From: <dan...@li...> - 2003-05-24 22:46:07
|
Hiya guys, I read your recent posts regarding the need for a session killer and thought you might have some comments regarding the following. The problem is the common "you must be logged in" error and I have spent ages going through everything and seem to have narrowed it down to the is_logged_in(); function in webmail.php: The user enters his username/password into login.php This calls redirect.php which contains the lines: ========CODE============== session_start(); sqsession_unregister ('user_is_logged_in'); /* Set the login variables. */ $user_is_logged_in = true; $just_logged_in = true; /* And register with them with the session. */ sqsession_register ($user_is_logged_in, 'user_is_logged_in'); sqsession_register ($just_logged_in, 'just_logged_in'); ===========END CODE=========== Redirect.php then loads webmail.php This carries the line session_start(); (would this not reset all session variables to empty?) Anyway, is_logged_in() is a function in functions/auth.php which checks to see if "user_is_logged_in" is indeed registered: if ( sqsession_is_registered('user_is_logged_in') ) etc... This returns false however and produces the dreaded "You must be logged in blah blah blah". Can you think of why the session is being lost? The problem began when I tried to implement a shared ssl setup: http://domain.com/emaildomain1.com style This uses vlogin to work out what the domain should be both for the login username and for the general $domain variable used throughout squirrelmail. Sorry for the "teaching my granny to suck eggs" approach, but I like to be clear and complete with my questions!! Thanks a bunch, Daniel =) |