I've been using the following code in our buying process section of our website by placing at the top of each stage where sessions are used.
<?php
session_cache_limiter('private_no_expire'); // must go before session start
session_start();
I want to start using sessions more widely on the website, for instance in the customer login area.
I have a file called "all.php" which includes all my classes/objects and shared includes at the start of each page on my system. I thought removing the above code from all the separate e-commerce files and adding to the top of "all.php" would be a good idea seeing as it's system wide, and the first thing that loads on the page.
Since doing this, my customer login area has encountered problems. It keeps throwing users back to the login page after they've navigated a few links. It seems when you hit a URL that you've already been on it doesn't like it and just sends you back to the start. If you add &1=1 onto a url that you've been onto before, it tricks the system into letting you visit the page because its a new unique url. So the cache is definitely messing up.
I'm not actually using sessions in this section of the website yet so it's not like you are actually being logged out... it's just sending you to that page where you started,
Can anyone shed any light on what may be going wrong here?
Could it be my use of session_cache_limiter('private_no_expire');
I use the above line because my buying process uses POST forms and clicking the back button gave ugly messages about data being resubmitted.
http://php.net/manual/en/function.session-cache-limiter.php
UPDATE:
Commenting out that first line has helped and the issue has stopped:
//session_cache_limiter('private_no_expire'); // must go before session start
It's a temporary fix as this means the back button is causing data resubmission warnings. That just means I need to implementing this properly but I'd still ike to understand why that line is doing that:
This is the similar thing as we create a login panel in PHP. As soon as user is loged in you need to start the session by using session_start() and when the user click log out stop the session by using ssession_unset(). This will solve you issues. Try it out and let me know if it works.
Keep Coding..
The quickest and cleanest way to bypass this is to do this when done processing form data, instead of displaying information on the page that does the processing.
Header('Location: http://www.domain.com/page.php');
If, for example, you're adding an item to a shopping cart, redirect the user either to their cart page when done or to the item page again.
Since doing this, my customer login area has encountered problems. It keeps throwing users back to the login page after they've navigated a few links. It seems when you hit a URL that you've already been on it doesn't like it and just sends you back to the start. If you add &1=1 onto a url that you've been onto before, it tricks the system into letting you visit the page because its a new unique url. So the cache is definitely messing up.
session_cache_limiter('private_no_expire'). You don't need it for what you're doing.