[Resolved] Passing session data. This can't be THIS difficult!!

Calahan

I've heard so many ways of doing the following (none of which have worked so far). So, a step by step explanation of what I am trying to accomplish...

I want to use sessions so that if the user switches off his/her cookies, all the $_SESSION data will be available on all pages of my site.

I have set session.use_cookies = 1 and session.use_trans_sid = 1 in my php.ini file. Index.php contains:

<?php
session_start();
$_SESSION['entered_username'] = "";
$_SESSION['login'] = "";

echo "<form method='POST' action='login.php'>
    Username:</b>
    <input type='text' name='username' 
    <b>Password:</b> 
    <input type='password' name='password' 
    <input type='submit' value='Login'><b>Not a member?</b> Sign up <a href='register.html'>here</a> 
<b>Forgotten your password?</b> <a href='password_reminder.php'>Click 
    here</a> to have it e-mailed to you. 
</form>";

?>

When the user fills out the username and password, the login.php script runs as follows:

<?php
include("common.php");

if(!($link_id = mysql_connect($Host, $User, $Pass)))
{
die(mysql_error());
}
mysql_select_db($DB);

$sql = "SELECT ID FROM " . $Table . " WHERE username='" . $_POST['username'] . "' AND password='" . md5($_POST['password']) . "' LIMIT 1";

if(!($result = mysql_query($sql))) 
{
	die(mysql_error());
}

if(mysql_num_rows($result) == 1)
	{ 
$_SESSION['entered_username'] = $_POST['username'];
$_SESSION['login'] = 'yes';
header('refresh: 3; url=member.php');
echo "<h2><center>You have been validated. Please wait, logging you in. . .</h2><br>
<center>If your browser doesn't support redirection and you're still here in 3 seconds, <a href='member.php'>click here</a></center>";
	}
else 
	{
header('refresh: 5; url=index.php');
echo "<b><u><center>Login failure </b></u><br>Username/Password mismatch. Sit tight, we're sending you back to the login page in 5 seconds.<br>
If your browser doesn't support redirection and you're still here in 5 seconds, <a href='index.php'>click here</a></center>";
	}
?>

This works OK, now it forwards the user to member.php which contains the following:

<?php
include("common.php");

if(!($link_id = mysql_connect($Host, $User, $Pass))) 
{
die(mysql_error());
}
mysql_select_db($DB); 

extract($_SESSION);

if ($_SESSION['login'] != 'yes')
{
echo "<b><u><center>You haven't logged on!</b></u><p>
<a href='index.php'>Click Here</a> to return to the login page";
exit();
}

$query="SELECT firstname, lastname from $Table WHERE username='$entered_username'";

$result=mysql_query($query)
or die(mysql_error());

while($row = mysql_fetch_array($result))
  {
echo "<table width='99%' align='center'>
  <tr> 
    <td width='10%' height='28' align='left'>
<form name='form1' method='post' action='profile.php'>
        <input type='submit' name='profile' value='Update profile'>
		<input type='hidden' name='username' value='$entered_username'>
</form></td>";

echo "<td width='80%' align='center'><b>Welcome  ". $row['firstname'] . '  '  . $row['lastname'] . '</b></td>';
echo "<td width='10%' align='right'><form name='logout' method='post' action='logout.php'>
        <input type='submit' name='logout' value='Logout'>
</form></td>
</tr>
</table>";

}
?>

Now this is where things get odd. When reaching the member.php page, I'm getiting:
Notice: Undefined index: login in C:\Web\member.php on line 12
You haven't logged on!

Click Here to return to the login page.

This is being caused by the $_SESSION['login'] data not being available to validate against.
Why isn't the session data being passed to the other pages?

jayant

where is session_start() call in login.php and member.php ?

Calahan

Ok, its not there but thats because I initially had session.auto_start=1 to start it on each page. I have put session_start() in both pages and the error remains.
It gets more confusing when IE6 has no problems with it but mozilla does. Anyone know of any issues with Mozilla 1.4?