ID: 9689 Updated by: kalowsky Reported By: [EMAIL PROTECTED] Old-Status: Feedback Status: Closed Bug Type: *Session related Operating system: PHP Version: 4.0.4pl1 Assigned To: Comments: no user feedback. considered fixed in cvs. if this is untrue please reopen the bug. Previous Comments: --------------------------------------------------------------------------- [2001-05-30 12:00:45] [EMAIL PROTECTED] does this still happen with a simple script (like one that is about 10 lines max) in the current releases? --------------------------------------------------------------------------- [2001-03-11 22:22:15] [EMAIL PROTECTED] Basic script. The script uses sessions for login data. When you login, the password and login are stored as session variables. When you try anything else (without passing the login variables as arguments) the session variables are empty (completely) but the session ID still exists. The sessions work fine in Netscape Navigator. I did all the suggested things (turning off the cache, turning off AUTOCOMPLETE) to no avail. Here's the code: <? session_start(); error_reporting(E_ALL); while (list ($key, $val) = each ($HTTP_POST_VARS)) { echo "$key => $val<br>"; } # this is empty the second time... while (list ($key, $val) = each ($HTTP_SESSION_VARS)) { echo "$key => $val<br>"; } echo session_id(); include("config.php3"); if (!isset($login_message)) {$login_message="";} echo $logged_in."X".$action.$password; session_register("logged_in"); session_register("action"); if (isset($password)) $spassword=$password; if (isset($email)) $semail=$email; session_register("semail"); session_register("spassword"); if (!isset($logged_in)) { $logged_in=0;}; if (!isset($action)) {$action=1;}; echo "<HTML>"; $logged_in=checkInfo($spassword,$semail); if ($logged_in==0) $action=0; if ($action==3) $logged_in=0; if ($logged_in==1) { if ($action==1||!isset($action)||$action==0) include("mainmenu.php3"); else if ($action==2) include("mod.php3"); } else include("login.php3"); #page_close(); function connectDB() { global $dbname,$dbpass,$dbhost,$dblogin; $db=mysql_pconnect($dbhost,$dblogin,$dbpass); return $db; } function checkInfo($password,$email) { global $login_message; global $dbname; global $password,$email; $db=connectDB(); mysql_select_db($dbname,$db); $logged_in=0; $sql="SELECT * FROM Alumni where Email='$email' and Password='$password'"; $res=mysql_query($sql); echo $sql; if (!$res||mysql_num_rows($res)==0) { print mysql_error(); $login_message="Please check your password and login again."; } else { while ($myrow=mysql_fetch_array($res)) { if ($myrow["Approved"]==1) $logged_in=1; if ($myrow["Approved"]==0) { $login_message="Sorry, your account has not been approved yet."; $logged_in=2; } } --------------------------------------------------------------------------- ATTENTION! Do NOT reply to this email! To reply, use the web interface found at http://bugs.php.net/?id=9689&edit=2 -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]