You don't need to accept cookies for sessions. That's the beauty of it. PHP automatically appends ?PHPSESSID=$sessid to URLs.
If you do header("Location: abc") however you will need to add the seession ID to the URL. You cannot read a session var on the same page that you set it I found. To get around this I personally register the sessions vars and also set $_SESSION['whatever'] = 1; That way the next time I call the function I can still look for it under the same name. I use a auth.php include file on eachprotected page. It basically looks to see if you have a session... if not asks you to log in and creates the session for you. If you have a session it just skips all the checking. You will have to tweak this... especiallu since I use my own class for db stuff... but here it is... enjoy. session_start(); $sessid = session_id(); // DEBUGGING $debug=false; if(!(session_is_registered("mysession"))){ // Are we coming from the form? if (isset($authaction) && $authaction == 1 ) { require_once("/lib/util.php"); // Lets clean up the email var $email = strtolower(trim($_POST['email'])); // Create an SQL object $sql = new MySQL_class; $sql->Create("rconline_ca"); // Let see if we have this person as a registered user $sql->QueryRow("Select unum, pw, cur_member, pref_lang from user where lower(email) like '$email'"); if ($sql->rows == 0) { ErrorMsg("Incorrect e-mail or password."); exit(); } // Compare passwords $row = $sql->data; if (strcmp($_POST['pw'], $row['pw']) != 0 ) { ErrorMsg("Incorrect e-mail or password."); exit(); } // Everything matches up lets register our vars $mysession = array ("unum" => $row['unum'], "email" => "$email", "lang" => $row['pref_lang']); setcookie ("email", "", time() - 7776000, "/", ".rconline.ca", 0); setcookie ("email", "$email", time() + 7776000, "/", ".rconline.ca", 0); session_register("mysession"); $_SESSION['mysession']['unum'] = $row['unum']; // update there last login $sql->Update("UPDATE user SET last_login = now() WHERE unum = " . $row['unum']); } else { if (isset($HTTP_COOKIE_VARS['email'])){ $email = $HTTP_COOKIE_VARS['email']; } else { $email =""; } echo "<HTML>\n"; echo "<HEAD>\n"; echo "<TITLE>$tags[title]</TITLE>\n"; echo "$tags[style]\n"; echo "</HEAD>\n\n"; echo "$tags[body]\n\n"; echo "<center>\n"; echo "<form method=\"POST\" action=\"$_SERVER[REQUEST_URI]\">\n\n"; echo "<table border=\"0\" align=\"center\" width=\"100%\">\n"; echo "<tr><td align=\"center\" valign=\"middle\" width=\"100%\" height=\"100%\">\n"; echo "<table border=\"0\" align=\"center\">\n"; echo "<tr><td colspan=\"2\" align=\"center\">\n<h3>Please log in to use this feature.<br>"; echo "<i>Seuls les membres authentifiés peuvent continuer.</i></h3><br /></td></tr>\n"; echo "<tr><td align=\"center\">"; // Start of inner table echo "<table border=\"0\">"; echo "<tr>\n\n"; echo "<td valign=\"bottom\"> E-Mail: <br><i>Courriel:</i></td><td valign=\"bottom\"><input type=\"TEXT\" name=\"email\" size=\"32\" value=\""; echo $email; echo "\"></td>\n"; echo "</tr><tr>\n"; echo "<td valign=\"bottom\">Password: <br><i>Mot-de-passe:</i></td><td valign=\"bottom\"><input type=\"password\" name=\"pw\">"; echo "</td></tr>\n"; echo "<tr><td colspan=\"2\" align=\"center\">\n"; echo "<input type=\"hidden\" name=\"authaction\" value=\"1\">\n"; echo "<input type=\"submit\" value=\"Login\">"; echo "</td></tr></table>"; // End of innner table echo "</td></tr><tr><td>"; echo " "; echo "</td></tr><tr><td>"; echo "<p>If you are not a registered user please go to our \n <a href=\"/reg/member_reg.php\">registration page</a>.<br>\n"; echo "Please note, you do not have to be a club member to register for the site.</p>\n"; // echo "<p>Si vous n'etes pas \n <a href=\"/reg/member_reg.php\">registration page</a>.<br>\n"; // echo "Please note, you do not have to be a club member to register for the site.</p>\n"; echo "<p>If you forgot your password <a href=\"/lostpw.php\">click here</a> to retrieve it.</p>\n"; echo "</td></tr>\n"; echo "</table>\n"; echo "</form>"; echo "</td></tr></table>"; echo "</center>\n"; echo "</BODY>\n"; echo "</HTML>\n"; if($debug) { echo "<pre>\n\n\n"; print_r($_SESSION); echo "</pre>\n"; } exit(); } } ?> *********** REPLY SEPARATOR *********** On 02/01/2003 at 11:14 AM Andrew Williams wrote: >Hi, > >Justin has made some suggestions below. > >But it still doesn't work, I have noticed that in the c:/temp directory >session files have been created. > >Does anyone have any other suggestions as to why this is not working > >Apache is version Apache/2.0.39 (Win32) >Internet explorer 6.0.2800.1106 > >Andrew > > > >>Try this code: >>test.php >>--- >><? >>session_start(); >>if (!isset($_SESSION['count'])) { >>$_SESSION['count'] = 0; >>} else { >>$_SESSION['count']++; >>} >>?> >>Hello visitor, you have seen this page <?=$_SESSION['count']?> times.<p> >>To continue, <A HREF="<?=$_SERVER['PHP_SELF']?>">click here</A> >>--- >>Each time you click "click here", the counter should increase by 1. This >>code is lifted straight from the manual, and I've tested it on my machine. > >Tried this no banana! > > >> Does your browser accept cookies? >Privacy settings set to Medium, allowed IP address of machine to except all >cookies > >> I'm going to assume PHP > 4.1 ???? >PHP 4.2.2 >>I'm also going to assume you're allowing cookies on your browser??? >Allowed > >> session_register_var.php >>change your script to: >><? >>// set up a session >>session_start(); >>// register the variable to the session >>$_SESSION['my_favourite_colour'] = "blue"; >>// show a hyperlink to get to the next page >>echo "<A HREF='show_session_var.php'>Click here to go to the next >page</A>"; >>?> > >> and >> show_session_var.php >>change this script to: >><? >>// continue using the session >>session_start(); >>// show the variable's value >>echo "My favourite colour is... ".$_SESSION['my_favourite_colour']; >>?> > >Changed all of this still not happy. > > > >Thanks > > > >Andrew > >Andrew Williams >Sales Engineer >people telecom > >Contacts: >mailto:[EMAIL PROTECTED] ><mailto:[EMAIL PROTECTED]> >Direct Tel: (02) 9458 5861 >Mobile: 0403 479 990 >Reception: (02) 9458 5888 >Facsimile: (02) 9458 5858 >Customer Service: 1300 55 88 88 >www.peopletelecom.com.au > >talk to people > > > >This e-mail and any attachments are confidential and may contain copyright >material of people telecom Ltd or third parties. If you are not the >intended >recipient of this email you should not read, print, re-transmit, store or >act in reliance on this e-mail or any attachments, and should destroy all >copies of them. people telecom Ltd does not guarantee the integrity of any >emails or any attached files. The views or opinions expressed are the >author's own and may not reflect the views or opinions of people telecom >Ltd. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php