页面之间的PHP会话行为异常

Question

I have aa 'login' page in my site handled by a 'login-act' script which redirects to a 'post' page on success. The 'post' page has links to post various types of content, eg 'post-audio'. The 'post' page works fine as it displays user name if authenticated, but from then on it's disaster: if an authenticated user clicks on 'post-audio', somehow, it logs him out and redirects him to the login page. But then, after some time, (or if i make and undo a change in the 'post-audio' script) it works fine again. It's driving me nuts. Can you help?

login-act.php:

<? ob_start();//Start buffer output ?>

<html>

<head>
<link rel="stylesheet" type="text/css" href="mystyle-a.css">
<title>BQuotes CMS: User Generated Content: Login Notification</title>
</head>

<body class='center'>

<?php
session_start();
if(isset($_POST["captcha"])&&$_POST["captcha"]!=""&&$_SESSION["code"]==$_POST["captcha"])
{
// echo "<font color='green'>Correct Code Entered";

//Do req





$host="host"; // Host name 
$username="user"; // Mysql username 
$password="password"; // Mysql password 
$db_name="db"; // Database name 
$tbl_name="table"; // Table name 
$tbl_name2="table2"; // Table name 2

// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// Get values from form 
$myusername=mysql_real_escape_string($_POST['myusername']);
$mypassword=mysql_real_escape_string($_POST['mypassword']);

// Validate the login
$sql2="SELECT * FROM $tbl_name2 WHERE username='$myusername' and password='$mypassword'";
$result2=mysql_query($sql2);

$count=mysql_num_rows($result2);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1)
             {
session_start();             
$_SESSION['myusername'] = $myusername;
header ("Location: mybq-post.php");

             }

else {
echo "<div class='center2'><font color='red'>Invalid Login Details. Not Logged In.</div>";
echo "<br>";
echo "<div class='center2'><font color='red'>Please go back and try again.</div>";
echo "<br>";

echo "<div class='center2'><a href='mybq-login.php'>Back</a></div>";
}


}

else {
echo "<div class='center2'><font color='red'>Wrong Captcha. Not Logged In.</div>";
echo "<br>";
echo "<div class='center2'><font color='red'>Please go back and try again.</div>";
echo "<br>";

echo "<div class='center2'><a href='mybq-login.php'>Back</a></div>";
}
?>


<?php 
// close connection 
//mysql_close();
?>


 </body> </html>
<? ob_flush();//Flush buffer output ?>

post.php:

<?php

session_start();

if (!(isset($_SESSION['myusername']) && $_SESSION['myusername'] != '')) {

header ("Location: mybq-login.php");

}

if ($_SESSION['timeout'] + 10 * 60 < time()) {
// session timed out
session_destroy();
//header("Location: mybq-logout.php");
  }

$_SESSION['timeout'] = time();


echo "<body class='left'><header><a href='mybq-logout.php'>Logout</a></header></body>" . $_SESSION['myusername'];

?>

<html>

<head>
<link rel="stylesheet" type="text/css" href="mystyle-a.css">
<title>BQuotes CMS: User Generated Content: Post Index</title>
</head>

<body class='center'>

<div class='center2'>
<b>MyBQuotes Post</b><br>
<a href='mybq-post-txt.php'>Post Text</a> <a href='mybq-post-img.php'>Post Image</a><br>
<a href='mybq-post-audio.php'>Post Audio</a> <a href='mybq-post-video.php'>Post Video<br>
<a href='index.php'>CMS Index</a> <a href='mybq-index.php'>MyBQuotes Main</a><br>
<font size="0.5px;" color="red"><b>Disclaimer: </b>Poster solely responsible for posted content!
</div>

 </body> </html>

post-audio.php:

<?php

session_start();

if (!(isset($_SESSION['myusername']) && $_SESSION['myusername'] != '')) {

header ("Location: mybq-login.php");

}

if ($_SESSION['timeout'] + 10 * 60 < time()) {
// session timed out
session_destroy();
//header("Location: mybq-logout.php");
  }

$_SESSION['timeout'] = time();  


echo "<body class='left'><header><a href='mybq-logout.php'>Logout</a></header></body>" . $_SESSION['myusername'];
?>

<html>

<head>
<link rel="stylesheet" type="text/css" href="mystyle-a.css">
<title>BQuotes CMS: User Generated Content: Post Audio</title>
</head>

<div class='center2'>
<body class='center'>
<b>MyBQuotes Post Audio:</b><br>
<font size=2>Allowed File Type: MP3<br />
Max File Size: 8MB</p>
<form name=mybq-post-audio action="mybq-post-audio-act.php" method="post" enctype="multipart/form-data">

<!--
Username:<br />
<input type="text" size="25" name="myusername" /><br />
Password:<br />
<input type="password" size="25" name="mypassword" /><br />
-->

Audio:<br />
<input type="file" name="audio" id="myaudio" /><br />
Tag:<br />
<input type="text" size="25" name="mytag" /><br />

Enter Image Text:<br />
<input name="captcha" type="text">
<img src="captcha.php" /><br>

<input type="submit" value="Post" /><br />
</form>
<a href="forg-pass.htm"><div class='tagtext'>Forgot Login details?</a>
<br />
<a href="index.php">CMS Index</a> <a href="mybq-post.php">MyBQuotes Post</a>

</div>
 </body> </html>

Any help is appreciated. (I know some of my code is deprecated... i'm working on it :) )

Answer 1

In your login form ( login-act.php ) you do not set the $_SESSION['timeout'] so when you visit the post.php page the check $_SESSION['timeout'] + 10 * 60 < time() is always true and the session_destroy() kicks in destroying your session.

The solution is to add the line that set's the timeout in the login-act.php script, ie:

session_start();             
$_SESSION['myusername'] = $myusername;
$_SESSION['timeout'] = time();

Also always exit after any redirect, if you do not exit, although the browser will redirect cause the server told him so, the script will continue to execute in the server, leaving your code open for exploits and strange behavior hard to debug.