By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
455,774 Members | 1,380 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 455,774 IT Pros & Developers. It's quick & easy.

Can't relogin to site - apparently, it's PHP's fault! What do I tell them?

P: n/a
Rather than me explain the problem, read this exchange of emails between my
web host and myself, then tell me what I can tell them!

I had a problem with their admin site all day, and after me saying "can't
log in", and them saying "nothing wrong", I sent the following:

------------------------------------------------------
Found it! Tried it with 3 browsers now (IE, Opera, Firefox), and the
result is that I've just discovered a problem with your site...
It sets a cookie, PHPSESSID, with a value. If I get timed out or log out,
I cannot log in again.
If I delete that cookie, I can.
Try this: login, log out, try and log in again - doesn't work.
Close window, try and log in again. - works.
In other words, no matter what browser, you cannot log into the site again
once logged out. ------------------------------------------------------

To which they replied

------------------------------------------------------ Hi
We already know that the Members Area works in this way.

As you say, we are using a PHP Session ID and this is the way they work.

Nobody else has reported that this is a problem for them.

I guess in due course, it may be something that PHP themselves might want
to
look into.

------------------------------------------------------

Now if that isn't passing the buck, I don't know what is!!
Jul 17 '05 #1
Share this Question
Share on Google+
3 Replies


P: n/a
Jonathan wrote:
Rather than me explain the problem, read this exchange of emails between my web host and myself, then tell me what I can tell them!

I had a problem with their admin site all day, and after me saying "can't log in", and them saying "nothing wrong", I sent the following:

------------------------------------------------------
Found it! Tried it with 3 browsers now (IE, Opera, Firefox), and the result is that I've just discovered a problem with your site...
It sets a cookie, PHPSESSID, with a value. If I get timed out or log out, I cannot log in again.
If I delete that cookie, I can.
Try this: login, log out, try and log in again - doesn't work.
Close window, try and log in again. - works.
In other words, no matter what browser, you cannot log into the site again once logged out.

------------------------------------------------------

To which they replied

------------------------------------------------------
Hi
We already know that the Members Area works in this way.

As you say, we are using a PHP Session ID and this is the way they work.
Nobody else has reported that this is a problem for them.

I guess in due course, it may be something that PHP themselves might want to
look into.

------------------------------------------------------

Now if that isn't passing the buck, I don't know what is!!


Tell them that they are unarguably talking nonsense. It is perfectly
possible (and normal) to design a site that one can log out from and
into at will without having to restart one's browser. This includes
time-out occurrences.

However, it *is* normal behaviour for PHP session cookies to remain on
your computer until you close the browser. But this should not affect
things.

Unless something is wrong with your browser, then it they who are at
fault. If they don't believe this, then try the demo I've made at
http://olifilth.co.uk/01.php (see the script at
http://olifilth.co.uk/01_script.php).

Do you have a link that we could see this behaviour at, by any chance?

--
Oli

Jul 17 '05 #2

P: n/a
What is their problem?

Why can't you log in if you have a cookie on your computer?

Even though I don't see why you aren't allowed to have that cookie,
that wouldn't have to be a problem because they could destroy that
cookie when you log out and it should automatically be destroyed when
you time out...

Jul 17 '05 #3

P: n/a
Jordi wrote:
What is their problem?

Why can't you log in if you have a cookie on your computer?

Even though I don't see why you aren't allowed to have that cookie,
that wouldn't have to be a problem because they could destroy that
cookie when you log out
They could do, but it could still work even if they didn't (see the
example in my post above).
and it should automatically be destroyed when you time out...


No, it shouldn't. The record of the session will be destroyed at the
*server*, but session cookies on the *browser* are generally set to
expire when the browser is closed.

--
Oli

Jul 17 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.