[PHP] Using $_SESSION vs. session

[PHP] Using $_SESSION vs. session_register

I have a large-ish backend that I made with the (now deprecated) session_register, session_is_registered, session_unset, session_destroy functions.

Now I've made a frontend for that backend using the superglobal $_SESSION instead, setting session variables like so:

PHP Code:

$_SESSION["UID"] = $row['userid']; $_SESSION["LAST_TS"] = $row['last_login'];

after these are set, the login script redirects to the site frontpage (using the header function), where I check these variables to decide what parts to display. However I can't access them / they are empty! I know that they do get set though, because I can access the backend without logging in there as well (same credentials), and I can also logout successfully (using unset()). So I'm wondering why are they not available to me on the frontpage?

I did read in the PHP manual that you are not supposed to use the old session functions with the new $_SESSION superglobal, but I don't in the frontend scripts. I do in use these functions in the backend but they are not really connected.. they include the same headers.php file, and functions pages, but these don't use session variables, just session_start() and ob_start().

If I've made myself understood, are there any suggestions?

Lol, I thought I was having deja vu! Remember August of 2003? http://sharkyforums.com/showthread.p...hreadid=201871

Are you sure that the recordset returned from the database actually has data in it this time? :)

Either way, I would start debugging it by placing calls die($_SESSION['UID']) in various places to see where it gets lost.

Hehe. I can't remember what I was working on that time, but I do get the values from the db this time. Wierd thing is I usually find the error after posting here, but this time it has taken a long time..

PHP Code:

<?php // login.php file // include headers: require("admin/headers.php"); // login routine: if (isset($_SESSION["UID"])) { header("Location: /"); } else { if (isset($_POST['username']) && isset($_POST['passwd'])) { require($unixpath."wcms/inc/db.inc.php"); $query = "select * from wcms_user where username='$_POST[username]' and passwd=password('$_POST[passwd]') limit 1"; $result = mysql_query($query); if (!$result) { create_header($lang['Login']); print $lang["NoResultReturned"]; $errorTxt = mysql_error(); errorlog($errorTxt, $PHP_SELF); } $num_results = mysql_num_rows($result); if ($num_results != 1) { create_header($lang['Login']); echo "<h1>".$lang['Login']."</h1>"; print "<p>" . $lang['CouldNotLogin'] . "<br>"; print $lang["CheckPasswd"] . "</p>"; } else { $row = mysql_fetch_array($result); $_SESSION["UID"] = $row['userid']; $_SESSION["LAST_TS"] = $row['last_login']; $new_ts = time(); $db_update = mysql_query("update wcms_user set last_login='$new_ts', total_logins=total_logins+1 where userid='".$_SESSION['UID']."'"); if (!$db_update) { $errorTxt = mysql_error(); errorlog($errorTxt, $PHP_SELF); } // try including the mypage here instead of redirecting: // header("Location: /"); create_header($lang['Login']); include ("mypage.php"); } } else { // missing pw or username, do something: echo "Missing username/passwd"; } create_footer(); } ?>