0

Hi Friends Please help me about a session problem, i am unable to find the reson of this issue.

I am Developing a matrimonial site for a client : bit.ly/19mFQ8x

Problem : users are automatically logout when they click on any page after login, but it is not happning in my windows 7 Laptop and my other 5 windows 7 PC, It is happening on my client windows XP PC and in my one windows xp PC, i never face this type of issue, i have used same login code in my another projects and it is runing ok, i am useing HostGator hosting

My code are

session_start();
    function logged_in() {
        return isset($_SESSION['username']);
    }
    function confirm_logged_in() {
        if (!logged_in()) {
            redirect_to("http://myclientsiet.com/index.php");
        }
    }

To Conform User is login

To Check User Is Login

confirm_logged_in();

Login Code

    $unh=$_POST['unh'];
    $psh=$_POST['psh'];
    $sr=mysql_query("select * from registration where username='$unh' AND password='$psh'");
    $res=mysql_fetch_array($sr);
    if($res!=NULL)
    {
        $_SESSION['username']=$res['username'];
        $_SESSION['email']=$res['email'];
        header("location:member/index.php");
    }

Please Help Me to fix this issue

Edited by mastermind2: Wrong URL

3
Contributors
5
Replies
18
Views
3 Years
Discussion Span
Last Post by diafol
0

One basic rules with sessions is that you will need session_start(); on all pages so that you session will be active on every page

Maybe this is you problem?

0

first code is in the top of my function page it is included in all page

0

i can not understand why it is happning in only some PC with windows XP installed

0

Try to create your code first in a procedural way and then convert it to a oop way or maybe a framework.

Hope this can solve your issue

0

Erk! Sorry nothing to do with your issue, but I noticed a very big security hole:

$unh=$_POST['unh'];
$psh=$_POST['psh'];
$sr=mysql_query("select * from registration where username='$unh' AND password='$psh'");

You're using mysql_* functions, which you should consider changing to mysqli or PDO, but in the meantime, you must use mysql_real_escape_string or you'll suffer data exposure from SQL injection.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.