Posted by infernon on 03/14/07 15:30

I am currently attempting to pull a value from a server variable
across three pages, but I'm having a problem.

On my login page, I am using the following code:

<?php
session_unset();
?>

<html>
<head>
<title>Please log in.</title>
</head>
<body>
<form method="post" action="test1.php">
<p>Enter your username:
<input type="text" name="user">
</p>
<p>Enter your password:
<input type="password" name="pass">
</p>
<p>
<input type="submit" name="Submit" value="Submit")
</p>
</form>
</body>
</html>

On test1.php, I am using the following code to check that the login
information is correct:

<?php
session_start();
$_SESSION['username'] = $_POST['user'];
$_SESSION['userpass'] = $_POST['pass'];
$_SESSION['authuser'] = 0;

if (($_SESSION['username'] == 'Joe') and
($_SESSION['userpass'] == '12345')) {
$_SESSION['authuser'] == 1;} else {
echo "Sorry, but you don't have permission to view this page.";
exit();
}
?>

On this page, there is also a link to another page that also checks
for a properly authenticated user with the previous credentials. The
problem that I'm having is that when someone clicks on the link, they
receive an error message telling them that they do not have permission
to view the page.

Here is the code from the page at the end of the link:

<?php
session_start();

if ($_SESSION['authuser'] !=1) {
echo "Sorry, but you don't have permission to view this page.";
exit();
}
?>

I am thinking that this problem is related to a server configuration
issue, but I can't seem to put my finger on it. I don't know why the
information in the session variable will be held for only one page.

[Back to original message]