issues with sessions and redirects

[bruckerrlb]

I'm having a problem with sessions, and not sure what's happening weather the issue could be server related or if my code just broke. Last week I was working on an application, basically you login and print off forms. It was working fine last week, and then I go to login today and it's not letting me login.

 

The login page (index.php) goes to a page where it checks the db to see if the users credentials are in the database, and then it starts to store a session, and I believe this is where I'm having the issue.

 

It stores the session like this:

while($dbx = mysql_fetch_row($dbQuery)) {

		$_SESSION['SessID'] = session_id();

		$_SESSION['UserID'] = $dbx[0];

		$session=$_SESSION['UserID'];

	setcookie("Name", $dbx[1], time()+3600);

 

It then gets redirected to a new page, the index page for the client. On this page, there's a test to see if the user has the appropriate session data

 

<?	session_start();

if ($_SESSION['SessID'] != session_id())

{



header("Location: index.php");

}

?>

 

I see it's getting tested to see if it's the same, but it keeps throwing me back to index.php to re-login. So, my question is, how can I test to see what data session_id() is throwing out, I'm not sure if this is a problem with the server or if I'm not declaring session_start() early enough, any advice would be greatly appreciated.

 

[cags]

Have you tried using a die statement just before your test to echo out session_id and $_SESSION['SessID'] to ensure they are the same? What browser are you trying it in? Have you tried it in different browsers?

[bruckerrlb]

Hey, I got it working, basically just had to test it out real quick to see what was going on, so I commented the header redirect and threw this in there

 

$printthis = $_SESSION['SessID'];
$sessionidvar = session_id();
print "this is the session $printthis and this is $sessionidvar";

 

and $printthis wasn't spitting out, after looking a little closer, it seems that the variable was getting declared in a while statement that was based on a sql statement, so I just moved it out of that statement, and it works now. I appreciate the help!

[mrMarcus]

just an unrelated observation.

 

don't use short-tags (<?).  instead, use long-tags (<?php) .. otherwise, you'll be back here in the not-so-distant future, wondering why your code isn't working anymore, while in fact, it's just 'cause your version of PHP was upgraded by your host/admin/etc, and short-tags aren't allowed on your server anymore.

 

so, get in the habit of using <?php instead of <?, in all instances.

 

*i'd even go back through your code and update each <? to <?php (a simple search & replace will get that job done quick).

[bruckerrlb]

Thanks for the advice! Basically this is old code someone else wrote, and while I should be doing things like fixing the short tags first (among a ton of other things), I just wanted to dive head first into getting this thing functional, but your right maybe if I fix the small things I can come here to contribute with knowledge and not post bizarre questions lol.

[mrMarcus]

Thanks for the advice! Basically this is old code someone else wrote, and while I should be doing things like fixing the short tags first (among a ton of other things), I just wanted to dive head first into getting this thing functional, but your right maybe if I fix the small things I can come here to contribute with knowledge and not post bizarre questions lol.

 

thing is, getting your code up to par in terms of eliminating all deprecated code/practices, ie. use full tags <?php, replace session_register with $_SESSION (if applicable), lose register_globals(), and so on, and you will save yourself some time down the road in both rework (when you might not have the time), and migraine heacaches.