[b]ISSUE SOLVED NOW[/b]
[b]You can find all source files at[/b] [url]http://github.com/a2h/Sponge-CMS/tree/master[/url]
Okay, [url=http://github.com/a2h/Sponge-CMS/blob/master/trunk/spongecms/admin/user_login.php]here is my login page[/url], and here is a function `isloggedin()`:
[php]function isloggedin()
{
// is the user set to remember?
if (pisset('cookie',array('cookuname','cookpwd')))
{
pset('session',array('uname'=>$_COOKIE['cookuname'],'pwd'=>$_COOKIE['cookpwd']));
}
// user's session is still active
if (pisset('session',array('uname','pwd')))
{
// but is their user/pass pair correct?
if (isexistinguser($_SESSION['uname'], $_SESSION['pwd'], true) != 1)
{
// NO? gtfo
punset('session',array('uname','pwd'));
return false;
}
return true;
}
// user isn't active D:
else
{
return false;
}
}[/php]
Those functions you see like `pset` handle `$_SESSION` and `$_COOKIE` values - refer to [url=http://github.com/a2h/Sponge-CMS/blob/master/trunk/spongecms/functions.php]functions.php[/url] line 228.
This used to work, but for some reason not any longer.
Accessing every part of the script is through index.php in the root folder, which first off calls `session_start()`.
I've been placing `var_dump($_SESSION)` right below `session_start()` and I've noticed it shows `Array( )`, but putting `die(var_dump($_SESSION))` after the login script sets the session values shows that the `$_SESSION` values have been set.
Yet. Every page load, `$_SESSION` blanks. Why is this the case?
I've tried to check whether the `session_id()` on the login script and in index.php are the same, and they are.
Logging in [i]does[/i] report back that it has successfully logged me in.
----------
And yes, I'm aware `pisset` and `punset` can be puns, before anyone points that out.
And for those who've noticed leftover Markdown you can guess why.
do you have session_start somewhere?
[editline]10:10PM[/editline]
[url]http://www.php.net/manual/en/function.session-start.php[/url] says it'll carry along as long as you put session_start(); at the top of the pages
At the [b]very[/b] top.
[editline]03:20PM[/editline]
Jut do like include('session.php'); at line 2 (or 1) on everypage and do all your session in there.
wouldn't it be easier to have session_start() at the very top instead of using an include? or is there a file that gets included in every page, like a 'core.php' or something? then it'd be easier to just put session_start() at the top of the core/included file
Suppose.
Everything is accessed through index.php in the root folder: [url]http://github.com/a2h/Sponge-CMS/blob/master/trunk/index.php[/url]
First thing it does is session_start()
Why not just work with session, and not cookies.
and do like
[code]
session_start();
$_SESSION['logged_in'] = logged in; //sets the session.
$action = $_GET['action'];
if($action == "logout") {
session_unset();
Header("Location: somepage.php");
}
if(isset($_SESSION['logged_in'])) {
echo "someshit that says ur logged in";
} else {
echo "more shit about not logged in";
}
<a href="?action=logout>Logout</a>
[/code]
I [b]do[/b] work with $_SESSION; cookies are used if the user ticks "remember me" when they log in.
Still, cookies are bad.
[QUOTE=Wipmuck;18742353]Still, cookies are bad.[/QUOTE]
Cookies are a bitch to work with, yes, but they will last longer than a session variable since it ends when you leave.
Not unless you clear your cookies.
For por- Reasons.
;)
I see what you did there. :mmmsmug:
Sorry, you need to Log In to post a reply to this thread.
