Hi,
I am having a problem with my program which only happens when using
Mozilla or Firefox.
The pages I wrote, are part of a private web directory, a service
offered by the ISP, which upon configuration, restricts its access
only to users registered on the site. So then once the user signs in,
the entry point of the user to my pages, has access to a cookie
(site_<some number>) set by the validation program. I can use the
values in this cookie to retrieve the user_id, and some other code
that I need to query a databata to find out the user access level to
the site (administrator, plain user, etc...). It works fine, the
problem happens if the a user using any of the Mozilla browsers, (1)
Logs on to my site, surf around, and (2) without closing the window
goes somewhere else (e.g.: www.google.com, or www.yahoo.com), and then
(3) again without closing the window comes back to my pages using by
retyping the same URL he used to access my page at the beggining. When
he tries this, the validation system lets him in without any having to
log in again, but I loose all the cookies and session variables,
therefore I no longer know their user_id and code to access the
database.
I checked the browser configuration and the cookies are set to last
until the browser window is closed, but seems like is not doing that.
Here is a snipet of my code that retrieves the cookie:
session_start() ;
if(isset($_COOK IE["site_240006726 2"])){
$site_cookie = $_COOKIE["site_240006726 2"];
list($u,$l,$md5 p,$user_oid,$pr ef_datetime,$pe rms_datetime,$p l) =
explode("&", $site_cookie);
$u_name = split("=", $u);
$u_login = split("=", $l);
$u_oid = split("=", $user_oid);
// In case the cookie is not available, save its value in session
variable...
$_SESSION["u_name"] = $u_name;
$_SESSION["u_login"] = $u_login;
$_SESSION["u_oid"] = $u_oid;
} else {
// Retrieve the session variables if the cookie is not available
$u_name = $_SESSION["user_name"];
echo ("u_name is ".$u_name);
$u_login = $_SESSION["u_login"];
$u_oid = $_SESSION["u_oid"];
}
$isAdmin = false;
if (isset($u_oid[1])){
$db = mysql_connect(" www.kidswithfoo dallergies.org: 3306",
"kidswitror_rcp ", "allergenfree") ;
mysql_select_db ("kidswitror_ev e",$db);
$sql = "SELECT GROUP_OID FROM IP_GROUP_USERS WHERE USER_OID
=".$u_oid[1].";";
$result = mysql_query($sq l) or trigger_error(m ysql_error(),
E_USER_ERROR);
while($row = mysql_fetch_arr ay($result, MYSQL_NUM)){
if (($row[0] == $KWFAAdmin) || ($row[0] == $RecipesInOurDB ) ||
($row[0] == $RecipesDBTeam) ){
$isAdmin = true;
break;
}
}
}
$_SESSION['user_name'] = $u_name[1];
$_SESSION['user_login'] = $u_login[1];
$_SESSION['user_oid'] = $u_oid[1];
$_SESSION['isAdmin'] = $isAdmin;
$_SESSION['frompage'] = 'introduction';
$_SESSION['db_result'] = $result_array;
$_SESSION['total_rows'] = 0;
$_SESSION['category'] = '';
session_write_c lose();
?>
So the second time around the site_cookie is no longer availble , and
I fall on the else, but all of the session variable are gone.
Has anyone ever experienced something similar ?
I'd appreciate any help on this.
M.D.
I am having a problem with my program which only happens when using
Mozilla or Firefox.
The pages I wrote, are part of a private web directory, a service
offered by the ISP, which upon configuration, restricts its access
only to users registered on the site. So then once the user signs in,
the entry point of the user to my pages, has access to a cookie
(site_<some number>) set by the validation program. I can use the
values in this cookie to retrieve the user_id, and some other code
that I need to query a databata to find out the user access level to
the site (administrator, plain user, etc...). It works fine, the
problem happens if the a user using any of the Mozilla browsers, (1)
Logs on to my site, surf around, and (2) without closing the window
goes somewhere else (e.g.: www.google.com, or www.yahoo.com), and then
(3) again without closing the window comes back to my pages using by
retyping the same URL he used to access my page at the beggining. When
he tries this, the validation system lets him in without any having to
log in again, but I loose all the cookies and session variables,
therefore I no longer know their user_id and code to access the
database.
I checked the browser configuration and the cookies are set to last
until the browser window is closed, but seems like is not doing that.
Here is a snipet of my code that retrieves the cookie:
session_start() ;
if(isset($_COOK IE["site_240006726 2"])){
$site_cookie = $_COOKIE["site_240006726 2"];
list($u,$l,$md5 p,$user_oid,$pr ef_datetime,$pe rms_datetime,$p l) =
explode("&", $site_cookie);
$u_name = split("=", $u);
$u_login = split("=", $l);
$u_oid = split("=", $user_oid);
// In case the cookie is not available, save its value in session
variable...
$_SESSION["u_name"] = $u_name;
$_SESSION["u_login"] = $u_login;
$_SESSION["u_oid"] = $u_oid;
} else {
// Retrieve the session variables if the cookie is not available
$u_name = $_SESSION["user_name"];
echo ("u_name is ".$u_name);
$u_login = $_SESSION["u_login"];
$u_oid = $_SESSION["u_oid"];
}
$isAdmin = false;
if (isset($u_oid[1])){
$db = mysql_connect(" www.kidswithfoo dallergies.org: 3306",
"kidswitror_rcp ", "allergenfree") ;
mysql_select_db ("kidswitror_ev e",$db);
$sql = "SELECT GROUP_OID FROM IP_GROUP_USERS WHERE USER_OID
=".$u_oid[1].";";
$result = mysql_query($sq l) or trigger_error(m ysql_error(),
E_USER_ERROR);
while($row = mysql_fetch_arr ay($result, MYSQL_NUM)){
if (($row[0] == $KWFAAdmin) || ($row[0] == $RecipesInOurDB ) ||
($row[0] == $RecipesDBTeam) ){
$isAdmin = true;
break;
}
}
}
$_SESSION['user_name'] = $u_name[1];
$_SESSION['user_login'] = $u_login[1];
$_SESSION['user_oid'] = $u_oid[1];
$_SESSION['isAdmin'] = $isAdmin;
$_SESSION['frompage'] = 'introduction';
$_SESSION['db_result'] = $result_array;
$_SESSION['total_rows'] = 0;
$_SESSION['category'] = '';
session_write_c lose();
?>
So the second time around the site_cookie is no longer availble , and
I fall on the else, but all of the session variable are gone.
Has anyone ever experienced something similar ?
I'd appreciate any help on this.
M.D.
Comment