For those interested I was able to get to the bottom of this issue. My hosting supplier uses multiple servers to do load balancing. As such the folder in which the session variables were stored was stored in a /tmp file on each of the servers. That explained why the session variables would randomly disappear and reappear. It also explained why my single-server "test" system experienced no problems. The solution was to set up a /tmp folder for the session variables in my public_html folder. When I did this everything worked perfectly.
I'm not a professional programmer. I started this website very recently on behalf of a project we do at our church. I'd be interested in others opinions and thoughts regarding how other hosting services handle this issue. Should I have expected to create the /tmp folder within my public_html folder or do other hosting services provide a different approach? Thanks and Happy New Year to everyone. Jerry Kita "Jerry Kita" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > New to PHP and I've checked previous posts and haven't seen similar problem. > Any ideas would be appreciated. > > Have encounted an odd problem. Using session variables to allow users to log > in and out of my site. I've created a test system on my laptop. Apache > 2.0.48, > PHP 4.3.4, MySQL and Windows 2000. On my test system everything works > perfectly. Sessions are created and maintained as long as the browser is > open. > I can also destroy sessions. > > However when I load everything up to my site via FTP the results are very > sporadic. Sessions seem to drop and reappear. While a user is logged in I > display a "Logged in as: XXXXX" message at the top of the page. I can > continually refresh the page and occassionally the "Logged in as" XXXXX" > message will disappear showing the "Please Login Form". If I refresh again > (without logging in) the page shows the user is again "Logged in". > > Here's the script that I use to log users in: > > <?php > error_reporting (E_ALL ^ E_NOTICE); > //check for required fields from the form > if ((!$_POST[userid]) || (!$_POST[password])) { > header("Location: Salkehatchie_Home.php"); > exit; > } > session_start(); > //connect to server and select database > $conn = mysql_connect("x.x.x.x", "xxxxxxxxxx", "xxxxxxxxx") or > die(mysql_error()); > //echo "Connection is $conn <br>"; > mysql_select_db("xxxxxxxxxx_salkehatchie",$conn) or die(mysql_error()); > //create and issue the query > $sql = "select userid, password, privs from userlist where userid = > '$_POST[userid]' AND password = '$_POST[password]'"; > //echo "USERID is $_POST[userid]<br>"; > //echo "PASSWORD is $_POST[password]<br>"; > //echo "SQL is $sql<br>"; > $result = mysql_query($sql,$conn) or die(mysql_error()); > //echo "Result is $result<br>"; > $rows = mysql_num_rows($result); > //echo "Number of Rows are $rows<br>"; > //get the number of rows in the result set; should be 1 if a match > if (mysql_num_rows($result) == 1) { > //if authorized, get the values set the $_SESSION Variables -- userid, > password and privs > $_SESSION[userid] = $_POST[userid]; > $_SESSION[password] = $_POST[password]; > $_SESSION[privs] = mysql_result($result, 0, 'privs'); > //Direct user to members page > header("Location: Salkehatchie_Members_Home.php"); > exit; > } else { > //redirect back to login form if not authorized > header("Location: Salkehatchie_Home.php"); > exit; > } > ?> > > I start off each webpage with the following script: > > <?php > //Check for existence of Valid Login ID > error_reporting (E_ALL ^ E_NOTICE); > header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); > header("Expires: " . gmdate("D, d M Y H:i:s") . " GMT"); > header("Cache-Control: no-store, no-cache, must-revalidate "); > header("Cache-Control: post-check=0, pre-check=0", false); > header("Pragma: no-cache"); > session_start(); > if (isset($_SESSION[userid])) { > $validlogon = "YES"; > } else { > $validlogon = "NO"; > } > echo $validlogon //test to see if user has previously logged on > > This all works perfectly on my test system but creates problems at my site. > If anyone would like to see this for themselves go to the following site: > > http://www.salkehatchiehuntersville.com/Salkehatchie_Home.php > > and log in using test/test as userid/password. When logged in go back to the > home page and then continually refresh that page. You will see that that the > user moves in and out of a logged in status. This will also show up on other > pages but since this site is under construction it's safest to stick to the > HOME page. > > Other possibly helpful information. Web Hosting site is BlueDomino. > > Thanks for your help. > > Jerry Kita > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
