Session problem (yet another one)

c_capo · October 2nd, 2003, 04:21 AM

I have a problem with my sessions. I will explain by adding some code:

index.php: (this works fine)

<?php
  if (do_enter){
    session.start()
    $_SESSION("granted") = "yes";

    header("Location: admin.php");
    exit;
  }
  else{
    // do something else
  }
?>

admin.php:

<?php
  if($_SESSION("granted")<>"yes"){
    header("Location: admin.php");
    exit;
  }
  else{
    //whatever I want to do on this page
  }
?>

If I try to login on my index page, he goes to admin.php
but admin.php sends the user back to index.php (I tested this).
Is there something wrong with my script or my sessions??

Help appreciated

:: soulcreation.com ::

c_capo · October 2nd, 2003, 04:33 AM

Mistake in my script I posted:

I use session_start(); //in case someone is going to
//say something about this

Claudio

:: soulcreation.com ::

richard.york · October 2nd, 2003, 03:08 PM

Hi c_capo

You need to use braces to form your arrays and not parenthesis.

$_SESSION["granted"];

http://www.php.net/manual/en/language.types.array.php

: )

:::::::::::::::::::::::::::::::::
Smiling Souls
http://www.smilingsouls.net
:::::::::::::::::::::::::::::::::

nikolai · October 2nd, 2003, 06:43 PM

You say that you use session_start in your script... I just want to clarify, since you're missing it in admin.php.

Also, your admin.php seems quirky: when $_SESSION['granted'] is NOT equal to "yes", you're redirected back to admin.php, not index.php... Is this a typo in your post, or a bug in your actual code?

A complete working version follows:

<?php // index.php

if (isset($_GET['do_enter']) && ($_GET['do_enter'] != ''))
{
    session.start()
    $_SESSION['granted'] = 'yes';

    header('Location: admin.php');
    exit;
}
else
{
    // do something else
}
?>

<?php // admin.php

session_start();

if ($_SESSION['granted'] !== 'yes')
{
    header("Location: index.php");
    exit;
}
else
{
    //whatever I want to do on this page
}
?>

To enter the admin site, just append "?do_enter=true" to the URL after index.php.

Take care,

Nik
http://www.bigaction.org/

bruce.benamran · October 12th, 2003, 05:05 PM

What is your configuration (exactly what web server do you use) ?
That might also help.
E.g :
- with apache, you don't have to send the sid (session id) to every page through links and forms
- with iis, you have to explicitely retrieve the sid in every page, sent as a GET or as a POST.
So if you use IIS, since you don't send the sid, it's completely normal that you're redirected as not logged in.

php/java developer
NTIC engineer

marcoax · October 16th, 2003, 01:34 AM

hi

if you are testing your page on IE try to check te security level setting.
If setted to high, change it to medium

c_capo · October 17th, 2003, 06:24 AM

I have found this:
http://bugs.php.net/bug.php?id=14636

Seems the problem is with HTTP.
I might use cookies but prefer sessions above cookies.

Claudio

:: soulcreation.com ::