Hi.
I cannot work out what I've missed as I am using pretty much the same code as elsewhere in my site. I have a login check, which has been working fine, regenerating sessions and writing them to the database as needed.
I have just added a header redirect and my session contents vanished, although I cannot work out why.
Scripts are as follows:
the final echo is how i found out the session data was missing.. the output was - Array ( ).
In use:
- Hitting F5 or refreshing the page regenerates the session fine, updates the database and user stays logged in. All information retained.
- "POSTS" for $newsjob 1, 2 and 3 regenerates the session fine and all info retained.
For $newsjob 4, the header redirect gives me the lost session info and logs user out. I have compared this with the redirects I have in my non-member scripts and cannot see any difference (session_start() for first line, etc) :/
I cannot work out what I've missed as I am using pretty much the same code as elsewhere in my site. I have a login check, which has been working fine, regenerating sessions and writing them to the database as needed.
I have just added a header redirect and my session contents vanished, although I cannot work out why.
Scripts are as follows:
Code:
<?php
session_start();
require("phpsnips/connectdb.php");
require("memfunction/checklogin.php");
require("memfunction/memberjobs.php");
require("dochead.php");
?>
<body>
<?php
include("layouts/memlayout.php");
mysql_close($con);
?>
</body>
</html>
Code:
<?php
$newsjob = filter_var(mysql_real_escape_string($_POST[newsjob]), FILTER_SANITIZE_NUMBER_INT);
$mnews = filter_var(mysql_real_escape_string($_POST[mnews]), FILTER_SANITIZE_SPECIAL_CHARS);
$nmnews = filter_var(mysql_real_escape_string($_POST[nmnews]), FILTER_SANITIZE_SPECIAL_CHARS);
$activebon = filter_var(mysql_real_escape_string($_POST[activebon]), FILTER_SANITIZE_NUMBER_INT);
$planu = filter_var(mysql_real_escape_string($_POST[planu]), FILTER_SANITIZE_NUMBER_INT);
if ($newsjob == "1")
{
mysql_query("UPDATE info SET mnews = '$mnews' WHERE inforow = 1 LIMIT 1")or die(mysql_error());
}
if ($newsjob == "2")
{
mysql_query("UPDATE info SET nmnews = '$nmnews' WHERE inforow = 1 LIMIT 1")or die(mysql_error());
}
if ($newsjob == "3")
{
mysql_query("UPDATE info SET activebonus = '$activebon' WHERE inforow = 1 LIMIT 1")or die(mysql_error());
}
[COLOR=red] if ($newsjob == "4")
{
header("location:members.php?menutabs=3");
}[/color]
?>
Code:
<?php
$clsessionid = session_id();
$clisloggedin = "0";
$clresult = mysql_query("SELECT loggedin FROM members
WHERE email = '$_SESSION[email]' AND password = '$_SESSION[userpass]' AND loggedin = '1' AND sessionid = '$clsessionid' LIMIT 1")or die(mysql_error());
while($clrow = mysql_fetch_array($clresult))
{
$clisloggedin = "1";
}
if ($clisloggedin == "1")
{
session_regenerate_id(false);
$clsessionid = session_id();
mysql_query("UPDATE members SET sessionid = '$clsessionid' WHERE email = '$_SESSION[email]' LIMIT 1")or die(mysql_error());
}
else
{
[COLOR=red]echo "session is ".session_id();[/color]
/*
require("phpsnips/sessiondestroy.php");
header("location: index.php?menutabs=21&&r=1005");
*/
}
?>
the final echo is how i found out the session data was missing.. the output was - Array ( ).
In use:
- Hitting F5 or refreshing the page regenerates the session fine, updates the database and user stays logged in. All information retained.
- "POSTS" for $newsjob 1, 2 and 3 regenerates the session fine and all info retained.
For $newsjob 4, the header redirect gives me the lost session info and logs user out. I have compared this with the redirects I have in my non-member scripts and cannot see any difference (session_start() for first line, etc) :/