0

To login I use:

<?php
session_start();

if($_POST){
$csUSER='USERNAME';
$csPASS='PASSWORD';
$user=$_POST['user'];
$pass=$_POST['pass'];
if ($user==$csUSER) {
    if ($pass==$csPASS){
        $_SESSION['cdb']="1";
        header("Location: /");
        exit;
    } else {
        $passerror='<span class="errormsg">Wrong Password.</span>';
    } // END IF PASSWORD
} else {
$usererror='<span class="errormsg">Wrong Username.</span>';
} // END IF USERNAME
} // END IF $_POST
?>

To allow myself to do admin tasks per page (included in all pages [top of page]):

<?php
session_start();

if(isset($_SESSION['cdb'])){  
$loggedn="WORD";
}
?>

This allows me to:

<?php
if ($loggedn=="WORD") { WHATEVER }
?>

And to make sure I only have access to backend pages when logged in (included in all backend pages):

<?php
// backend login check
if($loggedn!="WORD") {
header("Location: /"); // if not logged in, go to homepage
exit;
}
?>

The problem is, it works perfect on my pc, but I have another pc my wife uses for data collation and it does not stay logged in on her pc. We both use Linux (Fedora) with FF. I have been over ever line of code in each page, help!

Improve this question
4
  • does she have all cookies disabled on her browser by any change ? Commented Jun 14, 2011 at 19:18
  • Since it works on one machine, but not the other, have you ensured that cookies are enabled on your wife's machine? Commented Jun 14, 2011 at 19:19
  • PHP sessions use cookies by default. Are cookies enabled on your wife's pc? Commented Jun 14, 2011 at 19:19
  • are you sure all your backend pages have the session_start() bit before you check for $loggedn ? Commented Jun 14, 2011 at 19:19

2 Answers 2

Reset to default
1

A few things to check:

  1. Ensure that you are starting with a clean slate. Clear cache and cookies in your browser to ensure that you don't have an old session open.
  2. Ensure that session data is being stored on the new machine. Session data is commonly stored in /tmp
  3. Ensure that there is no client-specific code being executed in relation to the session.
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I had no idea the sessions were stored in /tmp. Cleared the temp folder and it worked perfectly.. Thanks so much.
0

Call the exit function after redirecting to another page, otherwise the following code will be executed anyway, what can lead to strange behaviour.

if($loggedn != "WORD")
{
  // redirect to login page
  header("Location: login.php");
  exit;
}
// the following code will be executed if exit is not called
...
Improve this answer

1 Comment

Thank you, Martin. I added exit after header.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.