frames or do other tricks to guarantee display order. Using a layout rather than frames is one solution.