Hi,
I am having trouble with session variables inside include files. I have a login into a secure area of my site. When a user logs in to the site, session variables are set. So in a secure page, i 'include' several files, but those session variables do not seem to work in the included pages. when i say 'secure' i really just mean a user is logged in, i am sure this isn't the most secure site. here is an example.
in my login.php, session variables are set
$_SESSION['status'] = $status; // 1 = logged in, 0 = not
$_SESSION['username'] = $username;
somesecurepage.php has a check if a session is started
<?PHP
session_start();
if (!isset($_SESSION['status']))
{ // if session check fails, invoke error handler
header("Location: error.php?e=2");
exit();
}
$username = $_SESSION['username'];
?>
<html>
<body>
<? include('leftnavbar.php'); ?>
<div id="mainbody">
<p>some content</p>
</div>
</body>
</html>
the included leftnavbar.php which is also secure
<?PHP
session_start();
if (!isset($_SESSION['status']))
{ // if session check fails, invoke error handler
header("Location: error.php?e=2");
exit();
}
$username = $_SESSION['username'];
?>
<div id="leftnavbar">
<p>Logged in as: <br />
<? echo $username;?></p>
</div>
Ok, so first off, if i am logged in and manually go to the leftnavbar.php page, it works fine, passes teh 'status' check and echos the username.
When i 'include' this page from a secure page, it fails the status check. if i take that code out, it does not echo the username.
I have tried various things like not putting 'session_start', not declaring $username, etc. but nothing seems to work.
Can someone please tell me what i am doing incorrectly?
Thanks So Much!
Chuck
