Jump to content

Archived

This topic is now archived and is closed to further replies.

jingato

Problem with sessions and URL Masking

Recommended Posts

Hi. I'm currently working on a website and everything was working fine. I would be abl to log in an go to the members area. I am storing the files on a friends server so to get to the address to get to the site was [a href=\"http://www.njmortgagequotes.com/northfield\" target=\"_blank\"]www.njmortgagequotes.com/northfield[/a] I just purchased the domain name for the site at GoDaddy.com and set it up to forward to that address. It also had an option to mask the address so it would allways show the new address. So now I can access it through [a href=\"http://www.northfieldappraisals.com\" target=\"_blank\"]www.northfieldappraisals.com[/a] , but the problem is that the sessions no longer are working. After you sign in, it just redirects to the login page as if you wer'nt signed in. If I access the site by typing in www.njmortgageappraisals.com/northfield, everything still works fine. Is there a way to fix this or can I just not use the masking that I set up.


Here's the code I'm using when I login

$_SESSION["userid"] = "$userid";
header("Location: status.php");
}
else
{
header("Location: login_invalid.php");;
}

and on the members page i use

session_start();
if(!session_is_registered('userid')){
header("Location: login.php");
}
Thanks for the help

John

Share this post


Link to post
Share on other sites
Don't use session_is_registered() when using $_SESSION. Read the caution box at:

[a href=\"http://us2.php.net/manual/en/function.session-is-registered.php\" target=\"_blank\"]http://us2.php.net/manual/en/function.sess...-registered.php[/a]

The other thing you might want to look at is setting the path and domain for session cookies. See:

[a href=\"http://us2.php.net/manual/en/function.session-set-cookie-params.php\" target=\"_blank\"]http://us2.php.net/manual/en/function.sess...okie-params.php[/a]

Share this post


Link to post
Share on other sites
[!--quoteo(post=374524:date=May 16 2006, 10:09 PM:name=toplay)--][div class=\'quotetop\']QUOTE(toplay @ May 16 2006, 10:09 PM) [snapback]374524[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Don't use session_is_registered() when using $_SESSION. Read the caution box at:

[a href=\"http://us2.php.net/manual/en/function.session-is-registered.php\" target=\"_blank\"]http://us2.php.net/manual/en/function.sess...-registered.php[/a]

The other thing you might want to look at is setting the path and domain for session cookies. See:

[a href=\"http://us2.php.net/manual/en/function.session-set-cookie-params.php\" target=\"_blank\"]http://us2.php.net/manual/en/function.sess...okie-params.php[/a]
[/quote]

OK, I changed session_is_registered() to if(isset($_SESSION["userid"])) and I was able to log in and access the members area, but it didn't display any of the members info. I use $userid= $_SESSION["userid"]; to define the user and get his info. If I change pages and go back it then sends me to the login screen again. I looked at the second link you provided, but I didn't really understand it. I'm pretty new to this stuff.

Thanks again

John

Share this post


Link to post
Share on other sites
For forms use $_GET or $_POST depending on the form method for populating the $_SESSION.

Take a look at our session troubleshooting guide:
[a href=\"http://www.phpfreaks.com/forums/index.php?showtopic=31047&view=findpost&p=157705\" target=\"_blank\"]http://www.phpfreaks.com/forums/index.php?...ndpost&p=157705[/a]

Try script listed in item # 10.

If you're still having problems, then post relevant but exact code you're using.

Share this post


Link to post
Share on other sites
[!--quoteo(post=374548:date=May 16 2006, 11:50 PM:name=toplay)--][div class=\'quotetop\']QUOTE(toplay @ May 16 2006, 11:50 PM) [snapback]374548[/snapback][/div][div class=\'quotemain\'][!--quotec--]
For forms use $_GET or $_POST depending on the form method for populating the $_SESSION.

Take a look at our session troubleshooting guide:
[a href=\"http://www.phpfreaks.com/forums/index.php?showtopic=31047&view=findpost&p=157705\" target=\"_blank\"]http://www.phpfreaks.com/forums/index.php?...ndpost&p=157705[/a]

Try script listed in item # 10.

If you're still having problems, then post relevant but exact code you're using.
[/quote]


Sorry, I didn't find anything there to fix the problem. If I open the site if firefox, everything works fine, but in IE it does not. The domain name is northfieldappraisals.com It is being forwarded to njmortgagequotes.com/northfield and the url is being masked to display northfieldappraisals.com. If I enter njmortgagequotes.com/northfield into IE, everything works fine. Is there some type of special code I need to use when the domain is being masked? Maybe I should use cookies instead, but I liked the way it logged out by closing the browser.

Here's the code I'm using:
Login:
// set a cookie
$_SESSION["userid"] = "$userid";
header("Location: status.php");
}

else // only happens if not a succesful username and password match

{
// login failed so display error message and kill script
header("Location: login_invalid.php");;
}

and the members page:
session_start();
if(isset($_SESSION["userid"])){
header("Location: login.php");
}

$userid= $_SESSION["userid"];

Thank you again

Share this post


Link to post
Share on other sites
Change this:

if(isset($_SESSION["userid"])){
header("Location: login.php");
}

To this:

if (!isset($_SESSION["userid"])) { // Add !
header("Location: login.php");
exit;
}


Please note that the header() with location command does not redirect right there and then when it's executed. It actually redirects when your script ends or an exit/die is reached. So, to ensure no logic flow problems in your script, you should have an exit right after every header() with location to force redirection to occur immediately (if that's what you want/expect).

Share this post


Link to post
Share on other sites
[!--quoteo(post=374575:date=May 17 2006, 02:42 AM:name=toplay)--][div class=\'quotetop\']QUOTE(toplay @ May 17 2006, 02:42 AM) [snapback]374575[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Change this:

if(isset($_SESSION["userid"])){
header("Location: login.php");
}

To this:

if (!isset($_SESSION["userid"])) { // Add !
header("Location: login.php");
exit;
}
Please note that the header() with location command does not redirect right there and then when it's executed. It actually redirects when your script ends or an exit/die is reached. So, to ensure no logic flow problems in your script, you should have an exit right after every header() with location to force redirection to occur immediately (if that's what you want/expect).
[/quote]


Still no help. It's not remembering the session no matter what I do. Is there a way I need to tell it the domain is being masked?

Share this post


Link to post
Share on other sites
You need to see what the path and domain is set to when the cookies are being created for your site now. If you're using Firefox, you could use one of these cookie utility extensions:
[a href=\"https://addons.mozilla.org/firefox/573/\" target=\"_blank\"]https://addons.mozilla.org/firefox/573/[/a]
[a href=\"https://addons.mozilla.org/firefox/315/\" target=\"_blank\"]https://addons.mozilla.org/firefox/315/[/a]

In my first post here I gave you a link to set session path and domain parameters. You may want to try that depending on what domain is being inserted into the cookies now. Example:

session_set_cookie_params (time() + 123456, '/', '.njmortgagequotes.com', false);
session_start();

If that domain doesn't work, then use the other ".northfieldappraisals.com'. You may have to uncheck a cookie setting in your browser options called something like accept cookie "For the originating site only".

Try the simple session test scripts in item # 10 listed in the session troubleshooting guide, and report back what you get. Also, you could send us links to your actual pages for us to see what's happening.

Share this post


Link to post
Share on other sites
Still nothing. I just bought some seperate webspace and it working fine now. OH well, But thanks so much for your help and patience too.

John

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.