Sessions and redirecting

kurtsu

I have a login page that sets up some session vars after it authenticates the user, then redirects to the destination page. The auth code in the destination page checks the session and if it doesn't find the right info, it redirects to the login page.

Here's the problem: the session is fine just before the login script redirects to the destination page, but once the destination page's script starts running, there's no session (even though the cookie is still set and the session record is in my database, using Zhang's mySQL session handler with a couple of bug fixes).

Yes, the script calls session_write_close() before redirecting.

Any hints?

TIA.

--Kurt

ziah75

do you call session_start(); at the beginning of each page, before sending out any headers/html and stuff?
if you use a function, do you use this?
global $session_name;

if( !$resolved )
{
post_some_code();
}

/Anders 😉

kurtsu

Yes, session_start is called just before checking to see if there is a logged-in user in the session data.

Since I had to turn off register_globals, it's likely that some or all of the problem is related to declaring globals.

The code is spread across many files, so posting it would take an hour. Things seem to be getting better with careful attention to global declarations.

Thanks!

--Kurt