Dear Sir/Madam, I've been coding session for quite sometime, but this is the first time i encounter such problem...
index.php(login form) -> login.php (verifies and set session userkey=1) -> main.php (check session userkey) if check session userkey fail, gets redirected back to index.php in the login.php page, i've tested out session_is_registered("userkey"); it was TRUE. but when i redirect it to main.php and did a checking on session_is_registered("userkey"); it return FALSE... i've session_start(); at every start of the php page... what's wrong? I've output session not set on main.php when the userkey session is not set. when i click on back button and retry login, it works!!! what happened? please check my code again... ==============login.php================== include "lib/mysql.php"; include "lib/u007lib.php"; // connecting to mysql db , my own lib... $rs = getdb(""); $rs->query("select * from ct_user where companyid like '" . $HTTP_POST_VARS["companyid"] . "'"); $rs2 = getdb(""); $erron = ""; if(!$rs->eof) { // if company records found... $rs2->query("select * from ct_login where loginid like '" . $HTTP_POST_VARS["loginid"] . "' and userid=" . $rs->fields("id") . " and pass like '" . $HTTP_POST_VARS["password"] . "'"); if(!$rs2->eof) { // if loginid and password match... session_start(); // session key to be checked... $userkey = $rs2->fields("lvl"); $userid = $rs2->fields("id"); $userloginid = $rs2->fields("loginid"); $usercomid = $rs->fields("id"); $usercompany = $rs->fields("company"); $usercompanyid = $rs->fields("companyid"); // registering session key session_register("userkey"); session_register("usercomid"); session_register("usercompany"); session_register("usercompanyid"); session_register("userid"); session_register("userloginid"); setcookie("companyid", $HTTP_POST_VARS["companyid"], time()+(60*60*24*30)); setcookie("loginid", $HTTP_POST_VARS["loginid"], time()+(60*60*24*30)); //redirecting to main.php //header("location: main.php"); exit(); if (session_is_registered("userkey")) { header("location: main.php"); return; } else { echo "session not set!"; } // always return TRUE... } else { $erron = "Invalid User / Password"; } } else { $erron = "No Such Company ID"; } ?> =============end of login code======================== =============beginning code of main.php================= <? session_start(); include "lib/u007lib.php"; include "lib/mysql.php"; // check session userkey if (!session_is_registered("userkey")) { echo "session not set!"; exit(); } // RETURNED FALSE HERE? Y? if($HTTP_SESSION_VARS["userkey"]-0 < 1) { header("location: ./"); return; } ?> ==============end of main.php code===================== best regards, -- James Tan IT Technical Specialist NextMove Technology Sdn. Bhd. [EMAIL PROTECTED] Tel: 03-5192 1366 Fax: 03-5192 1280 Lot 2-2, Jalan SU6A, Persiaran Tengku Ampuan, Lion Industrial Park, Section 22, 40000 Shah Alam, Selangor D.E. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php