0

I have a problem with my login script: I have this 3 scripts

index.php

ob_start();
session_start();
include ('config.php');
include ('home.php');
ob_end_flush();



home.php

 if($_SESSION['logged_in']) {
 echo $_SESSION['nome']; 
 } else { ?>
 <form name="login" action="checklogin.php";> 
 ...
 <?php } ?>



checklogin.php

ob_start();
session_start();
include("config.php");
if(isset($_POST['Submit'])) {
...
$_SESSION['logged_in'] = TRUE;
header("Location: http://$root");
die();
}
ob_end_flush();

My problem is this: When I try to log for the first time my page refresh without show the session. Why?? If a try to close and re-open my browser or log for the second time it will show the session. Why? What should I do?

user1019652
  • 1
  • 2
  • No I skip the part of loggin and the form, but I don't think the problem is there...I can post it in any case.. – user1019652 Oct 29 '11 at 13:27

1 Answers1

0

The problem you're having is that your PHP session is still active due to the lifespan of the session cookie from PHP. See this discussion here for ways to expire your sessions using a $_SESSION variable to hold a timestamp and then checking that timestamp to see if a certain amount of time has past.

Alternatively, that same discussion also gives detailed information on modifying the PHP server to set the default session lifespan using the garbage collection and cookie lifetime settings.

Community
  • 1
  • 1
davidethell
  • 11,708
  • 6
  • 43
  • 63