adam291086 Posted February 17, 2008 Share Posted February 17, 2008 What would cause a session to get lost? I have set some session, if they are not set, a meta refresh takes place. I know the session is set as i can echo it out on other pages. But on others the session won't echo out. Any ideas? Quote Link to comment Share on other sites More sharing options...
trq Posted February 17, 2008 Share Posted February 17, 2008 Have you a call to session_start() on each page using sessions? Quote Link to comment Share on other sites More sharing options...
adam291086 Posted February 17, 2008 Author Share Posted February 17, 2008 Yep session_start(); is there Quote Link to comment Share on other sites More sharing options...
trq Posted February 17, 2008 Share Posted February 17, 2008 Were going to need to see some code then. Quote Link to comment Share on other sites More sharing options...
adam291086 Posted February 17, 2008 Author Share Posted February 17, 2008 checking the session <?php session_start(); // is the one accessing this page logged in or not? if (!isset($_SESSION['db_is_logged_in']) || $_SESSION['db_is_logged_in'] !== true) { // not logged in, move to login page echo "<meta http-equiv=\"refresh\" content=\"0;url=http://www.bcyorkshire.co.uk/admin/login.php\">"; } setting the session <?php // we must never forget to start the session session_start(); $errorMessage = ''; $userId = $_POST['txtUserId']; $password = $_POST['txtPassword']; mysql_real_escape_string($userId); mysql_real_escape_string($password); include '../database/config.php'; // check if the user id and password combination exist in database $conn; $sql = "SELECT user_name FROM tbl_auth_user WHERE user_name = '$userId' AND user_password = PASSWORD('$password')"; $result = mysql_query($sql) or die('Query failed. ' . mysql_error()); if (mysql_num_rows($result) == 1) { // the user id and password match, // set the session $_SESSION['db_is_logged_in'] = true; // adds the username to session $row = mysql_fetch_assoc($result); $_SESSION['username'] = $row['user_name']; // after login we move to the main page header('Location: main.php'); exit; } else { $errorMessage = 'Sorry, wrong user id / password'; } include '../database/closedb.php'; if ($errorMessage != '') { ?> <p align="center"><strong><font color="#990000"><?php echo $errorMessage; ?></font></strong></p> <?php } ?> Quote Link to comment Share on other sites More sharing options...
Chris92 Posted February 17, 2008 Share Posted February 17, 2008 <?php session_start(); // is the one accessing this page logged in or not? if ( empty($_SESSION['db_is_logged_in']) ) { // not logged in, move to login page echo "<meta http-equiv=\"refresh\" content=\"0;url=http://www.bcyorkshire.co.uk/admin/login.php\">"; } ?> Quote Link to comment Share on other sites More sharing options...
trq Posted February 17, 2008 Share Posted February 17, 2008 Replace... if (!isset($_SESSION['db_is_logged_in']) || $_SESSION['db_is_logged_in'] !== true) with.... if (!isset($_SESSION['db_is_logged_in'])) ps: Using the mysql PASSWORD function to store your passwords will lead to code braking if you ever upgrade mysql versions. Stick to md5. Quote Link to comment Share on other sites More sharing options...
adam291086 Posted February 17, 2008 Author Share Posted February 17, 2008 It is still being lost and the redirecting occurs Quote Link to comment Share on other sites More sharing options...
Sulman Posted February 17, 2008 Share Posted February 17, 2008 Is the session id changing? Try echoing session_id(); to have look. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.