Jump to content

session sticking question

dadamssg

By dadamssg
in PHP Coding Help

 Share

Recommended Posts

dadamssg Advanced Member

dadamssg

Posted
Posted

i have a homepage...login script...and then a link to go to another page...problem= after i go to the homepage and login, it sends me to my homepage 'logged in', then when i click to the other page which DOES have session_start at the very top it will log me out. This only happens the FIRST time if i haven't been to my site in a few hours and logged in. Question= does the way i do my links have anything to do with my sessions not sticking a 100% of the time? i.e. if i do my links as

 

<a href= http://www.mysite.com/afolder/mypage.php>My Page</a>

 

as opposed to..

 

<a href= mypage.php>My Page</a>

 

the page that contains the link is in the same folder in cpanel, so wouldn't have to specify which folder. does anyone know if me using the link to scour the internet for this page as opposed to just my folder has anything to do with sessions sticking? or best practices or sessions holding? i canNOT for the life of me figure out why it does this

Link to comment
https://forums.phpfreaks.com/topic/153276-session-sticking-question/
Share on other sites
sKunKbad Advanced Member

sKunKbad

Posted
Posted

Just because you call session_start() doesn't mean that php knows that the user is logged in, because you must check the session data that is associated with that particular browser cookie, or PHPSESSID (if you have session ids appended to your links), and determine that a previously stored session variable contains some sort of token or value that is considered "logged in". The link itself shouldn't have anything to do with it. You need to show some code for a fix. I gotta go, but if you show code, somebody will help you out, or I will later.

dadamssg Advanced Member

dadamssg

Posted
  • Author
Posted

what do you wanna see? i have a my hompage, login script, and the other page? they're all fairly lengthy..and i don't know anything about setting cookies, or checking session ids, or tokens. i just set session variables when i login and then include session_start at the top of every page and check to see if the sessions are set and then there values to allow permissions to do certain things.

 

this is the part that sets the session variables in my login script

if ($num2 > 0)  // password is correct         
        {
	    if($row['active']=="8"){
           $_SESSION['auth']="yes";                    
           $logname=$username; 
           $_SESSION['logname'] = ucwords($logname);                       
           header("Location: /test/project12.php");

Maq Prolific Member

Maq

Posted
Posted
Question= does the way i do my links have anything to do with my sessions not sticking a 100% of the time?

 

No.

 

or best practices or sessions holding?

 

There really aren't "best practices" for session holding.  As long as you have session_start(); at the top of every page you want to use the session variables, they will 'stick'.

dadamssg Advanced Member

dadamssg

Posted
  • Author
Posted

 

displays the login form if they're not logged in

if ($_SESSION['auth'] != "yes")
           {
            echo "<div id= 'login'>
                   <form action='login.php' method='POST'>
                   <fieldset>
                       Username: <br><input type='text' name='fusername' 
                      size='15' maxlength='15'><br>
                       Password: <br><input type='password' name='fpassword' 
                      size='15' maxlength='15'><br>
				  <a href=/test/register_form.php>Register</a><br>
                   <input type='hidden' name='do' 
                                     value='login'>
           
                <center><input type='submit' name='log' 
                             value='Login'></center>
	      </fieldset>
                      </form></div><br>";
           }

 

displays reply button if theyre logged in...displays update button if the session variable matches who created the topic

if(isset($_SESSION['logname'], $_SESSION['auth']) && $_SESSION['auth'] =="yes")
   {
        echo "<center><form action='reply_form.php?id={$postid}' method='POST'>
        <input type='submit' name='do' value='Reply'>
         </form></center>";
}
echo "<br><br>";
if($_SESSION['logname'] == $row['createdby'])
{
echo "<center><form action='update_form.php?id={$postid}' method='POST'>
        <input type='submit' name='do' value='Update'>
         </form></center>";
}

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.