Write Forums

SESSION CHECK WORKS "MOST" of the time... whats going on?

Posted on 16th Feb 2014 07:03 pm by admin

i have a sign in check thats included in every page that is a members only page which is basically all of my pages. that im working on anyways..
but heres the code..... that works MOST of the time. which doesnt make sense to me and i will explain below what it did.
Code: <?php
session_start ();
if(!session_is_registered(mysessionvariable) || $_SESSION[mod] == "") //if your variable isn't there, then the session must not be
{$_SESSION = array();
session_unset();
session_destroy();
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time()-55, '/');
}
$fullurl = 'http://www.socialemo.com'.$_SERVER['PHP_SELF'];
?>
<meta http-equiv="refresh" content="1;url=http://www.socialemo.com/home.php?homeredirect=
<?php echo $fullurl; ?>">
<?php
exit(); }
else //otherwise, they are logged in & do check
{$checkifrealuser = mysql_num_rows(mysql_query("SELECT id FROM users WHERE username = '$_SESSION[theusername]'"));
if($checkifrealuser == 0){session_unset ();session_destroy ();exit("logged out on this computer too");}}
thats the check is does. first of all when a user signs in at my site they are given a session variable(AKA $_SESSION[mod] along with the sessions called mysessionvariable. mod NEVER IS SET TO EQUAL NOTHING it equals like a number or a word or something if u log in. i added the check if $_SESSION[mod] == "" because the other one alone didnt work all the time or something... that seemed to be working until lately i get redirected with the meta thing AND THEN I GO TO THE PAGE I CANT VIEW UNLESS IM SIGNED IN AND I CAN VIEW IT, I DONT GET REDIRECTED.? WTF?!
obviously it didnt destroy my session like it should have when it redirected me.. OR THE CHECK JUST DOESNT WORK? i dont get it.

and the other thing is ill just randomly get the message "logged out on this computer too"
which i made the second part of the script for like someone that deleted there account as was logged in on two computers at the same time... thats why it checks if the session theusername variable is in the database...?

how do i get this thing to work and why is it doing this? do i have to run a check of all of the session variable? or what?

No comments posted yet

137 10 Tweet