Member Avatar for rajeesh_rsn

Hai,

In one of my project I found a serious bug with session. In IE and Firefox It works fine but in Opera and Safari ... it doesn't working. I will give the testing code which I wrote

Page 1 ( index.php )

session_start();
$_SESSION['uname']="I_am_Rajeesh";
header('Location: two.php');

Page 2 (two.php )

$nowGmDate = gmdate('r');
header("Last-Modified: ".$nowGmDate); // Right now
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Pragma: no-cache");
header("Cache-Control: no-cache");

session_start();
echo $_SESSION['uname'];
echo "<br/><a href='three.php'>CLICK</a>";

Page 3 ( three.php )

session_start();
unset($_SESSION['uname']);
echo "No Session";

Now it will register a session value in index.php and redirect to two.php. In that page we can see the session value. When we click it goes to three.php and in that page session will destroy.

When we press "Back" button in Browser ( IE and Firefox ) page two.php will come and that will not display session value ( it was deleted already )

But in Safari and Opera when we click "Back Button" then page two.php will come again and it will show the session value ( even if we deleted already ) .

Please help me how to avoid this issue

Thanks in advance
Rajeesh

  • 4 Contributors
  • 3 Replies
  • 114 Views
  • 1 Day Discussion Span
  • Latest Post Latest Post by harry_watson

Recommended Answers

All 3 Replies

Member Avatar for emhmk1

you could use a simple

if(isset($_SESSION['uname'])){echo 'Logged in';}
else {echo'Not logged in';}

Hope it helps...

Member Avatar for xandermedia

Maybe opera and safari cached the session variable. Did you try closing the browser, opening a new one and going straight to two.php? It should then be destroyed. It has happened to me with Konqueror before. If this is the case, then there isn't really anything you can do because there is nothing wrong with the script and the session is destroyed.

Hope This Helps.

Member Avatar for harry_watson

I thought that.....

session_start();

Has to be at the very top of every page...

or have a look at...
http://php.net/manual/en/function.session-start.php

so this....

session_start();
echo $_SESSION['uname'];
echo "<br/><a href='three.php'>CLICK</a>";

should come before this....

$nowGmDate = gmdate('r');
header("Last-Modified: ".$nowGmDate); // Right now
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Pragma: no-cache");
header("Cache-Control: no-cache");
Edited by harry_watson because: more explaining
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.