I've tried searching and couldn't find the answer to my problem. I am using sessions to give users access to restricted pages.

When they login, their info is checked against the database and if that passes, a sessions is started and some session vars are initialized with some data. Using http headers, they are redirected to the restricted page where the session is checked before it will load the page. I understand that not all users support cookies, so I am using SID in the query string.

Throwing some echos in there, I found that SID is not set indicating the cookies got set. Before they are redirected, the variables are there. When I check for the variables on the restricted page they are not set and the SID is not in the query string.

I have just moved to a new host and my code worked on the old host. I've tested it with Firefox and IE6 and both had cookies enabled. Below is a snippet of the code used to start the session and redirect to the secured page.

// initiate a session
session_start();

// register some session variables
$_SESSION[SESSION]=1;

// including the user ID
$_SESSION[SESSION_UID] = $this->UID;

// redirect to protected page
$sessionID = strip_tags(SID);
header("Location: $this->restrictedPage?$sessionID"); 

    Dear Friend,

    try in the follwoing manner

    <?
    session_start();

    // register some session variables
    $_SESSION["SESSION"]=1;

    // including the user ID
    $_SESSION["SESSION_UID"] = $this->UID;

    // redirect to protected page

    $sessionID =session_id();

    header("Location: $this->restrictedPage?$sessionID");

    ?>
    regards,
    bvsureshbabu

      I don't want to put a bandaid on it. Your code will put the SID in the query string even if the cookie gets set. Also, SID contains more than just the ID....from PHP.net

      SID (string)

      Constant containing either the session name and session ID in the form of "name=ID" or empty string if session ID was set in an appropriate session cookie. [/quote]

      I don't want to rely on the query string, I want to fix the problem of cookies not getting set.

      I have tried this an two other computers now, so there is something that has changed from the old host to the new.

      Here are the PHP options from my old host: http://earth.dnsprotect.com/~trail/phpinfo.php

      and the new: http://www.4x4trailhunters.com/phpinfo.php

      The only discernable difference I can see is the old server ran as an apache module where on my new host it runs in cgi. I can't be the first person for this to happen....do you guys see any setting changes that would affect this?

        I fixed this on my own. I discovered that my host requires the use of a custom php.ini to move the temp folder for the session data into my webspace. I did this and it's I'm golden now.

          Write a Reply...