Jump to content

PHP Session variables and use of the browser back button.


Recommended Posts

I'm noticing that the code which I have at the top of each page:

<?phpsession_start();  if($_SESSION['loggedin'] != TRUE){    header("Location: index.php");}  ?>

is working very well until I attempt to use the back button of Google Chrome. At that point I am sent to index.php. I've been reading into this issue and I see a lot of code that looks like it may be old or possibly deprecated. Is there some way to make this code work with the back button? Comments or suggestions?Many Thanks!

Link to post
Share on other sites

When I use the back button of my browser it appears that my $_SESSION['loggedin'] = TRUE is passed over as though it does not exist. Would the correct work around be to just place my own back button onto the page? If there is a way for the back button to work without this problem I would really like that but I don't know how to make that happen yet. Thank you for your reply!

Link to post
Share on other sites

If I look at the flow of execution of the program I see that when the button is pressed to go to calander.php from main.php there is that .ajax is called from main.php executing customer.comitt-to-session.php and then once execution of customer.comitt-to-session.php completes main.php then does a window.location.replace("calendar.php"); from main.php. After that flow completes I hit the back button and I end up at index.php. This is the top of main.php

 <?phpsession_start();  if($_SESSION['loggedin'] != TRUE){	header("Location: index.php");} ?>

This is the top of calander.php

 <?php session_start();  if($_SESSION['loggedin'] != TRUE){    header("Location: index.php");} require_once('include.securelogin.php');$mysqli = new mysqli($ad_host, $ad_user, $ad_password, "samedaycrm"); if ($mysqli->connect_errno) {    printf("Connect failed: %s\n", $mysqli->connect_error);    exit();} $firstname = $_SESSION['firstname'];$lastname = $_SESSION['lastname'];$address1 = $_SESSION['address1'];$address2 = $_SESSION['address2'];$city = $_SESSION['city'];$state = $_SESSION['state'];$zip = $_SESSION['zip'];$phone = $_SESSION['phone'];$email = $_SESSION['email'];$cell = $_SESSION['cell']; $tSQL = "select * from customers where firstname = \"$firstname\" and lastname = \"$lastname\" and address1 = \"$address1\" and address2 = \"$address2\" and city = \"$city\" and state = \"$state\" and zip = \"$zip\" and phone = \"$phone\" and email = \"$email\" and cell = \"$cell\""; $result = $mysqli->query($tSQL);$row_cnt = $result->num_rows; $result->data_seek(0); $cnt = 0;while ($row = $result->fetch_assoc()) {    $arr[$cnt]['idcustomers'] = $row['idcustomers'];    $arr[$cnt]['firstname'] = $row['firstname'];    $arr[$cnt]['lastname'] = $row['lastname'];    $arr[$cnt]['address1'] = $row['address1'];    $arr[$cnt]['address2'] = $row['address2'];    $arr[$cnt]['city'] = $row['city'];    $arr[$cnt]['state'] = $row['state'];    $arr[$cnt]['zip'] = $row['zip'];    $arr[$cnt]['phone'] = $row['phone'];    $arr[$cnt]['email'] = $row['email'];    $arr[$cnt]['cell'] = $row['cell'];    $cnt++;} $tSQL = "select idevents, title, UNIX_TIMESTAMP(start), UNIX_TIMESTAMP(end), allday, url, customerid from events where customerid = \"$arr[0]['idcustomers']\""; $result = $mysqli->query($tSQL);$row_cnt = $reault->num_rows; $cnt = 0;while ($row = $result->fetch_assoc()) {    $arre[$cnt]['id'] = $row['eventid'];    $arre[$cnt]['start'] = $row['start'];    $arre[$cnt]['end'] = $row['end'];    $arre[$cnt]['allDay'] = $row['allDay'];    $arre[$cnt]['title'] = $row['title'];    $arre[$cnt]['url'] = $row['url'];    $cnt++;} ?>

Edited by sepoto
Link to post
Share on other sites

If there is a problem in customer-committosession.php which is the call to AJAX I certainly don't see it yet. This is the code for it:

 <?phpsession_start();$_SESSION['loggedin'] = TRUE; require_once('include.securelogin.php');$mysqli = new mysqli($ad_host, $ad_user, $ad_password, "samedaycrm"); if ($mysqli->connect_errno) {    printf("Connect failed: %s\n", $mysqli->connect_error);    exit();} $firstname = $_POST['firstname'];$lastname = $_POST['lastname'];$address1 = $_POST['address1'];$address2 = $_POST['address2'];$city = $_POST['city'];$state = $_POST['state'];$zip = $_POST['zip'];$phone = $_POST['phone'];$email = $_POST['email'];$cell = $_POST['cell']; $_SESSION['firstname'] = $firstname;$_SESSION['lastname'] = $lastname;$_SESSION['address1'] = $address1;$_SESSION['address2'] = $address2;$_SESSION['city'] = $city;$_SESSION['state'] = $state;$_SESSION['zip'] = $zip;$_SESSION['phone'] = $phone;$_SESSION['email'] = $email;$_SESSION['cell'] = $cell; echo "Customer selected for scheduling. Forwarding to calendar.";?>

Link to post
Share on other sites

I'm attaching by zip file everything I can without compromising the security of my site or it's customers.

Edited by sepoto
Link to post
Share on other sites

I have to create some code that will reproduce the error. It should be easy. I'm fairly confident that the problem is fully related to window.location.replace("calendar.php"); So a simple log in script containing that JavaScript redirect and some PHP session code is what I'm building.

Edited by sepoto
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...