custom session variables being lost in FF

0 Views

for whatever reason firefox is dropping my custom session variables. the variables are for a custom user system that is built into my custom theme. this only happens in firefox, the user system works perfect in all other browsers.

heres the top of my header.php:

Read More
<?php

session_start();

global $errors, $success, $u_cache;

include 'sub-user-auth.php';

?>

here is sub-user-auth.php: 

<?php

$u_cache['logged_in'] = false;

if (!empty($_POST['u_signin']))
{
    $errors = array();
    $success = '';

    foreach ($_POST as $k => $v)
        $$k = trim(htmlspecialchars($v, ENT_QUOTES));

    if (empty($u_username)) 
        $errors[] = 'You must enter your username';
    else if (empty($u_password)) 
        $errors[] = 'You must enter your password';
    else if (mysql_result(mysql_query("select count(*) from `users` where `username`='".mysql_real_escape_string($u_username)."' and `password`='".md5($u_password)."'"), 0) == 0)
        $errors[] = 'Invalid username and/or password entered';

    if (empty($errors))
    {
        foreach ($_POST as $k => $v)
            $$k = trim($v);

        $_SESSION['u_username'] = $u_username;
        $_SESSION['u_password'] = md5($u_password);

        if ($u_remember == 'yes')
        {
            setcookie('u_username', $u_username, time() + 31536000);
            setcookie('u_password', md5($u_password), time() + 31536000);           
        }

        $success = 'You have been signed in successfully! Please <b><a href="'.get_bloginfo('url').'/my-home">click here</a></b> to continue to your account.';

        foreach ($_POST as $k => $v)
            $$k = '';
    }
}

if (!empty($_COOKIE['u_username']) && !empty($_COOKIE['u_password']))
{
    $u_cache['u_username'] = $_COOKIE['u_username'];
    $u_cache['u_password'] = $_COOKIE['u_password'];
}
else if (!empty($_SESSION['u_username']) && !empty($_SESSION['u_password']))
{
    $u_cache['u_username'] = $_SESSION['u_username'];
    $u_cache['u_password'] = $_SESSION['u_password'];
}

if (!empty($u_cache['u_username']) && !empty($u_cache['u_password']))
{
    $sql = mysql_query("select * from `users` where `username`='".mysql_real_escape_string($u_cache['u_username'])."' and `password`='".mysql_real_escape_string($u_cache['u_password'])."'");

    if (mysql_num_rows($sql) != 0)
    {
        while ($row = mysql_fetch_assoc($sql))
        {
            foreach ($row as $k => $v)
                $u_cache[$k] = htmlspecialchars(stripslashes($v), ENT_QUOTES);
        }

        $u_cache['logged_in'] = true;
        $u_cache['fav_leagues'] = explode(',', $u_cache['fav_leagues']);
        $u_cache['fav_teams'] = explode(',', $u_cache['fav_teams']);
    }
}

if ($u_cache['logged_in'])
{
    if (is_page(array('sign-in', 'sign-up', 'forgot-password')))
    {
        header('Location: '.get_bloginfo('url').'/my-home');
        die();
    }
}
else
{
    if (is_page(array('my-home', 'edit-home', 'sign-out')))
    {
        header('Location: '.get_bloginfo('url').'/sign-in');
        die();
    }
}

?>

what happens is it lets me log in, shows me the “my-home” page, then kicks me off almost immediately after and sends me back to the sign-in page. all of the custom session variables are dropped.

Post Views: 0

Related posts

Leave a Reply

1 comment

  1. Are you sure it works in other browsers?

    WordPress by default drops/unset all unknown variables. Check wp-includes/load.php inside the function wp_unregister_GLOBALS().

    I had similar session variable issue and fixed it using (in functions.php)

    <?php
// Enable session
add_action('init', 'custom_init_session', 1);
function custom_init_session() {
    if (!session_id())
        session_start();
}

    ie. Call session_start() during init instead of in header.php.

    Give it a try!