Why my login system is just working for sometimes?

web_designer_iq

Hello
I use this code to check the user if it's logged in:

class Users extends MySQL {
	function check_login()
	{
        if ( $_SESSION['authorize'] == 1  )
		{
            return true;
		}
		else
		{
			return false;
		}
	}

I store the sessions in the database.
This code is working but (not for every one)!!
For example:
sometime when i login to the web site it's loging successfully but is not view the control panel of the web site! (Is mean is can't check the session). But the session is stored in the database and i can't see it !!!
When i refresh the page or changing the page it will be working (for sometimes).
Anyone can help me please?

bradgrafelman

Could it perhaps be that you're switching subdomains? For example, maybe you quickly type in http://mysite.com/login.php into your address bar, but then when you click the link for your control panel you're actually taken to http://www.mysite.com/control_panel/ ?

By default, sessions are only good for the specific subdomain they were created on, so mysite.com and www.mysite.com are two distinct domains and would therefore not share session data (by default - this can be changed).

EDIT: Also, is that the entire contents of your class? If so, how do you verify that [man]session_start/man has already been called?

web_designer_iq

bradgrafelman

Thanks for your fast response 🙂
I don't have sub domains in my web site (But i use the mod-rewrite).
I use "session_start()" in the top of every page (include sessions class).
I attached my sessions class in this reply.
I use this code to check if the session is registered then i view the control panel:

require_once 'includes/global.php';

if ( $GLOBALS['Users']->check_login() == true )
{
//View the control Panel
}
else
{
//View the login page
}

bradgrafelman

web.designer.iq wrote:
* I don't have sub domains in my web site

Not even "www" ? If you use mod_rewrite to force the same subdomain on all requests, however, then you're right - it shouldn't be an issue.

Unless there's a major flaw in your session class that I didn't notice while glancing over it, I'm not too sure why there would be an intermittent loss of sessions. Sorry!

web_designer_iq

bradgrafelman

Thanks for your reply 🙂

khaine

I have had a similar problem with sessions. Sometimes they just don't work. The only solution I could come up with is to use a cookie to back up the session. Although that can be very insecure.