Sessions / PHP 4.3.1

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • NorwichLad
    #1

    Sessions / PHP 4.3.1


    I have a website, to which members must "log on" to gain access.

    The sequence of pages is as follows:

    1. index.php
    Contains form for username/password

    2. login.php
    starts session
    <?
    session_start() ;
    session_registe r("user_id");
    session_registe r("logged_in" );
    ?>
    validates authentication
    A - if "ok"
    i. sets $user_id and $logged_id
    ii. goes to membersArea_fra meset.php
    B - if fails - goes to an error page

    This setup normally works fine, for 99% of visitors.

    However, every day i get a few emails from people who receive an error
    message saying that the session has expired, rather than a successful login.
    Each page (including the above frameset page) has an include of
    'session_check. php'.

    The contents of the file is:

    <?
    if ($logged_in != session_id())
    {
    echo "<script>self.l ocation='error. php?error=2'</script>";
    exit();
    }
    ?>

    For nearly all visitors, the above setup works fine.

    Any ideas why some people are told straight after successfully logging in
    that their session has expired? This is really worrying. I can't figure it
    out.

    Have I not set up the sessions correctly?

    PHP - Version: 4.3.1


    Tags: None
    • Andy Fish
      #2
      Re: Sessions / PHP 4.3.1

      maybe their browsers do not accept cookies?


      "NorwichLad " <see-signature@hill. org.uk> wrote in message
      news:brdj79$28a ch$1@ID-176991.news.uni-berlin.de...[color=blue]
      >
      > I have a website, to which members must "log on" to gain access.
      >
      > The sequence of pages is as follows:
      >
      > 1. index.php
      > Contains form for username/password
      >
      > 2. login.php
      > starts session
      > <?
      > session_start() ;
      > session_registe r("user_id");
      > session_registe r("logged_in" );
      > ?>
      > validates authentication
      > A - if "ok"
      > i. sets $user_id and $logged_id
      > ii. goes to membersArea_fra meset.php
      > B - if fails - goes to an error page
      >
      > This setup normally works fine, for 99% of visitors.
      >
      > However, every day i get a few emails from people who receive an error
      > message saying that the session has expired, rather than a successful[/color]
      login.[color=blue]
      > Each page (including the above frameset page) has an include of
      > 'session_check. php'.
      >
      > The contents of the file is:
      >
      > <?
      > if ($logged_in != session_id())
      > {
      > echo "<script>self.l ocation='error. php?error=2'</script>";
      > exit();
      > }
      > ?>
      >
      > For nearly all visitors, the above setup works fine.
      >
      > Any ideas why some people are told straight after successfully logging in
      > that their session has expired? This is really worrying. I can't figure it
      > out.
      >
      > Have I not set up the sessions correctly?
      >
      > PHP - Version: 4.3.1
      >
      >[/color]


        Comment

        Previous template Next
        Working...