Smart questions
Smart answers
Smart people
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Member Login
Remember Me
Forgot Password?
Join Us!

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips now!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
Join Tek-Tips
*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

LINK TO THIS FORUM!

Add Stickiness To Your Site By Linking To This Professionally Managed Technical Forum.
Just copy and paste the
code below into your site.

Tek-Tips LinkedIn® Group

Partner With Us!

"Best Of Breed" Forums Add Stickiness To Your Site
Partner Button
(Download This Button Today!)

Feedback

"...it was ingeniously designed and all those clicks were for my own good... and that was even before I got my speedy and useful answer to my tekkie question that I eventually posted..."
More...

Geography

Where in the world do Tek-Tips members come from?
Click Here To Find Out!

Tek-Tips Shirts!

Get Tek-Tips Swag
Get your
Tek-Tips Forums
SWAG here!
Home > Forums > Programmers > Web Development > PHP Forum

Lost SESSION variables on same page redirect.Helpful Member! 

thread434-1686302
Read More Threads Like This One
max2474 (Programmer)
20 Jun 12 11:01
Hi.

I cannot work out what I've missed as I am using pretty much the same code as elsewhere in my site. I have a login check, which has been working fine, regenerating sessions and writing them to the database as needed.

I have just added a header redirect and my session contents vanished, although I cannot work out why.

Scripts are as follows:

CODE --> members.php

<?php
session_start();
require("phpsnips/connectdb.php");
require("memfunction/checklogin.php");
require("memfunction/memberjobs.php");
require("dochead.php");
?>

<body>
<?php
include("layouts/memlayout.php");
mysql_close($con);
?>
</body>
</html>

CODE --> memberjobs.php

<?php
$newsjob = filter_var(mysql_real_escape_string($_POST[newsjob]), FILTER_SANITIZE_NUMBER_INT);
$mnews = filter_var(mysql_real_escape_string($_POST[mnews]), FILTER_SANITIZE_SPECIAL_CHARS);
$nmnews = filter_var(mysql_real_escape_string($_POST[nmnews]), FILTER_SANITIZE_SPECIAL_CHARS);
$activebon = filter_var(mysql_real_escape_string($_POST[activebon]), FILTER_SANITIZE_NUMBER_INT);
$planu = filter_var(mysql_real_escape_string($_POST[planu]), FILTER_SANITIZE_NUMBER_INT);

if ($newsjob == "1")
{
mysql_query("UPDATE info SET mnews = '$mnews' WHERE inforow = 1 LIMIT 1")or die(mysql_error());
}
if ($newsjob == "2")
{
mysql_query("UPDATE info SET nmnews = '$nmnews' WHERE inforow = 1 LIMIT 1")or die(mysql_error());
}
if ($newsjob == "3")
{
mysql_query("UPDATE info SET activebonus = '$activebon' WHERE inforow = 1 LIMIT 1")or die(mysql_error());
}
if ($newsjob == "4")
{
header("location:members.php?menutabs=3");

}
?>

CODE --> checklogin.php

<?php
$clsessionid = session_id();
$clisloggedin = "0";
$clresult = mysql_query("SELECT loggedin FROM members
WHERE email = '$_SESSION[email]' AND password = '$_SESSION[userpass]' AND loggedin = '1' AND sessionid = '$clsessionid' LIMIT 1")or die(mysql_error());
while($clrow = mysql_fetch_array($clresult))
{
$clisloggedin = "1";
}
if ($clisloggedin == "1")
{
session_regenerate_id(false);
$clsessionid = session_id();
mysql_query("UPDATE members SET sessionid = '$clsessionid' WHERE email = '$_SESSION[email]' LIMIT 1")or die(mysql_error());
}
else
{
echo "session is ".session_id();
/*
require("phpsnips/sessiondestroy.php");
header("location: index.php?menutabs=21&&r=1005");
*/
}
?>

the final echo is how i found out the session data was missing.. the output was - Array ( ).

In use:
- Hitting F5 or refreshing the page regenerates the session fine, updates the database and user stays logged in. All information retained.
- "POSTS" for $newsjob 1, 2 and 3 regenerates the session fine and all info retained.

For $newsjob 4, the header redirect gives me the lost session info and logs user out. I have compared this with the redirects I have in my non-member scripts and cannot see any difference (session_start() for first line, etc) :/
max2474 (Programmer)
20 Jun 12 11:08
CORRECTION:

The final echo does output the correct session id. I used <?php print_r($_SESSION); ?> at the top of the memlayout.php page (from members.php) to find out that the session was empty.
Helpful Member!  jpadie (TechnicalUser)
20 Jun 12 12:56
it is possible that you are suffering from a race condition. test this by expressly closing the session at the end of the script.

CODE

session_write_close();
also after using the header() method it is advisable to call die() expressly (unless you intend the script to continue)
max2474 (Programmer)
20 Jun 12 13:47
strange..

I have session_write_close(); on my logout already (sessiondestroy.php), but did add die() after all my headers. I believe all is working as it should do now, but need to do some more testing. Thanks for info :)
Read More Threads Like This One

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Back To Forum

Back To PHP

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close