ansaurus

Question

ajax-based login fails: IE6 and IE7 ajax calls delete session data (session_id however is kept)

Answer 1

A:

Make sure IE isn't caching the response from your request, put this before your post calls run:

$.ajaxSetup({ cache: false });

Nick Craver 2010-03-28 11:27:29

Thanks for the reply. Same result though.A similar problem could be seen if the scenario would be reversed:1. myajax.php sets a session var2. when the results comes back, javascript window.location.reload()s the page3. mypage.php prints session - the session var is nowhere to be found.It's as if ajax uses a completely different session array (though with the same session_id. In the above-altered scenario, if i would make a secod ajax call to get the session (in stead of refreshing the page), the session var IS set.

mateipavel 2010-03-28 11:34:17

@mateipavel - What are you using for session, cookies?

Nick Craver 2010-03-28 11:45:42

yes, cookies. Using fiddler i can see the PHPSESSID cookie being passed in the request headers both for mypage.php and myajax.php. The value is consistent.

mateipavel 2010-03-28 11:54:28

@mateipavel - If the same cookie is being passed, it seems like something else is the matter, does fiddler show the response without the var?

Nick Craver 2010-03-28 12:09:49

Yes, fiddler shows the response without the var. Let's call the usual page-loading A and the ajax-request B. Let's also call the session "bag". A puts an apple in the bag. A checks the bag and sees an apple. A puts another apple in the bag. A checks the bag and sees both apples.B puts a tomato in the bag. Now it gets weird. B checks the bag and only sees a tomato. A checks the bag and it's empty!We now have a tomato in the bag (as far as B is concerned; A still sees nothing). A gets upset and puts a new apple in the bag. Suddently, B sees nothing in the bag and A sees just his apple.

mateipavel 2010-03-28 12:32:16

@mateipavel - I'm a little confused...if the request to the server is identical, php should be returning the same results...can you make sure nothing else is different about the request? The same headers and cookies should be a consistent response.

Nick Craver 2010-03-28 12:35:45

Nick, I am also very confused. At first I thought it is an IETester problem, but since Fiddler shows the requests and the responses, i ruled that out.I should mention I am using IETester for the results

mateipavel 2010-03-28 12:47:16

btw, thanks for taking the time to sort this out. I would love for it to turn out to be a silly mistake of mine, rather than think my two-year-old website had 50% of its visitors incapable of logging in :)

mateipavel 2010-03-28 12:48:19

@mateipavel - You have a test URL I can hit?

Nick Craver 2010-03-28 14:35:24

Answer 2

A:

May seem like a dumb Question, however have you verified that your session_start() has absolutely no whitespace in either of the scripts? this will generally give an error...

jm 2010-03-29 13:51:03

Answer 3

A:

Could it be something to do with text encoding? Are you using UTF-8 (or whatever encoding) in both the main page and the ajax script? If so, make sure you are explicitely telling the browser which encoding to use in the response headers and html head

It might just be that the print_r() happens to output some magic combination of characters that makes IE detect the wrong encoding.

Also try header('Content-type: text/plain'); perhaps, to make sure IE doesn't try to interpret it as HTML.

One more thing to try: Is IE passing the cookie correctly through the ajax request? Is the Session ID the same for the main page and ajax script? If the cookie is not being passed, PHP might be starting a new, separate session for the ajax page.

Dan Forys 2010-03-31 16:22:22

Answer 4

A:

Try using relative urls in the ajax request. Also, in ie6/7 are you going to 'mysite.com' or 'www.mysite.com'. Check that the host header is correct in the request.

$.post('myajax.php', {action: 'test'}, function(result){alert(result);}, 'html');

John Himmelman 2010-04-01 16:03:54

ansaurus

tags:

views:

answers:

ajax-based login fails: IE6 and IE7 ajax calls delete session data (session_id however is kept)

related questions