PHP - Multiple Domains Vs. Subfolders: Session Variables
Suppose I have two versions of the same website; one American and one Canadian. This site has members with profiles etc. The way my site is written, I think that if someone were to login to their account on, say, the American site, then a session variable would indicate that a user is logged in on the client machine. Now if they visit the "profile" page, for example, or some other members-only page ON THE CANADIAN SITE, and start manipulating data etc., then this would affect the databases for the Canadian site, and everything would get screwed up (actually, I think mysql would just start spitting out errors, but that's not good either).
Does anyone have some simple way to deal this this kind of thing? I don't really know exactly how session variables work. Say I have two domains, somepage.com and somepage.ca on the same server/DNS. If a page on somepage.com sets a session variable called $_SESSION['somevar'], and a page on somepage.ca also sets a variable called $_SESSION['somevar'], are the two variables somehow distinct because they are on different domains? Like, if somepage.com sets the variable, then somepage.ca check if the variable is set, what will happen? What if I wanted to set up the two pages in subfolders, like somepage.com/us and somepage.com/ca, how would I deal with distinguish session variables for the two sites? Is one approach (i.e. distinct domains vs subfolders) better than the other? Thanks, Similar TutorialsI have recently changed server and setting things up are a right pain, after 2 days im need of some help. I have my site split into sub domains so lets say; www.domain.com one.domain.com two.domain.com three.domain.com They are to separate parts of my site which used to make it easier the manage each part, so one sub domain handles accounts and logins etc.. whilst another handles products and so on. the problem im having is all my login scripts and are on say 'one.domain.com', i can log in fine but when i visit any other domain im logged out, i can't seem to sort it out. i have tried setting my session cookie path and session cookie domain by painstakingly adding Code: [Select] ini_set('session.save_path', '/var/www/vhosts/website.co.uk/httpdocs/tmp'); ini_set('session.cookie_domain', '.website.co.uk'); to every page, but it makes no difference, im also getting the occasional error Code: [Select] Warning: session_start() [function.session-start]: open(/tmp/sess_d387ha6eqvj53f135q0fh4d733, O_RDWR) failed: Permission denied I have contacted my server provider by after endless messages they are no longer helping but rather keep saying 'leave it with us' then 'we fixed it' although they didnt. It doesn't help im so limited in what i have access to, i cant access the php.ini so everything has to be done via php So i would really appreciate any help getting this session problem sorted out. Thank you. Good Day, I'm using the following example script from http://php.net/manual/en/function.session-set-save-handler.php which I have placed in session-handler.php and is included at the top of my index.php file. I have multiple domain names for the same website, so naturally when a person logs into the site, I would like the session to be active across all the domains instead of them having to login again if say they go from mysite.com to mysite2.com. session-handler.php <?php function open($save_path, $session_name) { global $sess_save_path; $sess_save_path = $save_path; return(true); } function close() { return(true); } function read($id) { global $sess_save_path; $sess_file = "$sess_save_path/sess_$id"; return (string) @file_get_contents($sess_file); } function write($id, $sess_data) { global $sess_save_path; $sess_file = "$sess_save_path/sess_$id"; if ($fp = @fopen($sess_file, "w")) { $return = fwrite($fp, $sess_data); fclose($fp); return $return; } else { return(false); } } function destroy($id) { global $sess_save_path; $sess_file = "$sess_save_path/sess_$id"; return(@unlink($sess_file)); } function gc($maxlifetime) { global $sess_save_path; foreach (glob("$sess_save_path/sess_*") as $filename) { if (filemtime($filename) + $maxlifetime < time()) { @unlink($filename); } } return true; } session_set_save_handler("open", "close", "read", "write", "destroy", "gc"); session_start(); ?> The script above doesn't appear to be throwing any errors, and I can login like normal but it doesn't seem to be saving the sessions at all. So I still have to login to each separate domain. Any ideas? Thanks, Ace Hello everyone, I'm sitting here in a position where I can't work on my site or test any code, but my mind is racing about what I can do to solve a particular problem that I have. I won't get into the problem because it would take more time to type than I have right now, but I have an idea for a simple solution, just not sure if it will work or not. So, here's my question: Is it possible to have multiple session variables during a session? Such as: $email=$_SESSION['email']; $user=$_SESSION['userid']; If this is possible, my problem is solved (I think)... otherwise, I have to keep thinking about it. Thanks for any help! I'm looking for a secure way to share session data across two different domains (not subdomains) on the same server. I've looked at passing the session id through a GET var to the other domain. It works but it looks to open the possibility of session hijacking and I don't really like having the session id in the URL string. Any way to make this secure? The other option I'm looking at is using cURL to load a script on the other domain that sets a cookie with the session id. When the person loads the other domain, check for the cookie, get the session id, connect to session then delete the cookie. Can anyone see anything wrong with this? Thanks. hi guys i need a script i can use on a website that redirect all domains to a specific URL+domain
so here is the goal to achieve:
i want to redirect DOMAIN1.com DOMAIN2.org DOMAIN3.com .... to my main domain MyredirectDomainurl.com and on MyredirectDomainurl.com i need to run a script that will FORWARD DOMAIN1.com ===> https://www.afternic.com/domain/DOMAIN1.COM DOMAIN2.ORG ===> https://www.afternic.com/domain/DOMAIN2.ORG DOMAIN3.com ===> https://www.afternic.com/domain/DOMAIN3.com
thanks for your help Hal
Edited January 1 by kahymo typo they recently reset my website so my php.ini file has been adjusted. One of my sites is no longer passing a session variable to the next page. I am sure its one of the settings being reset. here is the data from my phpinfo file. Anything that looks off to anyone? session Session Support enabled Registered save handlers files user sqlite Registered serializer handlers php php_binary wddx Directive Local Value Master Value session.auto_start Off Off session.bug_compat_42 On On session.bug_compat_warn On On session.cache_expire 180 180 session.cache_limiter nocache nocache session.cookie_domain no value no value session.cookie_httponly Off Off session.cookie_lifetime 0 0 session.cookie_path / / session.cookie_secure Off Off session.entropy_file no value no value session.entropy_length 0 0 session.gc_divisor 100 100 session.gc_maxlifetime 1440 1440 session.gc_probability 1 1 session.hash_bits_per_character 4 4 session.hash_function 0 0 session.name PHPSESSID PHPSESSID session.referer_check no value no value session.save_handler files files session.save_path /home/users/web/b535/ipw.plevtech/public_html/cgi-bin/tmp /home/users/web/b535/ipw.plevtech/public_html/cgi-bin/tmp session.serialize_handler php php session.use_cookies On On session.use_only_cookies Off Off session.use_trans_sid 0 0 Say I have a dropdown menu consisting of user specific options. I need to be able to set a session variable depending on the option chosen & then re-access it on the following page. Can someone give me a crash course on how to utilize session variables? ...anyone know anything about Internet Explorer not printing values from session variables. It works on Firefox but not on Internet Explorer. The session variable value works find on the web page but click on Print preview and it dissapears and will not print. Hi Can some steer me in the right direction. I am having issues subtotaling 2 session variables: <td>'.$_SESSION['itemqty'][$key].'*'.$_SESSION['itemprice'][$key].'</td> Can you advise if I am doing this right? Cheers Hi. I'm brand new to this forum, so sorry if I do something wrong... I'm someone who has thought myself to code in php to add dynamic objects to my basic static websites. I have had no formal education. This is not my first project however. I'm having problems with session variables working fine up to a point when I call a new file and then all my session variables are lost. I have tried everything, but cannot keep them alive when I get into this or any other new file. I display a form, get user data submitted, then display a next form and after the user submits this next form all the session variables are lost. Anyone have any idea what is killing my session variables? Thanks in advance. Hi I tried to write a script: 1) to locate all directories in a directory (1 level) 2) with the function GetImages() I try to display the image(s) in the subfolder there are only images in the subfolder I guess I'm doing something wrong in the GetImages() with the glob function, can anyone check this ? Thanks in advance function GetImages($map) { $files = glob('$map/*.jpg'); //$files = glob("$map/*.*"); for ($i=0; $i<count($files); $i++) { $num = $files[$i]; echo '<img height="50" width="50" src="'.$num.'" />'." <br />"; } } if ($handle = opendir('mystuff')) { /* loop through directory. */ while (false !== ($dir = readdir($handle))) { if($dir != ".." && $dir != "."){ echo '<option value='.$dir.'>'.$dir.'</option><br>'; GetImages($dir); } } closedir($handle); } Hi, I'm having a wierd problem related to session variables. It looks like variables would get duplicated inside same session, which of course should not be possible. Background: This problem exists on one page script which creating a quote request system where users can select different products and get quote for those. Quote system creates quote ID per customer and all products selected in one session should go under the same quote ID. Problem is that sometimes when user selects products second quote ID is created and after that products are randomly added into both of quotes. While trying to solve this problem I added simple logs to see what's going on, those are added below. Problem seems to be caused by duplicated session variables. At somepoint it looks like session variables are not defined any more and new quote ID is created. After that the old and new session variables seems to be used randomly. To demonstrate the problem I added session variable called 'counter' which is defined if it does not exist and incremented always when page is reloaded by submitting the form. As you can see from below logs the 'counter' variable seems to have duplicate values, see the quote value to separate two different session variable "sets". <?php session_start(); echo "\n Current session id: ".session_id(); echo "\n _SESSION['quote']: ".$_SESSION['quote']; $_SESSION['counter'] = isset($_SESSION['counter'])? $_SESSION['counter'] +1 : 0; echo "\n _SESSION['counter']: ".$_SESSION['counter']; Output when page is reloaded(form submitted): Current session id: r5i15u4s9e20ud4j6jke8ln376 $_SESSION['quote']: $_SESSION['counter']: 0 set _SESSION['quote']: 984 Current session id: r5i15u4s9e20ud4j6jke8ln376 $_SESSION['quote']: $_SESSION['counter']: 0 set _SESSION['quote']: 985 Current session id: r5i15u4s9e20ud4j6jke8ln376 $_SESSION['quote']: 985 $_SESSION['counter']: 1 Current session id: r5i15u4s9e20ud4j6jke8ln376 $_SESSION['quote']: 985 $_SESSION['counter']: 2 Current session id: r5i15u4s9e20ud4j6jke8ln376 $_SESSION['quote']: 984 $_SESSION['counter']: 1 Current session id: r5i15u4s9e20ud4j6jke8ln376 $_SESSION['quote']: 985 $_SESSION['counter']: 3 Current session id: r5i15u4s9e20ud4j6jke8ln376 $_SESSION['quote']: 984 $_SESSION['counter']: 2 Could anyone explain how the 'counter' can behave such way inside same session (based on session ID)? This is far beyond my knowledge and I would highly appreciate any advice or tip how to solve this porblem. Thanks. BestRegards, Laowai I have created a test account in my database with a user level of -1 and i think my code might be wrong but i am hoping someone can spot where i have gone wrong as i cannot, also a similar problem with another session variable loggedIn this is what i get when i login this is on the index page.
Notice: Undefined index: loggedIn in C:\xampp\htdocs\Login\index.php on line 11 Notice: Undefined index: loggedIn in C:\xampp\htdocs\Login\index.php on line 17 You must be logged in to view this page!Index page source code: <?php session_start(); error_reporting(E_ALL | E_NOTICE); ini_set('display_errors', '1'); require 'connect.php'; if($_SESSION['loggedIn'] == 1) { //Do Nothing exit(); } else if($_SESSION['loggedIn'] != 1) { echo "You must be logged in to view this page!"; exit(); } if($_SESSION['user_level'] == -1) { header("Location: banned.php"); } if(isset($_SESSION['username'])) { echo "<div id='welcome'> Welcome, ". $_SESSION['username'] ." <br> </div> "; } ?>Also if you need my login source code: <?php error_reporting(E_ALL | E_NOTICE); require 'connect.php'; session_start(); if (isset($_POST['submit'])) { $username = trim($_POST['username']); $password = trim($_POST['password']); if (empty($username)) { echo "You did not enter a username, Redirecting..."; echo "<meta http-equiv='refresh' content='2' URL='login.php'>"; exit(); } if (empty($password)) { echo "You did not enter a password, Redirecting..."; echo "<meta http-equiv='refresh' content='2' URL='login.php'>"; exit(); } //Prevent hackers from using SQL Injection to hack into Database $username = mysqli_real_escape_string($con, $_POST['username']); $password = mysqli_real_escape_string($con, $_POST['password']); $result = $con->query("SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'"); $row = $result->fetch_array(); $user_level = $row['user_level']; // check to make sure query did execute. If it did not then trigger error use mysqli::error to see why it failed if($result->num_rows > 0) { //Set default user $_SESSION['loggedIn'] == 1; $_SESSION['user_level'] == 1; $_SESSION['username'] == trim($_POST['username']); header("Location: index.php"); exit(); } else if($row['user_level'] == 1) { $_SESSION['user_level'] == 1; //Location admin header("Location: admin.php"); exit(); } else if($row['user_level'] == -1) { $_SESSION['user_level'] == -1; $_SESSION['username'] == trim($_POST['username']); //Location banned header("Location: banned.php"); exit(); } else if($_SESSION['loggedIn'] == true) { //Location default user home page header("index.php"); } else { echo "Invalid Username/Password"; } //Kill unwanted session } if(isset($_POST['killsession'])) { session_destroy(); echo "<br> <br> The Session Destroyed. (Basically means you have been logged out)"; exit(); } ?>I appreciate all help Is there a way to use extract to make session variables? If so how would you go about doing it? About to pull my hair out. Looks simple, I think it's simple, but something is not behaving. I have a simple login page (loginpage.php) which checks a database for the FamilyID and Password, if it is a match, then it redirects them to userspage.php. I eventually want to use the FamilyID as a filter for my database so I only show the stuff relative to that FamilyID. Using CS5 and the built in functions, and it looks to me that the session variable 'MM_Username' should contain the FamilyID which is "adminid" in my database. It appears to work since it sends me to my userspage.php when I enter a valid FamilyID and Password, but it will not show me my session variable on the that page!!! PLEASE PLEASE HELP...Slap me in the face if it's a stupid question, but I have spent WAY too much time trying to figure what is wrong. I have included my code: CODE FOR LOGINPAGE.PHP <?php require_once('Connections/MyTest.php'); ?> <?php if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { if (PHP_VERSION < 6) { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; } $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? doubleval($theValue) : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } ?> <?php // *** Validate request to login to this site. if (!isset($_SESSION)) { session_start(); } $loginFormAction = $_SERVER['PHP_SELF']; if (isset($_GET['accesscheck'])) { $_SESSION['PrevUrl'] = $_GET['accesscheck']; } if (isset($_POST['familyid'])) { $loginUsername=$_POST['familyid']; $password=$_POST['password']; $MM_fldUserAuthorization = ""; $MM_redirectLoginSuccess = "userspage.php"; $MM_redirectLoginFailed = "loginpage.php"; $MM_redirecttoReferrer = false; mysql_select_db($database_MyTest, $MyTest); $LoginRS__query=sprintf("SELECT adminid, password FROM `admin` WHERE adminid=%s AND password=%s", GetSQLValueString($loginUsername, "int"), GetSQLValueString($password, "text")); $LoginRS = mysql_query($LoginRS__query, $MyTest) or die(mysql_error()); $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $loginStrGroup = ""; if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();} //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; if (isset($_SESSION['PrevUrl']) && false) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } header("Location: " . $MM_redirectLoginSuccess ); } else { header("Location: ". $MM_redirectLoginFailed ); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> </head> <body> <form id="form1" name="form1" method="POST" action="<?php echo $loginFormAction; ?>"> <p> <label for="familyid">FamilyID:</label> <input type="text" name="familyid" id="familyid" /> </p> <p> <label for="password">Password:</label> <input type="text" name="password" id="password" /> </p> <p> <input type="submit" name="Submit" id="Submit" value="Submit" /> </p> </form> </body> </html> CODE FOR USERSPAGE.PHP <?php if (!isset($_SESSION)) { session_start(); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> </head> <body> <strong>YOU MADE IT! </strong> <?php echo $_SESSION['MM_Username']; ?> </body> </html> THANKS IN ADVANCED!!! I am having probelm in saving Session variables ALthough I'm writing session_start(); in the header of my php script and saving the values of Session array in the next page. It does not print the values or show right results. Code: [Select] session_start(); require_once ("functions.php"); $token=$_GET['t']; if(!isset($token)){ $name = stripslashes($_POST['username']); $email = stripslashes($_POST['email']); check_validate_input($name, $email); } if($token=='register') { show_registration_form(); } $my_model = new model(); $arr_info = $my_model->check_members($name,$email); if (($arr_info==NULL)&&($token!='register')) { echo '<p> Hello Guest</p><br />'; show_mailing_form(); } else if (($arr_info['role']=='user')||($arr_info['role'] == 'admin')) { $_SESSION['userId']=$arr_info['id']; $_SESSION['user_role']=$arr_info['role']; $_SESSION['user_name']=$arr_info['name']; print_r ($_SESSION);} here it does not print session array. Having some problems with PHP session i currently use cookies to log users in, but i have decided to use php session instead but i can get it to work, it simply dose not pass the variables unless include session id in every single link on my website, can anyone tell me where i am going wrong these are the session setting from php.in session.use_cookies = 1 session.use_only_cookies = 0 session.name = usersesid session.auto_start = 1 session.cookie_lifetime = 0 session.referer_check = 1 session.cache_expire = 180 session.use_trans_sid = 1 Question about variable variables and using session variables for them. O.K. So if I have: $foo = 3; $_SESSION['bar'] = "foo"; $$_SESSION['bar'] should equal the value of $foo, however I can't get it to work. Can someone tell me what I am doing wrong..... is it formatting??? Thanks, Thomas Hi All! I've written up a script for my website. It\ is basically a virtual job quest. My queries are all correct it just isn't registering the variable for the session. It is $-SESSION[theid']. I want to be bale to use it in my table but I get an error. How do I write this in my SQL query for it to work. The page (when no errors), doesn't show my data. Here is my ocde: Code: [Select] <?php session_start(); include("config536.php"); ?> <html> <head> <link rel="stylesheet" type="text/css" href="style.css" /> </head> <?php if(!isset($_SESSION['username'])) { echo "<ubar><a href=login.php>Login</a> or <a href=register.php>Register</a></ubar><content><center><font size=6>Error!</font><br><br>You are not Logged In! Please <a href=login.php>Login</a> or <a href=register.php>Register</a> to Continue!</center></content><content><center><font size=6>Messages</font><br><br></center></content>"; } if(isset($_SESSION['username'])) { echo "<nav>$shownavbar</nav><ubar><img src=/images/layout/player.gif><a href=status.php>$showusername</a>.......................<img src=/images/layout/coin.gif> $scredits</ubar><content><center><font size=6>Basic Quests</font><br><br>"; $startjob = $_POST['submit']; $jobq = "SELECT * FROM jobs WHERE username='$showusername'"; $job = mysql_query($jobq); $jobnr = mysql_num_rows($job); if($jobnr == "0") { ?> <form action="<?php echo "$PHP_SELF"; ?>" method="POST"> <input type="submit" name="submit" value="Start Job"></form> <?php } if(isset($startjob)) { $initemidq = "SELECT * FROM items ORDER BY RAND() LIMIT 1"; $initemid = mysql_query($initemidq); while($ir = mysql_fetch_array($initemid)) { $ids = $ir['itemid']; } mysql_query("INSERT INTO jobs (username, item, time, completed) VALUES ('$showusername', '$ids', 'None', 'No')"); $wegq = "SELECT * FROM items WHERE itemid='$ids'"; $weg = mysql_query($wegq); while($wg = mysql_fetch_array($weg)) { $im = $wg['image']; $nm = $wg['name']; $id = $wg['itemid']; } $_SESSION['theid'] = $id; echo "<font color=green>Success! You have started this Job!</font><br><br>Please bring me this item: <b>$nm</b><br><br><img src=/images/items/$im><br><br><br>"; echo $_SESSION['theid']; } if($jobnr == "1") { $finish = $_POST['finish']; $okgq = "SELECT * FROM items WHERE itemid='$yes'"; $ok = mysql_query($okgq); while($ya = mysql_fetch_array($ok)) { $okname = $ya['name']; $okid = $ya['itemid']; $okimage = $ya['image']; } echo "Where is my <b>$okname</b>?<br><br><img src=/images/items/$okimage><br><br><br>"; echo $_SESSION['theid']; ?> <form action="<?php echo "$PHP_SELF"; ?>" method="POST"> <input type="submit" name="finish" value="I have the Item"></form> <?php } } if(isset($finish)) { $cinq = "SELECT * FROM uitems WHERE theitemid='$_SESSION[theid]'"; $cin = mysql_query($cinq); $connr = mysql_num_rows($cin); if($connr != "0") { echo "<font color=green>Success! You have the item.</font>"; } else { echo "<font color=red>Error! You do not have my item!</font>"; } } ?> . I basically just want to know how I can set this session as a variable. Also..I have a user login on every page and I want to be able to destroy JUST THE "theid" session and NOT the username session. How would I do that too? thanks for the help in advance! Hello all, I just wrote a php website to communicate with a database and it has a login based on the users email and password, they login on the first page and then the php checks for every page they visit if they indeed logged in before and not just found out what php file to open to get where they want to be. For this I used session variables to store both e-mail and password. The login info gets posted from the 1st(login) site to the 2nd site where it is checked for the first time, after that the login info isn't posted to the next page anymore, but just checked, this works for the 3rd page but when the user hits for the 4th page the variables are lost(I can't echo them either). However if I'd go from the 2nd page directly to the 4th page the page will load, however the 5th will then get my security-msg. So offcourse, I am wondering how this might have happened and how to fix this problem, here's some of the code I wrote: This is the check for the logininfo: <?php include('SessionStart.php'); include('logindata.php'); $db = mysql_connect($host, $user, $pw); if (!$db) { echo "<br />Helaas, u heeft geen verbinding met de database."; exit(); } else { mysql_select_db("teammanagementtool", $db); $sql24 = "SELECT * FROM leidinggevenden"; $allesarray = mysql_query($sql24); $i = 0; while ($mails = mysql_fetch_array($allesarray)) { $mailtjes[$i] = $mails['lg_mailadres']; $i = $i+1; } echo "...".$_SESSION['sessie']['email']."...".$_SESSION['sessie']['password']."...".$session_name."..."; if (in_array($_SESSION['sessie']['email'],$mailtjes)) { $sql25 = "SELECT lg_wachtwoord FROM leidinggevenden WHERE lg_mailadres = '".$_SESSION['sessie']['email']."'"; $pass = mysql_query($sql25); $pasje = mysql_fetch_array($pass); if ($_SESSION['sessie']['password'] != $pasje['lg_wachtwoord']) { echo "<script>alert('U bent hier op incorrecte manier terecht gekomen!');</script>"; echo "<meta http-equiv='refresh' content='0;URL=index.php' />"; exit(); } else if ($_SESSION['sessie']['password'] = "" || $_SESSION['sessie']['email'] = ""){ echo "<script>alert('U bent hier op incorrecte manier terecht gekomen!');</script>"; echo "<meta http-equiv='refresh' content='0;URL=index.php' />"; exit(); } else { } } else { echo "<script>alert('U bent hier op incorrecte manier terechtgekomen!');</script>"; echo "<meta http-equiv='refresh' content='0;URL=index.php' />"; exit(); } ?> And this is the code in my SessionStart.php: <?php $session_name = 'sessie'; $session_exp_time = 10000 ; $previous_name = session_name($session_name); ini_set('session.gc_maxlifetime', $session_exp_time); ini_set('session.gc_probability', '1'); ini_set('session.gc_divisor', '1000'); ini_set('session.name', $session_name); ini_set('session.cookie_domain', ''); ini_set('session.cookie_lifetime', 0 ); session_set_cookie_params($session_exp_time, '/', ''); session_start(); if (isset($_COOKIE[$session_name])) setcookie($session_name, $_COOKIE[$session_name], 2147483647 , ''); ?> the includes are at the start of all of my pages, I only do a session_unset() at my index.php(the login page). and my 2nd page gets: $_SESSION['sessie']['email'] = $_POST['email']; $_SESSION['sessie']['password'] = $_POST['password']; from the login. I could really use some help here, thanks in advance. |