tags:

views:

34

answers:

1
+1  Q: 

Login for PHP site sometimes works

I'm having a problem with my login system. Sometimes it works, sometimes it doesn't. It seems that it fails on the first try more often than not and works on the second go around. There is NO ERROR; the page redirects to the home page as it is supposed to but the session variables are coming up empty.

The first code block is the relevant login script after a username/pass was accepted. The second block is what i use to see if the user has any cookies if the the session vars arn't set the home page. The third clock is my logout script.

Thanks in advance.

// The log-in is OK so set the user ID and username session vars (and cookies), and redirect to the home page
$row = mysqli_fetch_array($data);
$_SESSION['user_id'] = $row['user_id'];
$_SESSION['username'] = $row['username'];
$_SESSION['first_name'] = $row['first_name'];

if($rememberme == 1)
{    
    setcookie('user_id', $row['user_id'], time() + (60 * 60 * 24 * 30));    // expires in 30 days
    setcookie('username', $row['username'], time() + (60 * 60 * 24 * 30));  // expires in 30 days
    setcookie('first_name', $row['first_name'], time() + (60 * 60 * 24 * 30));  // expires in 30 days
}

if($ref==0)
{
    header("location: http://domain.com/test.php");

}
else
{
    header("location: http://domain.com/".$ref);

}

second block:

session_start();

if (!isset($_SESSION['user_id'])) {

    if (isset($_COOKIE['user_id']) && isset($_COOKIE['username']) && isset($_COOKIE['first_name'])) {
        $_SESSION['user_id'] = $_COOKIE['user_id'];
        $_SESSION['username'] = $_COOKIE['username'];
        $_SESSION['first_name'] = $_COOKIE['first_name'];
    }
}

third block:

// If the user is logged in, delete the session vars to log them out
session_start();
if (isset($_SESSION['user_id'])) 
{
    // Delete the session vars by clearing the $_SESSION array
    $_SESSION = array();

    // Delete the session cookie by setting its expiration to an hour ago (3600)
    if (isset($_COOKIE[session_name()])) 
    {
      setcookie(session_name(), '', time() - 3600);
    }

    // Destroy the session
    session_destroy();
}

// Delete the user ID and username cookies by setting their expirations to an hour ago (3600)
setcookie('user_id', '', time() - 3600);
setcookie('username', '', time() - 3600);

// Redirect to the home page
header('Location: http://domain.com/test.php');
+1  A: 

Try destroying your session variables in your log out script, also at the beginning of your log in script.

superUntitled  2010-10-12 06:09:14
i've added my logout script. I believe it is doing what you are asking for me to do.
lewicki  2010-10-12 06:11:27
It's working. The sessionstart() at the beginning of the login script did the trick. Thanks for the help
lewicki  2010-10-12 06:16:28

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases