Try something along the lines of this for the redirect:
header("location: main.php?PHPSESSID=".Session_Id());
This could/should be being pushed via cookies, but it appears as though it is not. The best way to troubleshoot is to print the before and after session ids, if they change, you are just creating new empty sessions, which should explain the lacking session variables.
HTH,
Jason k Larson
James Tan wrote:
Dear Sir/Madam,
I've been coding session for quite sometime, but this is the first time i
encounter such problem...
index.php(login form) -> login.php (verifies and set session userkey=1) ->
main.php (check session userkey)
if check session userkey fail, gets redirected back to index.php
in the login.php page, i've tested out
session_is_registered("userkey");
it was TRUE.
but when i redirect it to main.php
and did a checking on session_is_registered("userkey");
it return FALSE...
i've session_start(); at every start of the php page...
what's wrong?
I've output session not set on main.php when the userkey session is not set.
when i click on back button and retry login, it works!!! what happened?
please check my code again...
==============login.php==================
include "lib/mysql.php";
include "lib/u007lib.php";
// connecting to mysql db , my own lib...
$rs = getdb("");
$rs->query("select * from ct_user where companyid like '" .
$HTTP_POST_VARS["companyid"] . "'");
$rs2 = getdb("");
$erron = "";
if(!$rs->eof)
{
// if company records found...
$rs2->query("select * from ct_login where loginid like '" .
$HTTP_POST_VARS["loginid"] . "' and userid=" . $rs->fields("id") . " and
pass like '" . $HTTP_POST_VARS["password"] . "'");
if(!$rs2->eof)
{
// if loginid and password match...
session_start();
// session key to be checked...
$userkey = $rs2->fields("lvl");
$userid = $rs2->fields("id");
$userloginid = $rs2->fields("loginid");
$usercomid = $rs->fields("id");
$usercompany = $rs->fields("company");
$usercompanyid = $rs->fields("companyid");
// registering session key
session_register("userkey");
session_register("usercomid");
session_register("usercompany");
session_register("usercompanyid");
session_register("userid");
session_register("userloginid");
setcookie("companyid", $HTTP_POST_VARS["companyid"], time()+(60*60*24*30));
setcookie("loginid", $HTTP_POST_VARS["loginid"], time()+(60*60*24*30));
//redirecting to main.php
//header("location: main.php"); exit();
if (session_is_registered("userkey")) { header("location: main.php");
return; }
else { echo "session not set!"; } // always return TRUE...
}
else
{
$erron = "Invalid User / Password";
}
}
else
{
$erron = "No Such Company ID";
}
?>
=============end of login code========================
=============beginning code of main.php=================
==============end of main.php code=====================
best regards,
--
James Tan
IT Technical Specialist
NextMove Technology Sdn. Bhd.
[EMAIL PROTECTED]
Tel: 03-5192 1366
Fax: 03-5192 1280
Lot 2-2, Jalan SU6A,
Persiaran Tengku Ampuan,
Lion Industrial Park, Section 22,
40000 Shah Alam, Selangor D.E.
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
