SESSEIONS

dargpat

I can not figure this out for anything. I have this script I am working on. I have the login part and when you click submit, a few things are stored in $SESSION['variable'] ... Everything works fine until I use a custom redirect function. I can verify up to the point where it reaches the header() in the redirect function that the session is stored. As soon as the header("Location: URL", true); is ignitiated, I loose all $SESSIONS on next page.

The next page looks like this:

<?php
session_start();
echo $_SESSION['variable']; // Returns empty
?>

What am I doing wrong?

The funny part is I have an admin scection in a subfolder. When I login there and it uses the redirect funtion, all is well and I can access the admin with no problem. But when I try to cross from admin to the root directory where the front end is located, I'm automatically thrown to my relogin screen because all $_SESSION again are lost.

Here is login part:

<?session_start();
require("../includes/vars.inc.php");
require("../includes/functions.inc.php");
require("../includes/templates.inc.php");
require("../includes/apt_functions.inc.php");



$topass=array();
if ($_SERVER['REQUEST_METHOD']=='POST') {
	$user=addslashes_mq($_POST['username']);
	$pass=addslashes_mq($_POST['password']);
	if (isset($user) && !empty($user) &&  isset($pass) && !empty($pass)) {
		db_connect();
		$query="SELECT user_id,name,membership FROM users WHERE user='$user' AND pass='$pass'";
		if (!($res=mysql_query($query))) {error(mysql_error(),__LINE__,__FILE__);}
		if (mysql_num_rows($res)) {
			list($user_id,$name,$membership)=mysql_fetch_row($res);
			$_SESSION['user_id']=$user_id;
			$_SESSION['name']=$name;
			$_SESSION['membership']=$membership;
			$query="UPDATE users SET last_visit=now() WHERE user_id='$user_id'";
			if (!($res=mysql_query($query))) {error(mysql_error(),__LINE__,__FILE__);}
			redirect2page('members.php');
		} else {
			$topass['message']='Invalid user or pass. Please try again!';
		}
	} else {
		$topass['message']='Invalid user or pass. Please try again!';
	}
}
redirect2page("relogin.php",$topass);
?>

Here's redirect part (included from functions.inc.php):

function redirect2page($pagename,$topass=array(),$qstring="",$full_url=false) {
	if (!empty($pagename)) {
		if (!$full_url) {
			$redirect=_BASEURL_."/".$pagename;
			$separator="?";
			if (SID!="") {
				$redirect.=$separator.SID;
				$separator.="&amp;";
			}
			if (!empty($qstring)) {
				$redirect.=$separator.$qstring;
				$separator="&amp;";
			}
		} else {
			$redirect=$pagename;
		}
		if (isset($topass) && !empty($topass)) {
			$_SESSION['topass']=$topass;
		}
		//header("Status: 303 See Other",true);
                //echo $redirect . " -> " . $_SESSION['user_id'];exit(); // $_SESSIONS ARE STORED
		header("Location: $redirect",true);
                exit();
	} else {
		error("No page specified for redirect",__LINE__,__FILE__);
	}
	exit();
}

This is the page I'm trying to reach but can not because the $SESSION['user_id'] is lost!

<?php
session_start();
echo $_SESSION['user_id'] . " - TEst";exit(); // Returns " - TEst" instead of "1 - TEst"
require("includes/vars.inc.php");
require("includes/functions.inc.php");
require("includes/templates.inc.php");
require("includes/apt_functions.inc.php");
include("IM/php121config.php");
include("IM/php121functions.php");
$access_level=$access_matrix['controlcenter'][0];


db_connect();

check_login_member();
if(isset($_SESSION['user_id'])){
$myuser_id = $_SESSION['user_id'];}

else {$myuser_id = "";}
global $relative_path;

if(isset($_SESSION['user_id'])){
$query="SELECT profession,membership FROM users WHERE user_id='".$_SESSION['user_id']."'";
if (!($res=mysql_query($query))) {error(mysql_error(),__LINE__,__FILE__);}
list($profession,$mymembership)=mysql_fetch_row($res);
}


$tpl = new phemplate(_TPLPATH_,'remove_nonjs');



$query="SELECT firstname,lastname,name,gender,DAYOFMONTH(birthdate),MONTH(birthdate),YEAR(birthdate),ethnic,country,country_residing,us_state,city,zip,addr,phone1,phone2,my_diz,work_interest,hairlength,hairtype,haircolor,hairpiece,eyeshape,eyecolor,eyebrows,eyelashes,eyewear,faceshape,bodytype,waist,chest,hips_inseam,height,weight,shoes,dress_shirt,membership,last_visit,referralpoints,email,profession,is_approved FROM users WHERE user_id='".$_SESSION['user_id']."'";
if (!($res=mysql_query($query))) {error(mysql_error(),__LINE__,__FILE__);}
list($firstname,$lastname,$name,$gender,$birthday,$birthmonth,$birthyear,$ethnic,$country,$country_residing,$us_state,$city,$zip,$addr,$phone1,$phone2,$my_diz,$work_interest,$hairlength,$hairtype,$haircolor,$hairpiece,$eyeshape,$eyecolor,$eyebrows,$eyelashes,$eyewear,$faceshape,$bodytype,$waist,$chest,$hips_inseam,$height,$weight,$shoes,$dress_shirt,$membership,$last_visit,$referralpoints,$email,$profession,$is_approved)=mysql_fetch_row($res);

if($is_approved == 0){
        $approvalmsg = "<blockquote><font class=\"alert\">Your profile is currently waiting to be approved by the site admin before being shown to other members on this site.  If we have not approved your profile after 24hrs or you have not heard back from us regarding us approving your profile, please <a href=\"contact_form.php\">contact us</a> asap.</font></blockquote>";
        }else{
        $approvalmsg = "";
} 


if (isset($_SESSION['topass']) && is_array($_SESSION['topass']) && !empty($_SESSION['topass'])) {
	$topass=$_SESSION['topass'];
	$_SESSION['topass']='';
	unset($_SESSION['topass']);
}
$message=((isset($topass['message'])) ? ($topass['message']) : (""));

$newmail=get_total_messages($_SESSION['user_id'],'inbox',true);
$profile_views=get_total_profile_views($_SESSION['user_id']);



	$dtlast_visit="$last_visit";
	$diff=365*(date('Y')-date('Y',strtotime($dtlast_visit)))+floor((date('Y')-date('Y',strtotime($dtlast_visit)))/4)+date('z')-date('z',strtotime($dtlast_visit));

	if($diff < 3){$pmsg="Thanks for stopping by!";}
	if($diff > 3){$pmsg="Welcome back! It's been $diff days since your last visit!";}

if($mymembership == 5){
$pmsg.="<br><br><a href=\"${relative_path}admin/stats.php\">Go to admin panel</a>";}


$new_member=0;
		$query="SELECT count(*) from  users  where joindate > '$last_visit'";
		if (!($rescount=mysql_query($query))) {error(mysql_error(),__LINE__,__FILE__);}
		$new_member=mysql_result($rescount,0,0);

$photos=get_random_album_pic($myuser_id);

if(empty($photos)){
$no_photos_message="You have not yet uploaded any photos to your portfolio. Remember, in order for your portfolio
to receive maximum visibility, you must have photos uploaded. Portfolios without photos are not shown when browsing.";}
else {$no_photos_message="";}


if(has_cnotice($myuser_id)){
$cnoticemanager="<a href=\"${relative_path}processors/cnotice_manager.php?action=list&user_id=$myuser_id\">Manage Casting Notices</a>";}
else{$cnoticemanager="";}

$fortune = random_fortune_bit();

$numheadlines=get_site_option('max_headlines');
$tpl->set_file('middlecontent','control_center.html');
$tpl->set_var('numheadlines',$numheadlines);
$tpl->set_var('cheadlines',cheadlines_bit($numheadlines));
$tpl->set_var('message',$message);
$tpl->set_var('cnotice_manager',$cnoticemanager);
$tpl->set_var('latest_blogs',get_cc_latest_blogs());
$tpl->set_var('latest_fan_blogs',get_ccfan_latest_blogs());
$tpl->set_var('random_tip',$fortune);
$tpl->set_var('relative_path', $relative_path);
$tpl->set_var('approvalmsg',$approvalmsg);
$tpl->set_var('pmsg',$pmsg);
$tpl->set_var('new_mail',$newmail);
$tpl->set_var('member_level_word',get_membership_level($_SESSION['user_id']));
$tpl->set_var('restriction_yn',get_upgrade_link($_SESSION['user_id']));
$tpl->set_var('no_photos_message',$no_photos_message);
$tpl->set_var('messengerIM',auto_121_login($myuser_id));

$cphoto=get_random_album_pic($myuser_id);
if(empty($cphoto)){
     $tpl->set_var('mpic',"<img src=\""._THUMBSURL_."/nopict.png\">");
  }else{
     $tpl->set_var('mpic',"<img src=\""._THUMBSURL_."/".$cphoto."\">");
}





$namee = htmlentities(stripslashes(get_name($_SESSION['user_id'])));
$profilelink=""._BASEURL_."/?v=$namee";
$tpl->set_var('baseurl',_BASEURL_);
$tpl->set_var('profilelink',$profilelink);
$tpl->set_var('referralpoints',$referralpoints);
$tpl->set_var('name',$namee);

$middle_content=$tpl->process('out','middlecontent',0,1);



$title="My Control Center";
include('block_main_frame.php');
?>

--------------------------------------------------------------------------------------------------

any help is appreiated!

Thanks

NogDog

It sometimes helps to do a [man]session_write_close/man just before you do the header() redirect.