471,616 Members | 1,447 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 471,616 software developers and data experts.

Can't relogin to site - apparently, it's PHP's fault! What do I tell them?

Rather than me explain the problem, read this exchange of emails between my
web host and myself, then tell me what I can tell them!

I had a problem with their admin site all day, and after me saying "can't
log in", and them saying "nothing wrong", I sent the following:

------------------------------------------------------
Found it! Tried it with 3 browsers now (IE, Opera, Firefox), and the
result is that I've just discovered a problem with your site...
It sets a cookie, PHPSESSID, with a value. If I get timed out or log out,
I cannot log in again.
If I delete that cookie, I can.
Try this: login, log out, try and log in again - doesn't work.
Close window, try and log in again. - works.
In other words, no matter what browser, you cannot log into the site again
once logged out. ------------------------------------------------------

To which they replied

------------------------------------------------------ Hi
We already know that the Members Area works in this way.

As you say, we are using a PHP Session ID and this is the way they work.

Nobody else has reported that this is a problem for them.

I guess in due course, it may be something that PHP themselves might want
to
look into.

------------------------------------------------------

Now if that isn't passing the buck, I don't know what is!!
Jul 17 '05 #1
3 1471
Jonathan wrote:
Rather than me explain the problem, read this exchange of emails between my web host and myself, then tell me what I can tell them!

I had a problem with their admin site all day, and after me saying "can't log in", and them saying "nothing wrong", I sent the following:

------------------------------------------------------
Found it! Tried it with 3 browsers now (IE, Opera, Firefox), and the result is that I've just discovered a problem with your site...
It sets a cookie, PHPSESSID, with a value. If I get timed out or log out, I cannot log in again.
If I delete that cookie, I can.
Try this: login, log out, try and log in again - doesn't work.
Close window, try and log in again. - works.
In other words, no matter what browser, you cannot log into the site again once logged out.

------------------------------------------------------

To which they replied

------------------------------------------------------
Hi
We already know that the Members Area works in this way.

As you say, we are using a PHP Session ID and this is the way they work.
Nobody else has reported that this is a problem for them.

I guess in due course, it may be something that PHP themselves might want to
look into.

------------------------------------------------------

Now if that isn't passing the buck, I don't know what is!!


Tell them that they are unarguably talking nonsense. It is perfectly
possible (and normal) to design a site that one can log out from and
into at will without having to restart one's browser. This includes
time-out occurrences.

However, it *is* normal behaviour for PHP session cookies to remain on
your computer until you close the browser. But this should not affect
things.

Unless something is wrong with your browser, then it they who are at
fault. If they don't believe this, then try the demo I've made at
http://olifilth.co.uk/01.php (see the script at
http://olifilth.co.uk/01_script.php).

Do you have a link that we could see this behaviour at, by any chance?

--
Oli

Jul 17 '05 #2
What is their problem?

Why can't you log in if you have a cookie on your computer?

Even though I don't see why you aren't allowed to have that cookie,
that wouldn't have to be a problem because they could destroy that
cookie when you log out and it should automatically be destroyed when
you time out...

Jul 17 '05 #3
Jordi wrote:
What is their problem?

Why can't you log in if you have a cookie on your computer?

Even though I don't see why you aren't allowed to have that cookie,
that wouldn't have to be a problem because they could destroy that
cookie when you log out
They could do, but it could still work even if they didn't (see the
example in my post above).
and it should automatically be destroyed when you time out...


No, it shouldn't. The record of the session will be destroyed at the
*server*, but session cookies on the *browser* are generally set to
expire when the browser is closed.

--
Oli

Jul 17 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

1 post views Thread by Tony | last post: by
4 posts views Thread by IDK | last post: by
9 posts views Thread by Gilles Ganault | last post: by
1 post views Thread by tietram | last post: by
1 post views Thread by XIAOLAOHU | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.