Sessions Problem .... I Think??

gobbles

Hey All,

I have a bit of a problem with a script im writing.

I have written an admin backend for the site that uses sessions.

but when i login, it goes through to the main screen then if i click an option it logs me straight out again ... then if i log back in, everything is fine.

If anyone could shed some light on this for me that would be great 🙂

Thanks all !

NogDog

Sorry, my ESP is off today. Perhaps you could provide us some details on how you are doing your user authentication along with snippets of any related code? It might also be useful to look at all the session.* settings listed by [man]phpinfo/man.

gobbles

Once the script has authenticated with the database its gets redirected using

header("Location: https://website.com/main.php?".session_name()."=".session_id());

The code in the main.php file is as follows:

  session_start();
  include_once('header.inc.php');
  $mainquery = "SELECT * FROM advertisers WHERE email = '".$_SESSION['login']."' ";
  $mainresults = mysql_query($mainquery) or die(mysql_error());
  $mainrow = mysql_fetch_array($mainresults);

header.inc.php is as follows:

session_register("login");
session_register("password");
session_register("ad_loggedIn");

checkLoggedIn("yes");

NogDog

Unless you want to use the deprecated [man]register_globals[/man], do not use session_register(). Instead just use the $SESSION array directly:

<?php
session_start();
// ...
$_SESSION['login'] = 'whatever you set it to';

(I won't guarantee this will fix things, but it should at least get you closer to current "best practices".)

gobbles

Hey ... Thanks for that ... But it didnt work 🙁

alphasynaptic

If your admin backend is on a different page than main.php, make sure you do the session_start() on the admin page.