I've been using the following code in our buying process section of our website by placing at the top of each stage where sessions are used.
<?php
session_cache_limiter('private_no_expire'); // must go before session start
session_start();
I want to start using sessions more widely on the website, for instance in the customer login area.
I have a file called "all.php" which includes all my classes/objects and shared includes at the start of each page on my system. I thought removing the above code from all the separate e-commerce files and adding to the top of "all.php" would be a good idea seeing as it's system wide, and the first thing that loads on the page.
Since doing this, my customer login area has encountered problems. It keeps throwing users back to the login page after they've navigated a few links. It seems when you hit a URL that you've already been on it doesn't like it and just sends you back to the start. If you add &1=1 onto a url that you've been onto before, it tricks the system into letting you visit the page because its a new unique url. So the cache is definitely messing up.
I'm not actually using sessions in this section of the website yet so it's not like you are actually being logged out... it's just sending you to that page where you started,
Can anyone shed any light on what may be going wrong here?
Could it be my use of session_cache_limiter('private_no_expire');
I use the above line because my buying process uses POST forms and clicking the back button gave ugly messages about data being resubmitted.
http://php.net/manual/en/function.session-cache-limiter.php
UPDATE:
Commenting out that first line has helped and the issue has stopped:
//session_cache_limiter('private_no_expire'); // must go before session start
It's a temporary fix as this means the back button is causing data resubmission warnings. That just means I need to implementing this properly but I'd still ike to understand why that line is doing that: