Random Unsetting of $_SESSION vars

rlafountain

Hello. I am writing a script that uses $SESSION['username'] and $SESSION['password']; variables to hold the login of the user over multiple requests. It all works until I get to this page. Basically, this page takes some data in the form of a post and checks to see if the information is actuall there. The post is a bunch of checkboxes stored in an array

$userids = $_POST['id'];

if (count($userids) < 1){
	header( "refresh: 4; url=selectdates2.php" );
	echo 'You did not select any ushers. Please try again.';
	echo '<a href="selectdates2.php">Continue</a>';
	die;
}

But, after the redirection, the $_SESSION['username']; variable is lost and it is set to ask automatically for a login.

Any help would be great. If more code is needed i will post it.

Thanks,
Ryan

EDIT:
Well after more investigating, it appears that when I navigate from the previous page to this page, it switches the value of the $_SESSION['username'] into something very weird indeed. It almost pulls another value from the database. Because of this things go awry as they should.

konsu

i think i saw a similar problem when i wrote my login code. when the user logs in, i set all my session variables, and responded with an http redirect. after the redirect, all session cookies were lost and the user was effectively not logged in anymore. one thing that i did to fix that is to use client side redirect. meta tag namely. but this is not the best solution and i have a suspicion that another solution is to call session_write_close() after a new session is created for a newly logged in user. in your case, you do not seem to create a new session, so i am not sure if this will help... try to capture your http traffic and trace the session cookies on redirects.

devinemke

have you tried using a full URL in the header call? (not just a filename)

rlafountain

Thanks for the help. I have other pages that use the exact same scripting for handling the session functions and such and they worked fine. Been scratching my head the entire time. I found the problem though, somewhere in the script i deal with other usernames, apparently those overwrote the variable $username = $_SESSION['username'] and caused it to change its value. By changing those names to $loc_usename in the while loop i fixed the problem.

Thanks for the help though. I couldn't for the life of me find out why taht was happening.

Thanks again.

Ryan