Re: [PHP-WIN] Session management issues

Wed, 24 Oct 2001 21:34:55 -0700 

There are two potential problems (unless, of course, there's more to your 
pages than what you're showing us).  Do you put a session_start() at the 
top of each page?  If not, you won't be able to share variables across 
pages.  Also, are you sure the session id is getting passed to each 
page?  If not, it will start a new session each time and your variables 
will never be registered.  Also, you shouldn't need the second 
session_start() in the else block of the login page.

At 11:28 AM 10/24/01 -0600, Jason McIntyre wrote:
>Hi there:
>I am using PHP 4+ and MySQL to manage access to secured areas on a website.
>My problem is that my session functions don't seem to be working properly.
>Even after I start and register a session variable, my function to check
>that session variable says that it doesn't exist. Help!
>
>Here are the scripts:
>
>Login page:
>
><?
>  require_once("db_con.php"); -creates the database connection
>  require_once("user_auth.php"); - authenticates user in database
>  session_start();
>
>  if($txtUsername && $txtPassword)
>  {
>   $result = login($txtUsername, $txtPassword);
>      if (!$result)
>      {
>         header("Location: loginerror.php");
>   }
>   else
>   {
>    session_start();
>    session_register("valid_user");
>    $valid_user = $result; - this passes in the unique id of the person who
>logged in.
>    header("Location: ../memberso/default.php?idccacon=".$valid_user);
>      }
>       exit;
>     }
>?>
>---------------------------------
>Now if the user exists it opens the ...default.php page, which has this code
>...
><?
>require_once("valid_user.php");
>check_valid_user(); - which is in the valid_user.php
>
>
>This is the function that is called.
>
><?
>  function check_valid_user()
>  {
>   global $valid_user;
>   if (!session_is_registered("valid_user"))
>       header("Location: ../secure/accesserror.php");
>  }
>?>
>
>
>thx!
>Jason
>
>
>
>--
>PHP Windows Mailing List (http://www.php.net/)
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail: [EMAIL PROTECTED]


-- 
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to