I have a sessions problem with my site and am hoping someone can help.
I have a membership system which iI now have functional and works a treat.
In my script thats checks and validates the user I register session variables and caryy them throughout the site for the visit length.
This code is
session_register('first_name');
$_SESSION['first_name'] = $first_name;
session_register('last_name');
$_SESSION['last_name'] = $last_name;
session_register('email_address');
$_SESSION['email_address'] = $email_address;
session_register('special_user');
$_SESSION['user_level'] = $user_level;
session_register('username');
$_SESSION['username'] = $username;
session_register('password');
$_SESSION['password'] = $password;
mysql_query("UPDATE users SET last_login=now() WHERE userid='$userid'");
header("Location: login_success.php");
With an else statement here to trigger an alternative event.
########################################
When i echo sessions on test page all is well with this code, so I know the sessions are correct.
echo $_SESSION['first_name'];
echo $_SESSION['last_name'];
echo $_SESSION['email_address'];
echo $_SESSION['user_level'];
echo $_SESSION['username'];
echo $_SESSION['password'];
When trying to prevent access from specific pages with
session_start();
if (!isset($HTTP_SESSION_VARS['first_name']) || $HTTP_SESSION_VARS['first_name'] != "first_name") {
header ("Location: /members/login_form.html");
}
I am redirected to the login page. To my mind the code above should let me access the page as the session does exist. I am running on a Apache Server with globals on and php4, so could that cause a problem with HTTP_SESSION_VARS. If anyone can shed light I would be grateful.