Sessions getting lost

adam291086 · February 17, 2008

What would cause a session to get lost? I have set some session, if they are not set, a meta refresh takes place. I know the session is set as i can echo it out on other pages. But on others the session won't echo out.

Any ideas?

trq · February 17, 2008

Have you a call to session_start() on each page using sessions?

adam291086 · February 17, 2008

Yep session_start(); is there

trq · February 17, 2008

Were going to need to see some code then.

adam291086 · February 17, 2008

checking the session

<?php 
session_start();
// is the one accessing this page logged in or not?
if (!isset($_SESSION['db_is_logged_in'])
   || $_SESSION['db_is_logged_in'] !== true) 
{
// not logged in, move to login page   
echo "<meta http-equiv=\"refresh\" content=\"0;url=http://www.bcyorkshire.co.uk/admin/login.php\">";
}

setting the session

<?php
// we must never forget to start the session
session_start(); 
$errorMessage = '';
  $userId = $_POST['txtUserId'];
   $password = $_POST['txtPassword'];
   
   mysql_real_escape_string($userId);
   mysql_real_escape_string($password);
include '../database/config.php';
// check if the user id and password combination exist in database
$conn;   
$sql = "SELECT user_name
           FROM tbl_auth_user
           WHERE user_name = '$userId' 
                 AND user_password = PASSWORD('$password')";

   $result = mysql_query($sql) 
             or die('Query failed. ' . mysql_error()); 

   if (mysql_num_rows($result) == 1) {
      // the user id and password match, 
      // set the session

      $_SESSION['db_is_logged_in'] = true;



  // adds the username to session
     
   $row = mysql_fetch_assoc($result);
        $_SESSION['username'] = $row['user_name'];


      // after login we move to the main page
      header('Location: main.php');
      exit;
   } else {
      $errorMessage = 'Sorry, wrong user id / password';
   }

   include '../database/closedb.php';


if ($errorMessage != '') {
?>
<p align="center"><strong><font color="#990000"><?php echo $errorMessage; ?></font></strong></p>
<?php
}
?>

Chris92 · February 17, 2008

<?php 
session_start();
// is the one accessing this page logged in or not?
if ( empty($_SESSION['db_is_logged_in']) ) 
{
    // not logged in, move to login page   
    echo "<meta http-equiv=\"refresh\" content=\"0;url=http://www.bcyorkshire.co.uk/admin/login.php\">";
}
?>

trq · February 17, 2008

Replace...

if (!isset($_SESSION['db_is_logged_in'])
  || $_SESSION['db_is_logged_in'] !== true)

with....

if (!isset($_SESSION['db_is_logged_in']))

ps: Using the mysql PASSWORD function to store your passwords will lead to code braking if you ever upgrade mysql versions. Stick to md5.

adam291086 · February 17, 2008

It is still being lost and the redirecting occurs

Sulman · February 17, 2008

Is the session id changing?

Try echoing session_id(); to have look.

Sign In

Sessions getting lost

Recommended Posts

adam291086

Link to comment

Share on other sites

trq

Link to comment

Share on other sites

adam291086

Link to comment

Share on other sites

trq

Link to comment

Share on other sites

adam291086

Link to comment

Share on other sites

Chris92

Link to comment

Share on other sites

trq

Link to comment

Share on other sites

adam291086

Link to comment

Share on other sites

Sulman

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information