Odd session error
Moderator: General Moderators
Odd session error
When a user logs into the site I'm working on, the frontpage creates $_SESSION information if it does not already exist. Other pages on the site check the session variables to confirm authentication. However, in IE on remote machines (i.e. machines that are not the webserver hosting the site) when I go to another page (even the login page again) the session variables are not passed (the session information seems to vanish in to the ether).
Firefox everywhere and IE run in the webserver that hosts the site keep the session information and everything works fine.
Anyone run into this before and have a clue how to fix it (or just have an idea on what's wrong)?
It's a Win2k3 server running PHP 4.3.10 and IIS 6
Firefox everywhere and IE run in the webserver that hosts the site keep the session information and everything works fine.
Anyone run into this before and have a clue how to fix it (or just have an idea on what's wrong)?
It's a Win2k3 server running PHP 4.3.10 and IIS 6
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
The first line on each page is
and my login information goes as such
I am using IIS's NTLM automagic authentication (this is an intranet site).
The beginning of each page starts with:
I'm not doing anything that complex, and Firefox has no problems, and IE from the webserver had so issues either. Only IE anywhere else.
Code: Select all
session_start()Code: Select all
// Login Area
if($_SESSIONї'username'] == '') { // User is not logged in yet
if($_SERVERї"REMOTE_USER"] == ''){ // Incorrent login information
die('An error has occured retrieving your logon information.<br />Please contact the system administrator to gain access.');
} else { // Good logon info
$remUsr = $_SERVERї"REMOTE_USER"];
$username = explode('\'', $remUsr);
$sql = "SELECT * FROM SYS_staff WHERE username='$usernameї1]'";
$whoami = $dbh->getRow($sql, DB_FETCHMODE_ASSOC); if (DB::isError($whoami)) { die($whoami->getMessage()); }
if(count($whoami) == 9) { // check if account exists
// if it does, set session variables
$_SESSIONї'state'] = 'loggedIn';
$_SESSIONї'username'] = $whoamiї'username'];
$_SESSIONї'nameLast'] = $whoamiї'nameLast'];
$_SESSIONї'nameFirst'] = $whoamiї'nameFirst'];
$_SESSIONї'nameMI'] = $whoamiї'nameMI'];
$_SESSIONї'namePrefix'] = $whoamiї'namePrefix'];
$_SESSIONї'nameSuffix'] = $whoamiї'nameSuffix'];
$_SESSIONї'lastLogIn'] = $whoamiї'lastLogIn'];
$_SESSIONї'permissions'] = $whoamiї'system_permissions'];
} else { // if not, deny access
$diemsg = "You ($remUsr) do not appear to have an account in this system.<br />Please contact the system administrator to gain access.";
die("$diemsg");
}
}
}The beginning of each page starts with:
Code: Select all
session_start();
if($_SESSIONїstate] != 'loggedIn') {
die("You session has timed out.");
}- smpdawg
- Forum Contributor
- Posts: 292
- Joined: Thu Jan 27, 2005 3:10 pm
- Location: Houston, TX
- Contact:
Out of curiousity, please place an echo $sql; after this line.
Code: Select all
$sql = "SELECT * FROM SYS_staff WHERE username='$usernameї1]'";Code: Select all
SELECT * FROM SYS_staff WHERE username='VHATAMGubleD2'