SESSION Variable Problem

[danielc111]

I'm using Session variables for the first time on a site I'm developing. I had it working fine while I was doing some admin and testing in subfolders. But the problem is I'm losing the session variables when I load the page from www.example.com, but it works from www.example.com/index.php. I would be happy to post some code if needed.

 

[Fadion]

Loading example.com/ and example.com/index.php should be the same, unless you have a "index.html" (typical in Apache installation: in DirectoryIndex, index.html is served first). Otherwise, session data should be available. Try posting some code.

[danielc111]

function validateUser($id){    
session_regenerate_id (); 
    $_SESSION['valid'] = 1;
$_SESSION['userid']=$id;
return true;
}

function isLoggedIn(){
    if($_SESSION['valid'])
return true;
return false;
}

 

So when the user logs in with a correct password, I pass their id to the validateUser function. This sets the variable. Then I is the isLoggedIn function to see if there is a session site while they are on the site.

 

I have no .html files on the server. I have some other php that works fine on example.com and example.com/index.php

[rdkd1970]

Try this on your after session

 

<?php
//Start session
session_start();

//Check whether the session variable SESS_MEMBER_ID is present or not
if(!isset($_SESSION['SESS_ID']) || (trim($_SESSION['SESS_ID']) == '')) {
	header("location: access-denied.php");
	exit();
}
?>

 

this should go on all the top of your pages.

[danielc111]

That works beautiful and simple enough to tell whether a user is logged in or not.

 

To take it one step further, since I am still losing my $_SESSION['userid'] variable on www.example.com, would it be good practice to find the user id by retrieving it from the mysql row that contains the $_SESSION['SESS_ID'] string vs. passing it around as a session variable?

 

Thank you for your help!