PHP - How to start a session after HTTP authentication.

Question

I am dealing with the skeleton of an old website that uses http authentication for users to access membership data. The access content button is a link to a index.html page with the following:

<meta http-equiv="REFRESH" content="0; url=http://www.example.com/something.php"&gt;

I would like to change this to a index.php page which would start a session then redirect with header();

Is there a php equivalent to content="0; in this case?

I guess I could just use

<?php 
session_start();
$_SESSION['loggedIn']=true;
?>

<meta http-equiv="REFRESH" content="0; url=http://www.example.com/something.php"&gt;

but is there anything more elegant?

Answer 1

<?php
    session_start();
    $_SESSION['loggedIn']=true;
    header("Location: http://www.example.com/something.php");
?>

Not sure if sessions will work with a header redirect though (since the page won't actually completely load, so I'm not sure if the session cookie would save), but you can try it.

If it doesn't save the cookie, you may be able to get around that by including the session ID in the URL as a GET var explicitly, like this:

<?php
    session_start();
    $_SESSION['loggedIn']=true;
    header("Location: http://www.example.com/something.php?".htmlspecialchars(SID));
?>