0

Hi,
I'm having a slight problem on my home page. Depending on if the user is logged in or not depends on what navbar they see. However, even if the user is logged in - it will sometimes tell the user he is logged out. If you refresh the page then it will show the correct status. If you go to another page then come back, it will then show the correct status.

Even if it does show correctly that the user is logged in, if you refresh the page 4 or 5 times it will then show that he is logged out, refresh again and bam he's logged in. It seems as though it's completely random.

Here's the code from the pages:

Homepage:

<?php
  require('functions/startsession.php');
  require('functions/header.php');
  
  $page_title = 'Welcome Home';
  
  require('functions/footer.php');
?>

Session Start:

<?php
session_start();

  // If the session vars aren't set, try to set them with a cookie
  if (!isset($_SESSION['user_id'])) {
    if (isset($_COOKIE['user_id']) && isset($_COOKIE['username'])) {
      $_SESSION['user_id'] = $_COOKIE['user_id'];
      $_SESSION['username'] = $_COOKIE['username'];
    }
  }
?>

Header:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<?php
  echo '<title>Site Name | ' . $page_title . '</title>';
?>
  <link rel="stylesheet" type="text/css" href="formstyle.css" />
  <link href="functions/stylesheet.css" rel="stylesheet" type="text/css" />
  <script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
  <link href="SpryAssets/SpryMenuBarHorizontal.css" rel="stylesheet" type="text/css" />
</head>
<body class="thrColFixHdr">
<div id="container">
  <div id="header">
  <img src="images/logo.gif" width="1024" height="80" alt="logo" longdesc="index.php" />
  <?php
    require('navmenu.php');
    ?>
  <br />
<!-- end #header --></div>
    <div id="sidebar1">
  <h3>Content</h3>
    <p>Content inserted here, no scripts</p>
  <!-- end #sidebar1 --></div>
  <div id="mainContent">
      <table width="100%" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td align="left" valign="middle">
    <?php
          echo '<h3>' . $page_title . '</h3>';
    ?>
    </td>
    <td align="right" valign="middle">
        <div class="welcome">
            Welcome,
        <?php
        if (isset($_SESSION['username'])) {
            echo $_SESSION['username'];
            ?>
            <p class="italics">Not you? Please <a href="authentication/logout.php">log out</a>.</p>
            <?php
        }
        else {
        ?>
        Guest
        <?php
        }
        ?>
        </div>
    </td>
  </tr>
</table>

Nav Menu:

<ul id="MenuBar1" class="MenuBarHorizontal">
    <li><a href="index.php">Home</a></li>
    <?php 
        if (isset($_SESSION['user_id'])) {
            ?>
              <li><a href="profiles/search.php">Search</a></li>
              <li><a href="mail/inbox.php">Mail</a></li>
              <li><a href="register/settings.php" class="MenuBarItemSubmenu">Account</a>
                <ul>
                      <li><a href="profiles/edit_profile.php">Edit Profile</a></li>
                      <li><a href="authentication/change_password.php">Change Password</a></li>
                    <li><a href="register/settings.php">Settings</a></li>
                </ul>
              </li>
              <li><a href="authentication/logout.php">Logout</a></li>
              <?php
        }
        if (!isset($_SESSION['user_id'])) {
            ?>
              <li><a href="register/signup.php">Sign Up</a></li>
              <li><a href="authentication/login.php">Log In</a></li>
              <?php
        }
        ?>
    </ul>

Thanks and any help would be greatly appreciated.

Edited by armyguydave69: n/a

2
Contributors
6
Replies
7
Views
7 Years
Discussion Span
Last Post by armyguydave69
0

What browser are you testing in? Try another browser to make sure it isn't specific to that browser.

How often does it happen? Every 10 refreshes? 100?

If you have firefox, and firebug, try looking at each HTTP request, and see if there is a difference between the http request/response when the user is logged in, and appears logged out.

Firebug: http://getfirebug.com/

You can also use wireshark: http://sourceforge.net/projects/wireshark/

Edited by digital-ether: n/a

0

okay, that was odd. I've been using Safari to test it thus far. And I just went to test it the first time today and it seems to be running fine in Safari now; however, just for kicks I tested it in Firefox, and the problem was still there.

So I would say it's not browser specific.

As far as refreshing goes, after being redirected to the home page 99% of the time it's going to show you still offline, even though you just logged in, one (1) refresh and it will show you online. After that, it can vary. Typically, every three to five refreshes your logged in status will change.

0

okay, that was odd. I've been using Safari to test it thus far. And I just went to test it the first time today and it seems to be running fine in Safari now; however, just for kicks I tested it in Firefox, and the problem was still there.

So I would say it's not browser specific.

As far as refreshing goes, after being redirected to the home page 99% of the time it's going to show you still offline, even though you just logged in, one (1) refresh and it will show you online. After that, it can vary. Typically, every three to five refreshes your logged in status will change.

It may be that you're seeing cached pages? Try doing a full refresh, I believe its Ctr+Shift+R with Firefox. See if you get the same problem.
Using Wireshark, or creating the HTTP requests manually would probably be best.

To do the HTTP request manually, you could use curl. You can get the windows version (or with cygwin) from http://curl.haxx.se/download.html

Then either write a shell script or do the commands manually:

Login:

curl -b cookies.txt -c cookies.txt -d "username=user&password=pass" -i www.example.com/login.php

That would do a POST to www.example.com/login.php passing username=user&password=password as parameters.
Cookies will be saved to cookies.txt

Then you can try requesting a page over and over and examining the returned HTML:

curl -b cookies.txt -c cookies.txt -i www.example.com/index.php

That will request www.example.com/index.php, sending it the cookies saved from login.php into cookies.txt, new cookies would be written back into cookies.txt

I included the -i option, which tells curl to also return HTTP headers. That way you can view the cookies being set.

This way you bypass the browser cache, however, it could be cached by an intermediate cache between your computer and the server. In which case you should try adding a changing parameter to your URL.

eg:

curl -b cookies.txt -c cookies.txt -i www.example.com/index.php?1

next:

curl -b cookies.txt -c cookies.txt -i www.example.com/index.php?2

etc.

You could also write the requests out with PHP if you don't want to use curl manually.

Also, what session handler are you using. Is it the default, which is files? or did you set up a specific handler such as a database, etc?

What is the session lifetime:

echo ini_get("session.gc_maxlifetime");

Just throwing suggestions your way...

0

Hey digital - thanks for all the info, I really do appreciate it..

I just tried to change the where I have my files and that worked.
I had it set up where the files were sorted into folders, i.e. authentication, register, profiles, etc. When I put the pages that were giving me the problem into the authentication folder, the problem went away. The authentication folder is where I store the script to verify the user is logged in...

0

Hey digital - thanks for all the info, I really do appreciate it..

I just tried to change the where I have my files and that worked.
I had it set up where the files were sorted into folders, i.e. authentication, register, profiles, etc. When I put the pages that were giving me the problem into the authentication folder, the problem went away. The authentication folder is where I store the script to verify the user is logged in...

Thats odd. I'm glad you found a solution.

0

I thought so too, but I'm 99% sure. I got about an hour more of coding on the search page, and then I'm going to switch the other two pages that were giving me an issue. Then upload it to the host and we will know for sure...

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.