I'm so confused by session variables. They keep appearing and disappearing.

I've made a simplified example of the problem which you can view here.

http://www.netcartoon.net/naaas/newtry/start.php

Basically, I am trying to make a log-in page, which will re-direct the user to the page they came from once they log-in. The problem is, when I re-direct them the session variables disappear, so it doesn't register them as logged in.

If I use a hyperlink to return them to the original page it works ok...so I was thinking it's a problem with the re-direct? But if you look at the login1.php - it's TOTALLY weird. It has two lines right after each other. The first one says echo the session variable 'returnurl' and the second creates a dynamic link using the same variable. The echo line shows nothing, but the link works fine.. Why?


I just don't understand session variables. If you can take some time to look at this example and help me understand what is actually happening I would be so grateful.

Thanks

Toby

Even stranger - i tried it again and it works from this link....is this something to do with caching? I can't understand why it works sometimes and not others...

question - why do you have the exit() on there? doesnt really need to be there... mayby that is effecting your variables in some way, i dunno. also - why do you use http variables? you can use cookie based ones that do the same thing without the messy url.

if (!isset($_SESSION['loggedin'])) {
session_start();
$_SESSION['loggedin'] = "true";
}
else {
echo "You are already logged in";
}

on the protected page, do this:

session_start();

if (!isset($_SESSION['loggedin'])) {
die("You must be logged in");
}
else {
if ($_SESSION['loggedin'] == true) {
echo "You are logged in";
}
}

Thanks Sux.

I put the exit() in because that seemed to be what it suggested on the tutorial I read online - it said something about making sure no other code got executed AFTER the re-direct... so perhaps it's superfluous.

Does $_SESSION mean cookie instead of URL based session? In my book it says PHP will try to use cookies if it can or if not then will use the URL, but I only ever notice it using the URL. I really am finding it tough to find a decent site on sessions.

Anyway - the good news is that my site suddenly all started working again this morning. Without me changing anything. I can only assume it is something to do with ISP caching. I know NTL cache files at their end to speed things up...I can't understand why it would stop woring one dayand be ok the next otherwise.

Anyway, thanks again for your help. Programming a forum function is not easy! But I can't afford to buy one.

If you are interested, you can see the result here

http://www.netcartoon.net/naaas/quiz.php


If you are American, please don't be offended..it's a joke! :)

np. sessions shouldn't disappear, so long as you dont send the user back to a url where the sessions get renamed, then it can screw up. thus u need an if statement to check if they are already set before you set them.