Updating session variables
Their session variable is still there, but PHP won't give it to a stranger.
Well, the default method used to accomplish this is via a cookie set when you initiate the session.
Since it appears you are redirecting the user to the member's only page using the Location header on the same page the session is initiated, the PHPSESSID cookie will not be set.
I have reviewed the bugs database, and the solutions reported for similar cases do not work for me. But in my case browser refresh on the target page also does not solve the problem.
The following are portion of the code used: I tested the code on a Linux server and it works perfectly. Kannan Environment: Windows 2000, IE 5.5, Linux 4.0.6 [Session] session.save_handler = files session.save_path = C:\temp session.use_cookies = 1 = FOO session.auto_start = 1 session.cookie_lifetime = 60 session.cookie_path = c:\temp session.cookie_domain = session.serialize_handler = php session.gc_probability = 1 session.gc_maxlifetime = 1440 session.referer_check = session.entropy_length = 0 session.entropy_file = session.cache_limiter = private session.cache_expire = 180 session.use_trans_sid = 1 url_= "a=href,area=href,frame=src,input=src,form=fakeentry" I have reviewed the Bugs database against the following IDs 13732 - is closed with no reply or resolution indicated. The only thin that works is clicking on a href link to go to the target page. Kannan The problem as I understand it is in the use of session.auto_start in the and session_start() in the script.