session var keep alive after store visit

Robinmcq

Hi,

I have a website that I have setup so that you must register to gain the link for signin. Once signed in you go to a members only page for information signup & the link to shop at the website store which is a front end to a yahoo shops.

I have a mixture of php & html pages (sometimes the pages with php don't work without naming them .php on yahoo - I don't get it why that would be)

My problem is that I have session start() at the top of each of my .php pages. Will it still keep the session even though it is a .html page? (with the beg/end php tags)

Also, I think I'm losing the session after visiting the store..not sure what to do about this.

I was reading up on global variables but this seems to present a security problem (as I have read).

Bottom line can I safely mix .HTML pages & .PHP pages and expect to keep my session alive?

Thanks

Robin

matt_4013

As long as the browser stays open, your session should stay alive until your timeout, no matter if you visit a page without a session_start() in it or not.

What do you mean by losing the session after visiting the store?

You probably don't want to start playing around with global variables, most hosts are set up to give preference to Get variables over all else, and as such if you global it, suddenly a user can change your variables through the url.

Robinmcq

being new to this, I bought a book on PHP & Mysql to develop the website. It contained some code & i borrowed it to setup login, logout, change password & reset for a lost password. I built the pages & tested them in their original design & they worked great.
I then changed the flow between the pages so that when you logged in, it went to my member page which points to the change password process. Each time it claims I am not logged in - which I know I am (!) Same thing for when I log out.

I have session start at each of the pages. Maybe I never really am getting a session start? How can I verify beyond the successful login?

thanks

Robin