When a user logs in to my site http://iwantyourquestion.com I set
$_SESSION['loggedin'] to true if his username and password are OK.
When he calls a page I check if $_SESSION['loggedin'] is true. If it
not I ask him to log in.
Every page has at the start:
session_start() ;
ob_start();
A user just told me that he was asked to log in again after he entered
his username and password. If they were incorrect he would be sent
back to the login page, but that was not what happened. He was asked
to log in again.
The only reason I can think of is that $_SESSION['loggedin'] was not
stored correctly. But why not?
When he tried to log in a second time everything worked fine. He was
allowed in.
Has anyone else experienced this and know why it happens?
Regards,
Jan Nordgreen 5  3616 
not sure if that will help, but if PHP was set to use cookies on client side
to save session, and the user doesn't have cookies enabled, it might pause a
problem.
Steve.
"damezumari " <ja**********@g mail.comwrote in message
news:11******** **************@ n59g2000hsh.goo glegroups.com.. .
When a user logs in to my site http://iwantyourquestion.com I set
$_SESSION['loggedin'] to true if his username and password are OK.
When he calls a page I check if $_SESSION['loggedin'] is true. If it
not I ask him to log in.
Every page has at the start:
session_start() ;
ob_start();
A user just told me that he was asked to log in again after he entered
his username and password. If they were incorrect he would be sent
back to the login page, but that was not what happened. He was asked
to log in again.
The only reason I can think of is that $_SESSION['loggedin'] was not
stored correctly. But why not?
When he tried to log in a second time everything worked fine. He was
allowed in.
Has anyone else experienced this and know why it happens?
Regards,
Jan Nordgreen
>When a user logs in to my site http://iwantyourquestion.com I set
>$_SESSION['loggedin'] to true if his username and password are OK.
When he calls a page I check if $_SESSION['loggedin'] is true. If it
not I ask him to log in.
Every page has at the start:
session_start( );
ob_start();
You forgot the part that begins <?php and *DOES NOT* have a DOCTYPE
line or any white space before it.
>A user just told me that he was asked to log in again after he entered
his username and password. If they were incorrect he would be sent
back to the login page, but that was not what happened. He was asked
to log in again.
This is believable if he started a new session, which could happen a
number of ways:
- The user's browser doesn't accept cookies.
- The user cleared cookies.
- The user exited and restarted the browser, and your page uses
session cookies.
- The cookie expired. I'm not sure what your expire time is, but maybe
the user stayed logged in over a long lunch or weekend?.
- One of your pages forgot the session_start() call.
>The only reason I can think of is that $_SESSION['loggedin'] was not
stored correctly. But why not?
Losing the session cookie is a major possibility. So also is running
out of disk space to store session data in.
>When he tried to log in a second time everything worked fine. He was
allowed in.
Has anyone else experienced this and know why it happens?
Regards,
Jan Nordgreen
"Gordon Burditt" <go***********@ burditt.orgwrot e in message
news:13******** *****@corp.supe rnews.com...
Losing the session cookie is a major possibility. So also is running
out of disk space to store session data in.
Jan Nordgreen
If I may, how is session data saved to disk? Do you mean at the client end,
with cookies, or on the server?
I've always thought that, on the server, session data is always in memory,
unless it gets swapped out by the OS in a low memory situation. But then
again what I know about sessions at this point could be written on a postage
stamp with lipstick.
Vince
>Losing the session cookie is a major possibility. So also is running
>out of disk space to store session data in.
>
Jan Nordgreen
If I may, how is session data saved to disk? Do you mean at the client end,
with cookies, or on the server?
Session data never reaches the client. It is saved on the server.
One of the advantages of sessions is that the data never reaches the
client, so the client can't tamper with it.
The default session save handler uses lots of little files, one for
each session. Other handlers can store the info in a database.
Session *cookies* are saved on the client. Any loss of the cookie
screws up the session.
>I've always thought that, on the server, session data is always in memory,
unless it gets swapped out by the OS in a low memory situation. But then
Don't think that. It's a reasonable interpretation *while a PHP
script is running*. Session data can survive web server (e.g.
Apache) restarts. It might survive server reboots.
>again what I know about sessions at this point could be written on a postage
stamp with lipstick.
My webhost has this to say in a kb article re this problem:
PHP Sessions do not work as expected
Symptoms:
* Sessions are not saving when transitioning from HTTP to HTTPS
protocols. If a PHP session needs to begin in HTTP and switch to
HTTPS, there will be some issues where the session is not maintained
across that transition.
* General problems with sessions not seeming to be carried across
web requests.
* Sessions in general behave inconsistently. Your script has a
dependancy on writing data to the /tmp directory.
NOTE: [Although this workaround is intended for a few issues we've
noticed in regards to specific cases, this will most likely fix a
large majority of cases where you're having problems with sessions
working properly - if you are having problems with sessions and your
symptoms don't quite exactly fall into the description above, we
suggest you try this workaround anyway.]
Solution:
This can be fixed by configuring a directive inside of a custom
php.ini file to explicitly direct session files to save in a local
directory on your (gs) Grid-Server instead of the default global '/
tmp' folder.
NOTE: If you are not yet using a custom php.ini file on your server,
you may follow this KB article on the process before proceeding with
the steps in this article.
NOTE: It has been reported that PHPMyAdmin does not work once you make
this change. Here is how to use a desktop database tool as a
workaround to this side effect.
The directive that must be placed inside of your php.ini file is:
session.save_pa th = /home/####/data/tmp
Where '####' is your actual site number.
so, for s1234.gridserve r.com, you would use the following:
session.save_pa th = /home/1234/data/tmp
After saving these changes, make sure to navigate to your 'data'
directory and create a folder called 'tmp'. The next session created
will start behaving properly and the problem should no longer occur.
+++
Great! I will have to give up PHPMyAdmin for them to fix the problem!
No way! I rather look for another web host!
By the way, I have tested this a bit further. After visiting from
three to twelve pages I lose the session variable for loggedin. I have
swtiched between the same pages and it happens sooner or later.
Regards,
Jan Nordgreen
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Håvard Olerud Eriksen |
last post by:
I've been working on a webshop, and I've got most of the functionality up
and running. One problem, however, that I don't seem to be able to solve is
as follows. My shopping cart is stored in $_SESSION array. As I need
to keep tabs on what items are ordered and their quantity I add elements
like this:
array_push($_SESSION,array($item => $quantity));
If I add three elements and then var_dump the global variable it spits out:
array(3) { =>...
|
by: Quinonez |
last post by:
i set up a multipage form about a month ago using Sessions everything
worked well and i moved forward with working on other pages i just
checked the form to make sure it is all working properly and its giving
me an error:
Warning: Invalid argument supplied for foreach() in
/home/mastersc/public_html/testthis.php on line 24
this is the code:
|
by: PulsarSL |
last post by:
Hey
I have a WAMP setup (windows/apache/mysql/php). I'm running the latest
version of all of them with a default installation of all of them. PHP
works great with apache (as a module, not cgi), except that sessions
aren't working. The script at the bottom of this post never increments
my hit count. Do I need to turn sessions on somehow in php.ini?
Thanks,
|
by: comp.lang.php |
last post by:
This is an urgent request (as always)
generate_admin_customer_position_dropdown($customerResult,
$customerResult->id);
print_r($_SESSION);
This code will generate an HTML dropdown as well as set a $_SESSION
|
by: axlq |
last post by:
Someone please tell me if I've discovered a PHP bug.
I'm sitting in front of several computers on my home network, behind
a NAT firewall/router. I am testing my web site on these different
computers (running different browsers, logged in as different users,
etc.). My web site keeps track of users logged in through the use
of $_SESSION.
Here's the bizarre thing: All computers are logged off, then I log
into my web site with one...
| | |
by: Michael Windsor |
last post by:
I've been trying to integrate some PHP pages of my own with some
existing code. The details of this are for the support forums for that
code (where I have been asking questions), but I wonder if someone here
can enlighten me as to why the problematic code is having the effect it is.
For reasons I don't know, if the PHP version is 5 or greater,
register_long_arrays is false and $_SESSION exists, the following
statement is executed:
...
|
by: kamill |
last post by:
I have done a logout page for logout from admin section and provides a link to logout from admin section.Whenever i clicked on logout link it redirected to index.php of admin section......BUT when i am tring to go back threw back button of Browser....it send me last visted pages(means sessons not expire properly). How can i solve it... One more thing is that the script is working properly on localhost....problem occures when i uploaded it on...
|
by: Evil Otto |
last post by:
My page loads, and calls an init() function that returns content to a
div on the page, as well as setting a $_SESSION variable. The content
it returns includes a link that calls the same variable, but I get an
error that says the index isn't defined.
The second two calls are AJAX-generated. The second call immediately
echos the $_SESSION variable back after it sets it, and it sets it
properly. But the subsequent request doesn't see...
|
by: nathj |
last post by:
Hi,
I am trying to get $_SESSION to work on my site. In order to learn this an dunderstand it better I have built two very simple test pages to see if i can access $_SESSION on both pages.
Page 1
<?php /* Created on: 03/07/2007 */
session_start();?>
<html>
<body>
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| | |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
