--- Stuart Felenstein <stuart4m@xxxxxxxxx> wrote: > Thank Chris , but met with same behaviour. Well, it was certainly a problem, so at least it's one less thing to worry about. :-) > 2 Questions: > 1- Should I drop the $url line ? I tried both ways , > no change though. It doesn't matter. Your method was fine, but $url needs to be an absolute one (http://example.org/path/to/script.php). > 2- Do I still need to call the SID ? This was a separate suggestion given by someone else, the idea being that perhaps the browser is not sending the cookie. This is a good suggestion, because most of these lost session problems are a result of the browser not identifying itself (by sending the session identifier by some means). The causes of this problem range, but this is the first thing to check. On each page, it might be good to add some debugging information near the top (where session_start() is): <?php session_start(); echo '<pre>' . htmlentities(print_r($_COOKIE, true)) . '</pre>'; echo '<pre>' . htmlentities(print_r($_GET, true)) . '</pre>'; echo session_id(); ... What you may notice is a lack of a session identifier in the $_COOKIE superglobal or $_GET superglobal and/or the session identifier (from the session_id() call) changing for every page. Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security - O'Reilly HTTP Developer's Handbook - Sams Coming December 2004 http://httphandbook.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
