[PHP-DEV] Bug #14636: Session variables are lost when redirecting to a url using header() function.

[kannan]

From:             [EMAIL PROTECTED]
Operating system: windows 2000 professional
PHP version:      4.0.6
PHP Bug Type:     Session related
Bug description:  Session variables are lost when redirecting to a url using header() 
function.

I have 2 scripts: a script to login a user and set a session variable. 
After checking session_is_registered() I redirect to a url using header(). 
The target script checks for the session variable and is not able to find
it.

If I use href to go to the target page, the session variable is found.

I have reviewed the bugs database, and the solutions reported for similar
cases do not work for me.  The following are portion of the code used:

I tested the code on a Linux server and it works perfectly.
Thank you.
Kannan

Environment:  Windows 2000, IE 5.5, Linux 4.0.6

Login.php>>
  $db = db_connect();
  $result = mysql_query($query, $db);
  if (mysql_num_rows($result) >0 )
  {
    // if they are in the database register the user id
    $row = mysql_fetch_array($result);
    $suser = $user;
    session_register("suser");
  }
}

if (session_is_registered("suser"))
  {
    if ($redirect<>"")
      header("location: $redirect"); 
    // redirect is instantiated with 'members_only.php'
    else {
         echo "You are logged in as: $suser <br>";
         echo "suser: $suser<br>";
         echo "<a href=\"members_only.php\">Members Only</a><br>";
         echo "<a href=\"logout.php\">Log out</a><br>";  //  ======= redirect to
URL ====
                        }
  } 
.....

members_only.php>>
<?
  session_start();
  // check session variable
  echo "Members_only<br>";
  echo "$suser<br>";
  if (session_is_registered("suser"))
  {
    echo "Members Only Page<br>";
    echo "<p>You are logged in as $suser.</p>";
    echo "<p>Members only content goes here</p>";
    echo "<a href=\"login.php\">Back to main page</a>";
    echo "<a href=\"logout.php\">Logout</a>";
  }
  else
  {   $redirect = "members_only.php";
      header("location: login.php?redirect=$redirect");
  }

?>

php.ini>>
[Session]
session.save_handler = files
session.save_path = C:\temp
session.use_cookies = 1
session.name = FOO
session.auto_start = 1
session.cookie_lifetime = 60
session.cookie_path = c:\temp
session.cookie_domain = 
session.serialize_handler = php
session.gc_probability = 1
session.gc_maxlifetime = 1440
session.referer_check =
session.entropy_length = 0
session.entropy_file =
session.cache_limiter = private
session.cache_expire = 180
session.use_trans_sid = 1
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"

-- 
Edit bug report at: http://bugs.php.net/?id=14636&edit=1


-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]