Jump to content

Recommended Posts

I have a really weird problem. I know sessions are stored on the server, but this problem only happens in IE 7. Basically I have a few pages, and each page makes sure a session variable is set, if it inst, then I display an error.

 

When I login with firefox and navigate to and from the pages everything works perfect, no error indicating that the session inst set.

 

When I login with IE 7 and navigate it works when I go to a page back, then to another page, but when I go back to the first page I see the error that the session inst set.

 

This makes no sense. Any ideas? I could post code but its quite involved and involves 3 pages.

 

 

Any ideas on this? It is still happening, I have degubbed for hours, I changed the name of session, nothing works. The code work perfect in mozilla, its like I.E. unsets the session which makes no sense at all. This is really pissing me off, because I have created well over 5 applications that use PHP sessions and never had a problem.

Wow multiposter.. slow down. Be patient some people have to read your post first. I get this problem all the time and its sometimes caused by IE7 not reading the includes properly and terminating them (I Think?! ;)) Try putting

 

session_start();

session_auto.start();

 

At the top of every page!

Test it out by putting in 3 or 4 pages at first so you dont waist your time realizing that it doesnt work!

No, cookies are NOT blocked, but one of my pages uses a javascript and ajax based popup window script called LightWindow, I wonder if somehow this is causing IE to loose the session. This makes no sense.

ok well, this could get long, but here goes nothing. THis is going to very hard to debug since the code is very complex.

 

Login Page

 

<?php
session_start();
session_unset();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<?php
require_once("includes/functions.php");
require_once("includes/pref.php");
require_once("includes/crypto.php");
require_once("includes/db_config.php");
require_once("includes/db_connect.php");

if(isset($_GET['2e8a2cff']))
{
	$invoice_id = decrypt($_GET['2e8a2cff']);
}
?>
<title><?php echo $GBL_title; ?></title>
<script type="text/javascript" src="includes/jscript.js"></script>
</head>
<body style="height: 100%;">
<form name="loginForm" method="get" action="index.php">
<input type="hidden" name="2e8a2cff" value="<?php echo $_GET['2e8a2cff']; ?>" />
<div style="width: 500px; position: relative; top: 5px; margin: auto; border: 1px solid #000000; background-color: #FFFFFF;" align="center">
<table border="0" cellpadding="3" cellspacing="3" align="center" width="100%">
    	<tr>
        	<td align="left" width="77%"><img src="images/logo_white.jpg" border="0" /></td>
            <td align="right" width="23%"> </td>
        </tr>
        <tr>
        	<td colspan="2" align="right">Please provide your client username and password.</td>
        </tr>
        <tr>
        	<td align="right"><label>Client Username:</label></td>
            <td align="right"><input type="text" id="username" name="username" value="<?php echo $_GET['username']; ?>" size="20" maxlength="20" title="Username" /></td>
        </tr>
        <tr>	
        	<td align="right"><label>Password:</label></td>
            <td align="right"><input type="password" id="password" name="password" value="<?php echo $_GET['password']; ?>" size="20" maxlength="75" title="Password" /></td>
        </tr>
        <tr>
        	<td align="right"> </td>
            <td align="center"><input type="submit" id="action" name="action" value="Login" /></td>
        </tr>
    </table>
<div id="errorBox" style="background-color: #EEEEEE; width: 100%; height: 16px; padding-top: 5px; padding-bottom: 5px; border-top: 1px solid #000000; visibility: hidden;"> </div>
</div>
</form>
<?php
if(isset($_GET['username']) && isset($_GET['password']) && !empty($_GET['username']) && !empty($_GET['password']))
{
	$sql = "SELECT customers.id, AES_DECRYPT(customers.password, '" . $GBL_crypt_key . "') as passwd FROM customers, invoices WHERE invoices.associated_customer_id = customers.id AND customers.username = " . mysql_smart_quote(strtoupper($_GET['username'])) . " AND invoices.is_disabled = 0 LIMIT 1";
	$result = mysql_query($sql) or die(fatal_error_alert(mysql_error(), $sql));
	$row = mysql_fetch_assoc($result);

	//Invalid Username || Password
	if(mysql_num_rows($result) == 0 || strtoupper($row['passwd']) != strtoupper($_GET['password']))
	{
		echo '<script type="text/javascript">
				document.getElementById("errorBox").innerHTML = \'<font color="red">Error:</font> Invalid username or password provided. Please try again.\';
				document.getElementById("errorBox").style.visibility = \'visible\';
			  </script>';
	}
	//Valid Username & Password
	else
	{
		$session_customer_id = $row['id'];
		$_SESSION['cust_id'] = $session_customer_id;

		if(!isset($invoice_id) || empty($invoice_id))
		{
			//Set to nothing on purpose
			$_SESSION['session_invoice_id'] = "";

			echo '<script type="text/javascript">
				document.getElementById("username").disabled = true;
				document.getElementById("password").disabled = true;
				document.getElementById("action").disabled = true;
				document.getElementById("errorBox").innerHTML = \'Please Wait. Loading... <img src="images/ajaxLoading.gif" title="Loading..." />\';
				document.getElementById("errorBox").style.visibility = \'visible\';
				redirect(\'listing.php\', 2000);
			  </script>';	
		}
		else
		{
			$_SESSION['session_invoice_id'] = $invoice_id;

			echo '<script type="text/javascript">
				document.getElementById("username").disabled = true;
				document.getElementById("password").disabled = true;
				document.getElementById("action").disabled = true;
				document.getElementById("errorBox").innerHTML = \'Please Wait. Loading... <img src="images/ajaxLoading.gif" title="Loading..." />\';
				document.getElementById("errorBox").style.visibility = \'visible\';
				redirect(\'invoice.php\', 2000);
			  </script>';
		}

		die();	
	}
}
else if( ($_GET['username'] == NULL) && (isset($_GET['action'])) )
{
	echo '<script type="text/javascript">
				document.getElementById("errorBox").innerHTML = \'<font color="red">Error:</font> Invalid username provided. Please try again.\';
				document.getElementById("errorBox").style.visibility = \'visible\';
		  </script>';
}
else if( ($_GET['password'] == NULL) && (isset($_GET['action'])) )
{
	echo '<script type="text/javascript">
				document.getElementById("errorBox").innerHTML = \'<font color="red">Error:</font> Invalid password provided. Please try again.\';
				document.getElementById("errorBox").style.visibility = \'visible\';
		  </script>';
}
?>
</body>
</html>

 

And here is the check once they are logged in:

 

<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<?php
require_once("includes/functions.php");
require_once("includes/pref.php");
require_once("includes/crypto.php");
require_once("includes/db_config.php");
require_once("includes/db_connect.php");

//Came From Listing
if(empty($_SESSION['session_invoice_id']) || !isset($_SESSION['session_invoice_id']))
{

	//We Must Have A Customer ID Session
	if(!isset($_SESSION['cust_id']))
	{
		die(fatal_error_alert("Missing required session", "NULL"));	
	}

	//We Must Have A Passed In Invoice Via Get
	if(!isset($_GET['2e8a2cff']) || empty($_GET['2e8a2cff']))
	{
		die(fatal_error_alert("Missing required parameter", "NULL"));
	}

	//Valid
	$invoice_id = decrypt($_GET['2e8a2cff']);
}
//Came From Login Screen
else
{
	//We Must Have  A Customer ID Session
	if(empty($_SESSION['cust_id']) || !isset($_SESSION['cust_id']))
	{
		die(fatal_error_alert("Missing required session", "NULL"));
	}

	//Valid
	$invoice_id = $_SESSION['session_invoice_id'];
}

//Update The Status Of The Invoice To Viewed And Stamp Date
$sql = "UPDATE invoices SET invoices.date_customer_viewed_invoice = " . mysql_smart_quote(return_clock_format("date-time")) . " WHERE invoices.id = " . mysql_smart_quote($invoice_id) . " LIMIT 1";
mysql_query($sql) or die(fatal_error_alert(mysql_error(), $sql));
?>
//THERE IS A LOT OF MORE CODE BELOW, BUT I DIDNT WANT TO POST IT ALL

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.