New to PHP and I've checked previous posts and haven't seen similar problem.
Any ideas would be appreciated.
Have encounted an odd problem. Using session variables to allow users to log
in and out of my site. I've created a test system on my laptop. Apache
2.0.48,
PHP 4.3.4, MySQL and Windows 2000. On my test system everything works
perfectly. Sessions are created and maintained as long as the browser is
open.
I can also destroy sessions.
However when I load everything up to my site via FTP the results are very
sporadic. Sessions seem to drop and reappear. While a user is logged in I
display a "Logged in as: XXXXX" message at the top of the page. I can
continually refresh the page and occassionally the "Logged in as" XXXXX"
message will disappear showing the "Please Login Form". If I refresh again
(without logging in) the page shows the user is again "Logged in".
Here's the script that I use to log users in:
<?php
error_reporting (E_ALL ^ E_NOTICE);
//check for required fields from the form
if ((!$_POST[userid]) || (!$_POST[password])) {
header("Location: Salkehatchie_Home.php");
exit;
}
session_start();
//connect to server and select database
$conn = mysql_connect("x.x.x.x", "xxxxxxxxxx", "xxxxxxxxx") or
die(mysql_error());
//echo "Connection is $conn <br>";
mysql_select_db("xxxxxxxxxx_salkehatchie",$conn) or die(mysql_error());
//create and issue the query
$sql = "select userid, password, privs from userlist where userid =
'$_POST[userid]' AND password = '$_POST[password]'";
//echo "USERID is $_POST[userid]<br>";
//echo "PASSWORD is $_POST[password]<br>";
//echo "SQL is $sql<br>";
$result = mysql_query($sql,$conn) or die(mysql_error());
//echo "Result is $result<br>";
$rows = mysql_num_rows($result);
//echo "Number of Rows are $rows<br>";
//get the number of rows in the result set; should be 1 if a match
if (mysql_num_rows($result) == 1) {
//if authorized, get the values set the $_SESSION Variables -- userid,
password and privs
$_SESSION[userid] = $_POST[userid];
$_SESSION[password] = $_POST[password];
$_SESSION[privs] = mysql_result($result, 0, 'privs');
//Direct user to members page
header("Location: Salkehatchie_Members_Home.php");
exit;
} else {
//redirect back to login form if not authorized
header("Location: Salkehatchie_Home.php");
exit;
}
?>
I start off each webpage with the following script:
<?php
//Check for existence of Valid Login ID
error_reporting (E_ALL ^ E_NOTICE);
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Expires: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate ");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
session_start();
if (isset($_SESSION[userid])) {
$validlogon = "YES";
} else {
$validlogon = "NO";
}
echo $validlogon //test to see if user has previously logged on
This all works perfectly on my test system but creates problems at my site.
If anyone would like to see this for themselves go to the following site:
http://www.salkehatchiehuntersville.com/Salkehatchie_Home.php
and log in using test/test as userid/password. When logged in go back to the
home page and then continually refresh that page. You will see that that the
user moves in and out of a logged in status. This will also show up on other
pages but since this site is under construction it's safest to stick to the
HOME page.
Other possibly helpful information. Web Hosting site is BlueDomino.
Thanks for your help.
Jerry Kita
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
