Jump to content


Photo

Problem with sessions and URL Masking


  • Please log in to reply
8 replies to this topic

#1 jingato

jingato
  • Members
  • PipPip
  • Member
  • 10 posts

Posted 17 May 2006 - 12:08 AM

Hi. I'm currently working on a website and everything was working fine. I would be abl to log in an go to the members area. I am storing the files on a friends server so to get to the address to get to the site was [a href=\"http://www.njmortgagequotes.com/northfield\" target=\"_blank\"]www.njmortgagequotes.com/northfield[/a] I just purchased the domain name for the site at GoDaddy.com and set it up to forward to that address. It also had an option to mask the address so it would allways show the new address. So now I can access it through [a href=\"http://www.northfieldappraisals.com\" target=\"_blank\"]www.northfieldappraisals.com[/a] , but the problem is that the sessions no longer are working. After you sign in, it just redirects to the login page as if you wer'nt signed in. If I access the site by typing in www.njmortgageappraisals.com/northfield, everything still works fine. Is there a way to fix this or can I just not use the masking that I set up.


Here's the code I'm using when I login

$_SESSION["userid"] = "$userid";
header("Location: status.php");
}
else
{
header("Location: login_invalid.php");;
}

and on the members page i use

session_start();
if(!session_is_registered('userid')){
header("Location: login.php");
}
Thanks for the help

John

#2 toplay

toplay
  • Staff Alumni
  • Advanced Member
  • 973 posts

Posted 17 May 2006 - 02:09 AM

Don't use session_is_registered() when using $_SESSION. Read the caution box at:

[a href=\"http://us2.php.net/manual/en/function.session-is-registered.php\" target=\"_blank\"]http://us2.php.net/manual/en/function.sess...-registered.php[/a]

The other thing you might want to look at is setting the path and domain for session cookies. See:

[a href=\"http://us2.php.net/manual/en/function.session-set-cookie-params.php\" target=\"_blank\"]http://us2.php.net/manual/en/function.sess...okie-params.php[/a]



#3 jingato

jingato
  • Members
  • PipPip
  • Member
  • 10 posts

Posted 17 May 2006 - 03:17 AM

[!--quoteo(post=374524:date=May 16 2006, 10:09 PM:name=toplay)--][div class=\'quotetop\']QUOTE(toplay @ May 16 2006, 10:09 PM) View Post[/div][div class=\'quotemain\'][!--quotec--]
Don't use session_is_registered() when using $_SESSION. Read the caution box at:

[a href=\"http://us2.php.net/manual/en/function.session-is-registered.php\" target=\"_blank\"]http://us2.php.net/manual/en/function.sess...-registered.php[/a]

The other thing you might want to look at is setting the path and domain for session cookies. See:

[a href=\"http://us2.php.net/manual/en/function.session-set-cookie-params.php\" target=\"_blank\"]http://us2.php.net/manual/en/function.sess...okie-params.php[/a]
[/quote]

OK, I changed session_is_registered() to if(isset($_SESSION["userid"])) and I was able to log in and access the members area, but it didn't display any of the members info. I use $userid= $_SESSION["userid"]; to define the user and get his info. If I change pages and go back it then sends me to the login screen again. I looked at the second link you provided, but I didn't really understand it. I'm pretty new to this stuff.

Thanks again

John

#4 toplay

toplay
  • Staff Alumni
  • Advanced Member
  • 973 posts

Posted 17 May 2006 - 03:50 AM

For forms use $_GET or $_POST depending on the form method for populating the $_SESSION.

Take a look at our session troubleshooting guide:
[a href=\"http://www.phpfreaks.com/forums/index.php?showtopic=31047&view=findpost&p=157705\" target=\"_blank\"]http://www.phpfreaks.com/forums/index.php?...ndpost&p=157705[/a]

Try script listed in item # 10.

If you're still having problems, then post relevant but exact code you're using.

#5 jingato

jingato
  • Members
  • PipPip
  • Member
  • 10 posts

Posted 17 May 2006 - 06:30 AM

[!--quoteo(post=374548:date=May 16 2006, 11:50 PM:name=toplay)--][div class=\'quotetop\']QUOTE(toplay @ May 16 2006, 11:50 PM) View Post[/div][div class=\'quotemain\'][!--quotec--]
For forms use $_GET or $_POST depending on the form method for populating the $_SESSION.

Take a look at our session troubleshooting guide:
[a href=\"http://www.phpfreaks.com/forums/index.php?showtopic=31047&view=findpost&p=157705\" target=\"_blank\"]http://www.phpfreaks.com/forums/index.php?...ndpost&p=157705[/a]

Try script listed in item # 10.

If you're still having problems, then post relevant but exact code you're using.
[/quote]


Sorry, I didn't find anything there to fix the problem. If I open the site if firefox, everything works fine, but in IE it does not. The domain name is northfieldappraisals.com It is being forwarded to njmortgagequotes.com/northfield and the url is being masked to display northfieldappraisals.com. If I enter njmortgagequotes.com/northfield into IE, everything works fine. Is there some type of special code I need to use when the domain is being masked? Maybe I should use cookies instead, but I liked the way it logged out by closing the browser.

Here's the code I'm using:
Login:
// set a cookie
$_SESSION["userid"] = "$userid";
header("Location: status.php");
}

else // only happens if not a succesful username and password match

{
// login failed so display error message and kill script
header("Location: login_invalid.php");;
}

and the members page:
session_start();
if(isset($_SESSION["userid"])){
header("Location: login.php");
}

$userid= $_SESSION["userid"];

Thank you again

#6 toplay

toplay
  • Staff Alumni
  • Advanced Member
  • 973 posts

Posted 17 May 2006 - 06:42 AM

Change this:

if(isset($_SESSION["userid"])){
header("Location: login.php");
}

To this:

if (!isset($_SESSION["userid"])) { // Add !
header("Location: login.php");
exit;
}


Please note that the header() with location command does not redirect right there and then when it's executed. It actually redirects when your script ends or an exit/die is reached. So, to ensure no logic flow problems in your script, you should have an exit right after every header() with location to force redirection to occur immediately (if that's what you want/expect).

#7 jingato

jingato
  • Members
  • PipPip
  • Member
  • 10 posts

Posted 18 May 2006 - 02:46 AM

[!--quoteo(post=374575:date=May 17 2006, 02:42 AM:name=toplay)--][div class=\'quotetop\']QUOTE(toplay @ May 17 2006, 02:42 AM) View Post[/div][div class=\'quotemain\'][!--quotec--]
Change this:

if(isset($_SESSION["userid"])){
header("Location: login.php");
}

To this:

if (!isset($_SESSION["userid"])) { // Add !
header("Location: login.php");
exit;
}
Please note that the header() with location command does not redirect right there and then when it's executed. It actually redirects when your script ends or an exit/die is reached. So, to ensure no logic flow problems in your script, you should have an exit right after every header() with location to force redirection to occur immediately (if that's what you want/expect).
[/quote]


Still no help. It's not remembering the session no matter what I do. Is there a way I need to tell it the domain is being masked?

#8 toplay

toplay
  • Staff Alumni
  • Advanced Member
  • 973 posts

Posted 18 May 2006 - 03:39 AM

You need to see what the path and domain is set to when the cookies are being created for your site now. If you're using Firefox, you could use one of these cookie utility extensions:
[a href=\"https://addons.mozilla.org/firefox/573/\" target=\"_blank\"]https://addons.mozilla.org/firefox/573/[/a]
[a href=\"https://addons.mozilla.org/firefox/315/\" target=\"_blank\"]https://addons.mozilla.org/firefox/315/[/a]

In my first post here I gave you a link to set session path and domain parameters. You may want to try that depending on what domain is being inserted into the cookies now. Example:

session_set_cookie_params (time() + 123456, '/', '.njmortgagequotes.com', false);
session_start();

If that domain doesn't work, then use the other ".northfieldappraisals.com'. You may have to uncheck a cookie setting in your browser options called something like accept cookie "For the originating site only".

Try the simple session test scripts in item # 10 listed in the session troubleshooting guide, and report back what you get. Also, you could send us links to your actual pages for us to see what's happening.



#9 jingato

jingato
  • Members
  • PipPip
  • Member
  • 10 posts

Posted 20 May 2006 - 06:07 AM

Still nothing. I just bought some seperate webspace and it working fine now. OH well, But thanks so much for your help and patience too.

John




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users