Losing session when redirecting

[king arthur]

I am building a site with a membership system. It uses sessions, with a variable $_SESSION["loggedin"] to indicate if the user is logged in or not, and this is used by the menu code to give access to the free pages if not logged in, and the member pages if logged in.

I have it working and have got a few members joining up but noticed from my stats that one or two didn't seem to be able to access the members pages after successfully logging in. The login page does a header redirect as soon as the user has correctly entered their details, and I found that if the browser is not accepting cookies, the session ID is not appended to the URL and therefore the session is lost. This may not be the whole problem but it is a problem.

Is there any way of getting PHP to add the session ID to the URL when doing a header redirect, when a cookie cannot be sent? Or should I just redesign my login page to work another way. Also is there any other reason why the session could be getting lost, as it didn't look like these members were actually blocking cookies. I have session_start() at the top of every page.

[ToonMariner]

have a read on the session.use_cookies and session.use_only_cookies and have a look at [url=http://uk2.php.net/manual/en/ini.php#ini.list]http://uk2.php.net/manual/en/ini.php#ini.list[/url]

[Cep]

Yes there is,

Use this instead,

[code]
function redirector($location) {
  $sname = session_name();
  $sid = session_id();

  if( strlen( $sid ) < 1 ) {
      Header( $location );
      return;
  }

  if( isset( $_COOKIE[ $sname ] ) || strpos( $location, $sname."=".$sid ) !== false ) {
      Header( $location );
      return;
  } else {
      if( strpos( $location, "?" ) > 0 )
          $separator = "&";
      else
          $separator = "?";

      $fixed = $location . $separator . $sname."=".$sid;
      Header( $fixed );
      return;
  }
}
[/code]