I wrote my own session handler to get a few extra features and everything was working great until I tested it with IE6!
If the script is called with no query string it makes a inserts a new record into a mysql sessionas table including fields 'sess' and 'user' amongst other things. 'sess' is a randomly generated string and 'user' is initialised to "UNSET".
If the user logs in from this page it is reloaded with 'sess', and a supplied user and password in the query string.
As part of the validation stuff in the login section of the script it checks the supplied 'sess' in the database to ensure the 'user' field equals "UNSET".
When using IE6 the 'user' field has magically changed to "JASON", which is a valid value from some previous session records (the cleanup code isnt done yet so theres a lot of timed out sessions in the database).
After a lot of head scratching I found that I could login OK if I waited for about 15 seconds after the page loaded in IE6! I've tried it from 2 networked pc's sharing the same internet connection, and the IE5 one logs on every time!
All I can think of is it's some strange cache preload widget in IE6, and I'd be glad of any pointers.
Jason.
