|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2002-01-08 05:17 UTC] mikkoh at htklx2 dot htk dot fi
The symptoms are identical to bug #14636, but with versions 4.1x and on Linux. Manual redirection works fine, but when using header("Location: xxx") registered session variables are lost. All pre-4.1.x -versions seem to work. Not tested on other platforms. session.auto_start is set to 0 in php.ini. Example: script_1.php: <?php session_start (); /* these session variables should be set in script_2.php. On versions 4.1.x they never get set. On 4.0.x everything works. */ echo "FOO: " . $foo . " BAR: " . $bar; ?> <html><head><title></title></head> <body> <form action="script_2.php"> <input type="text" name="param1"> <input type="text" name="param2"> <input type="submit" value="Submit"> </form> </body></html> Script 2: <?php session_start (); session_register ("foo"); session_register ("bar"); $foo = $param1; $bar = $param2; header ("Location: $HTTP_REFERER"); ?> PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Thu Nov 06 05:00:01 2025 UTC |
HERE IS THE ANSWER TO YOUR PROBLEMS WITH PHP LOSING SESSION INFORMATION AFTER A FORCED REDIRECT. Listen up kids because I'm only going to say this once! I had the exact same problem that is posted here as a 'bug' about 50 times. I am a professional Computer Programmer/Analyst by trade and was quite embarrased that I could not get this working myself. Well it turns out that it's not a PHP bug after all. The symptom: Browser fails to write session cookie when using a header("Location: filname.php"); call after a session_start(); call. Common procedure: ----------- index.php ----------- <form action="login.php" method="post"> <input type="text" name="txtUserName"> <input type="password" name="txtPassword"> </form> ----------- login.php ----------- <? session_start(); //create a new session session_register('username'); //register username session variable session_register('password'); //register password session variable $_SESSION["username"] = $HTTP_POST_VARS["txtUserName"]; //set the username to the session variable object $_SESSION["password"] = $HTTP_POST_VARS["txtPassword"]; //set the password to the session variable object session_write_close(); header("Location: home.php"); ?> ----------- home.php ----------- <? session_start(); echo $_SESSION['txtUserName']; //value should be there but isn't ?> <html> <head> <title>Main Menu</title> etc... The Solution: In your login HTML form page (index.php) place this at the top <?session_start();?>. This way here a session is created before logging in. No session variables exist but the browser now has a session assigned. When you submit the form, the session_start() in the login.php file now resumes the already created session and registers the session values to the session variables. Therefore, if your browser does not write the session cookie before the headers have been sent it will not matter because the session already exists. Common Misconceptions: This has nothing to do with your OS or version of PHP in my opinion. It has to do with HTTP and how your browser conforms to the HTTP standard. People think that PHP is losing the session information. In fact, it is not. But what is happening if you do an immediate redirect without having first created a session in a previous php page, is that it creates a new instance of a session and then uses the newly created one.