have this question in mind. I know there are a lot questions like this on the internet, but none of them seem to do the trick for me :(
So I'm planning on making an adminpanel on a website. You enter by going through a login screen, when the name+pass is correct an session is made. On the other adminpages I'll test if this session is set, by this I'll know if the user can access the page or not.
Inlog.php (simplyfied)
<?php session_start(); ?> <html ...
then after lots of controls
if ($adminpwd == $pass) {
session_regenerate_id();
$_SESSION["mysessionname"] = $name;
$tijd = date('H:i:s', strtotime('+ 30 minutes'));
$_SESSION["E4A_einde"] = $tijd;
session_write_close();
echo "<script type='text/javascript'>window.location = 'myotheradminpage'</script>";
}
My other php pages include this script
<?php session_start();
if (!isset($_SESSION["mysessionname"])) {
session_destroy();
echo '<SCRIPT LANGUAGE="JavaScript"> window.alert("no session found") </SCRIPT>';
echo "<script type='text/javascript'>window.location = 'myloginpage'</script>";
}
With this element, if the session is not set there's a redirect, if the session is set the other code on the php page wil be triggered.
But the fact is that Every single time i'm redirected again to my loginpage. so my session is not set :s Can't figure out why so please help me out.
I tried a lot of thins with on every page to add the session_start() methode, I tried to regenerated the session id before I set the sessions, but nothing works..