Login session destroy after page reload/refresh
Question
I've problem to understand how different browsers handle my script differently. First please take a look at this simple code that I use for validating users.
<?php
session_start ();
if (!isset($_SESSION["login"] , $_SESSION['email']))
{
header("location: index.php");
};
include ("DBconn.php");
?>
After session successfully created and I enter the page, what happen is when I reload the page the login session that has been created before somehow destroy/missing and I redirect to login page. I try to check the session ID and it did not change. This issue happens in FF and Chrome latest version, it not happen in Opera 18 or Chrome older version. Please can someone give some help to solve this issue. Many thanks.
Here is my complete login.php.
<?php
session_start ();
include ("DBconn.php");
$email = mysql_real_escape_string ($_REQUEST['email']);
$pass = mysql_real_escape_string ($_REQUEST['pass']);
$passi_db = md5 ($_REQUEST['pass']);
$query = "SELECT * FROM members WHERE email = '$email'";
$mail = mysql_query ($query);
if (mysql_num_rows ($mail) == 1)
{
$query = "SELECT * FROM members WHERE email = '$email' AND pass_db = '$pass_db' AND active = 1";
$password = mysql_query ($query);
if (mysql_num_rows ($password ) == 1)
{
$d = mysql_fetch_array($password );
$operator = $d['operator_1'];
$_SESSION['login'] = 1;
$_SESSION['email'] = $email;
$data["status"] = "yes";
$data["operator"] = $operator;
echo json_encode($data);
}
else
{
$data["status"] = "NOTmatch";
echo json_encode($data);
}
}
else
{
$data["status"] = "emailNOTexist";
echo json_encode($data);
}
mysql_close ();
?>
5 answers
solution1
3 2014-01-17 19:48:32
您需要在所有页面上调用session_start() 。
solution2
1 2014-01-17 19:46:54
isset will check existence of both parametre and return true only if both are set.
'login' or 'email' seems more a ' login OR email condition', so you may try :
if (!isset($_SESSION["login"]) && !isset($_SESSION['email']))
{
header("location: index.php");
exit(); // just in case, you can already exit the execution
};
Hope this will help
solution3
0 2014-01-17 19:48:51
Create a header.php file and add session_start() to it and include header.php to all your pages on top.
Yes you need to add on top of your all pages, like on login.php, home.php etc, it will check and continue with your existing/new session values
solution4
0 2014-01-19 03:57:16
Im so glad I finally found what's wrong. I have this code in my JS script:
$(window).on ('unload', function(){
$.ajax({
type:'POST',
url:'logout.php'
});
});
What this code do basically logging out every time the page unload. This is my mistake. After I delete it The page works fine. Thank you very much everyone for the suggestion. I learn more from my mistake.
solution5
0 2016-02-14 14:38:48
Remove Space between session_start and "()". So replace session_start (); with session_start();
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.