This is a follow-up to another thread - [PHP] session.use_trans_sid
I am setting up a login section of my site using sessions. I have the login
working with and without cookies enabled. I do not want to restrict my
users be requiring cookies.
Here is my /login/login.php file which takes the results of the user login
form:
<?
session_start();
if ($username && $password)
{
// Here is a MySQL query to verify that the username and password are valid
$num_rows = mysql_num_rows($login_result);
if ($num_rows >0 )
{
$row = mysql_fetch_array($login_result);
session_register("id"); // I register the user id for later use
$id = $row["id"]; // I set the user id
// Once the user is verified I redirect to the main user page
$redirect =
"http://www.fakeserver.com/login/home/index.php?sid=".session_id();
header("Location: $redirect");
};
};
?>
The problem is that I can't seem to get PHP to auto append the session id to
the relative URLs on the following pages.
Here is a include that I have added to each subsequent page to verify that
this is a valid user:
<?
// Now this is perhaps part of the issue. I can't get these pages to keep
the session id unless I call session_name('sid') first. I changed PHPSESSID
to SID in the config files. If I comment out this my session variable $id
which I use to check for a valid session gets lost and my logout() function
triggers.
session_name('sid');
session_start();
if(!$id) {
logout(); // My logout function that clears the session variables and
destroys the session
};
// The rest of the HTML...
?>
The problem is that the SID is not getting automatically added to the URL's.
If I allow cookies all is fine. I can go from page to page in my 'secure'
login section and the $id session variable is accessible and the
verification works fine. If I disable cookies the auto addition of the SID
does not happen at all. The first page is fine because I hard coded the SID
into the header() call. If I manual add the SID to local links it works as
well and I am not logged out.
This is driving me crazy!
I have the following PHP settings in my Apache VH:
php_value session.use_cookies 0 // This seems to have no effect on the
trans_sid issue as I have tried it both ways
php_value session.use_trans_sid 1
I also had these setings in my php.ini file.
Am I missing something basic about sessions here? I have looked all over
the web for a simular problem and I can't find one. Help!! :^)
Thanks,
Dan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
