/    Sign up×
Community /Pin to ProfileBookmark

$_SESSION page Refresh displays page…??

Copy linkTweet thisAlerts:
Oct 21.2006

I have a strange problem.
The page I’m trying to protect using $_SESSION will initially redirect the user back to the “login” page, just like it’s supposed to.
But, if you refresh or go to the protected page again, it will display it!
It seems like on first visit it works fine, but if you try an visit the page again (without logging in), it let’s you view the page. Make sense?

Here’s the code I’m using on the protected page, at the very top:

[code=php]session_start();
if (!isset($_SESSION[‘username’])) {
$_SESSION[“username”] = “”;
header( ‘Location: ../login/login.php’);
die();
} else {
if ($_SESSION[“username”] == “username”) {
header( ‘Location: ../admin/listupdate.php’);
}
}[/code]

And the code setting the SESSION variables on the Login page:

[code=php]$_SESSION [‘username’] = “username”;
$_SESSION [‘password’] = “password”;[/code]

And, yes I am closing my browser each time before trying this.
Can anyone see the trouble here?

Thanks,
Mike

to post a comment
PHP

2 Comments(s)

Copy linkTweet thisAlerts:
@bokehOct 21.2006 — [code=php]session_start();
if (!isset($_SESSION['username'])) {
$_SESSION["username"] = "";
header( 'Location: ../login/login.php');
die();
}[/code][/QUOTE]Change to:[code=php]session_start();
if (empty($_SESSION['username'])) {
header( 'Location: ../login/login.php');
die();
}[/code]
Copy linkTweet thisAlerts:
@launchpad67aauthorOct 21.2006 — bokeh,

Thanks for the reply, but that doesn't seem to solve the problem. Your suggestion makes perfect sense but no dice.

I think there is something wrong with the variable I'm trying to pass.

See, "username" is NOT the actual username (just like "password" is Not the password). This is the input text box name that gets written to a DB. Should I be using the variable name the username gets assigned before going to the DB? I think if I weren't writing to a DB, this would be much easier.

This is part of a huge application I'm developing so posting a bunch of code is just not helpful.

I guess I will just make a login.php file and a page.php file and see if I can narrow down the problem, instead of testing this on the whole application.
×

Success!

Help @launchpad67a spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.27,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...