Sessions not persisting.

Pottsy

I am having ptoblems getting sessions to persists from one page to the next. The problem being, when the next page loads and new session is started meaning no session variables are set for the new page.

I am using Apache 2.0.54 and php 5.0.4 installed on a WinXP Pro to make development quicker and easier (yeah right).

I am getting to the point of despair on this, as I have been trying to get past this problem for some weeks now and failed miserably.

Any help/suggestion is gratefully welcomed.

My php session settings are

[Session]
session.save_handler = files
session.save_path = "c:\tmp"
session.use_cookies = 1
session.use_only_cookies = 0
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 1800
session.cookie_path = "c:\tmp"
session.cookie_domain =
session.serialize_handler = php
session.gc_probability = 1
session.gc_divisor = 100
session.gc_maxlifetime = 1440
session.bug_compat_42 = 1
session.bug_compat_warn = 1
session.referer_check =
session.entropy_length = 0
session.entropy_file =
session.cache_limiter =
session.cache_expire = 180
session.use_trans_sid = 1
session.hash_function = 0
session.hash_bits_per_character = 4

I am working through the Wroxbooks "Beginning PHP5, Apache, MySQL Web Development" book and using their code copied rather than retyping it myself. So I am pretty sure the problem isn't code related. An example of code that throws the problem is below. I worked around this problem at the beginning of the exercises by specifying a session id to the session_start() statement, but obviously that isn't going to work in the long term.

I thought maybe Zonealarm Pro may have been the cause, but turning ZA off doesn't help. So I am back to suspecting the php setup.

Any help to figure out the problem will be greatly appreciated.

The code example. The template.php page is the target page. When it loads, if you are not logged on, then you are redirected to the login.php page, which then redirects you back to template.php. The problem is, because a new session is started after logging in, even though the login variable are set and stored in the current session, there isnothing set when the template.php page is reloaded and so you are naturally redirected back to the login page and away you go again.

code for template.php

<?php
include "auth.inc.php";
?>
<html>
<head>
<title>Beginning PHP5, Apache and MySQL</title>
</head>
<body>
<h1>This is the Template Page</h1>
</body>
</html>

code for auth.inc.php

<?php
session_start();
if (isset($SESSION['logged']) && $SESSION['logged'] == 1) {
//Do Nothing
} else {
$redirect = $_SERVER['PHP_SELF'];
header("Refresh: 5; URL=login.php?redirect=$redirect");
echo "You are being redirected to the login page!<br>";
echo "(If your browser doesn't support this, " .
"<a href=\"login.php?redirect=$redirect\">click here</a>)";
die();
}
?>

code for login.php

<?php
session_start();
$_SESSION['logged'] = 0;

if (isset($POST['submit'])) {
if ($POST['username'] == "wroxbooks" &&
$POST['password'] == "aregreat") {
$SESSION['logged'] = 1;
header ("Refresh: 5; URL=" . $POST['redirect'] . "");
echo "You are being redirected to your original page request!<br>";
echo "(If your browser doesn't support this, " .
"<a href=\"" . $POST['redirect']. "\">click here</a>)";
} else {
?>
<html>
<head>
<title>Beginning PHP5, Apache and MySQL</title>
</head>
<body>
<p>
Invalid Username and/or Password<br><br>
<form action="login.php" method="post">
<input type="hidden" name="redirect"
value="<?php echo $POST['redirect']; ?>">
Username: <input type="text" name="username"><br>
Password: <input type="password" name="password"><br><br>
<input type="submit" name="submit" value="Login">
</form>
</p>
<?php
}
} else {
?>
<html>
<head>
<title>Beginning PHP5, Apache and MySQL</title>
</head>
<body>
<p>
You must be logged in to view this page<br><br>
<?
if (isset($GET['redirect'])) {
$redirect = $GET['redirect'];
} else {
$redirect = "index.php";
}
?>
<form action="login.php" method="post">
<input type="hidden" name="redirect"
value="<?php echo $GET['redirect']; ?>">
Username: <input type="text" name="username"><br>
Password: <input type="password" name="password"><br><br>
<input type="submit" name="submit" value="Login">
</form>
</p>
<?php
}
?>
</body>
</html>

LoganK

Next time, please format code within

tags. Also, try some debugging!!! Make a simple page with just session_start() and assign a session variable. Then make another simple page, with session_start() and echo the previously set session variable. If it work, then something is wrong with your copied code; if it doesn't work, then something is misconfigured.