When using my Samsung Galaxy S7 browser, php session variables are lost on moving from one page to another, or on refreshing a landing page. This doesn't happen all the time, but the same behaviour is experienced on more than one phone.
It works fine on computers and other mobile browsers.
I've stripped the code down to the bare minimum to demonstrate the issue (of course there is a proper check of user id/passwords, but the code below is for demo only)
Login page (logintest1.php)
<?
session_start();
$_SESSION=array();
$logout_time=5000; //how long until auto logoff?
if(!empty($_POST['userid']) && !empty($_POST['password'])){
//check login credentials
$_SESSION['test']['user_name']="test user";
$_SESSION['test']['user_id']=13;
header("location:logintest2.php");
exit();
}
?>
<!doctype html>
<html lang="en">
<head>
<title>login</title>
</head>
<body>
<h4>logintest1.php</h4>
<form class="form-signin" method="post" action="<?=$_SERVER['PHP_SELF'];?>">
<h1>Please sign in</h1>
<label for="userid_id">Username</label>
<input type="text" id="userid_id" name="userid" required autofocus><BR>
<label for="inputPassword" >Password</label>
<input type="password" id="inputPassword" name="password" placeholder="Password" required><BR>
<button type="submit">Sign in</button>
</form>
</body>
</html>
landing page (logintest2.php):
<?
session_start();
if(!isset($_SESSION['test']['user_id'])){
header("location:logintest1.php");
exit();
}
echo("<PRE>");print_r($_SESSION);echo("</PRE>");
?>
<!doctype html>
<html lang="en">
<head>
<title>landing page</title>
</head>
<body>
<h3>Example landing page</h3>
<?
echo("<PRE>");print_r($_SESSION);echo("</PRE>");
?>
<a href='logintest3.php'>Go to next page</a>
</body>
</html>
I expect the session variables to be set and the user to remain logged in until they go back to the login page. However, with the Galaxy S7 browser, on refreshing the landing page (or even the subsequent page), session variables are frequently dropped, and the user is redirected back to the login page.
This works as I expect on PCs and other mobile browsers (including Chrome).
Thanks in advance for any help you can give!
I'm having the same issue with some of our clients. Have you found a solution?
It might well be that cookies is disabled/limited on the stock browser - but I really cannot tell all clients to set certain settings on their phones :)