for whatever reason firefox is dropping my custom session variables. the variables are for a custom user system that is built into my custom theme. this only happens in firefox, the user system works perfect in all other browsers.
heres the top of my header.php:
<?php
session_start();
global $errors, $success, $u_cache;
include 'sub-user-auth.php';
?>
here is sub-user-auth.php:
<?php
$u_cache['logged_in'] = false;
if (!empty($_POST['u_signin']))
{
$errors = array();
$success="";
foreach ($_POST as $k => $v)
$$k = trim(htmlspecialchars($v, ENT_QUOTES));
if (empty($u_username))
$errors[] = 'You must enter your username';
else if (empty($u_password))
$errors[] = 'You must enter your password';
else if (mysql_result(mysql_query("select count(*) from `users` where `username`='".mysql_real_escape_string($u_username)."' and `password`='".md5($u_password)."'"), 0) == 0)
$errors[] = 'Invalid username and/or password entered';
if (empty($errors))
{
foreach ($_POST as $k => $v)
$$k = trim($v);
$_SESSION['u_username'] = $u_username;
$_SESSION['u_password'] = md5($u_password);
if ($u_remember == 'yes')
{
setcookie('u_username', $u_username, time() + 31536000);
setcookie('u_password', md5($u_password), time() + 31536000);
}
$success="You have been signed in successfully! Please <b><a href="".get_bloginfo('url').'/my-home">click here</a></b> to continue to your account.';
foreach ($_POST as $k => $v)
$$k = '';
}
}
if (!empty($_COOKIE['u_username']) && !empty($_COOKIE['u_password']))
{
$u_cache['u_username'] = $_COOKIE['u_username'];
$u_cache['u_password'] = $_COOKIE['u_password'];
}
else if (!empty($_SESSION['u_username']) && !empty($_SESSION['u_password']))
{
$u_cache['u_username'] = $_SESSION['u_username'];
$u_cache['u_password'] = $_SESSION['u_password'];
}
if (!empty($u_cache['u_username']) && !empty($u_cache['u_password']))
{
$sql = mysql_query("select * from `users` where `username`='".mysql_real_escape_string($u_cache['u_username'])."' and `password`='".mysql_real_escape_string($u_cache['u_password'])."'");
if (mysql_num_rows($sql) != 0)
{
while ($row = mysql_fetch_assoc($sql))
{
foreach ($row as $k => $v)
$u_cache[$k] = htmlspecialchars(stripslashes($v), ENT_QUOTES);
}
$u_cache['logged_in'] = true;
$u_cache['fav_leagues'] = explode(',', $u_cache['fav_leagues']);
$u_cache['fav_teams'] = explode(',', $u_cache['fav_teams']);
}
}
if ($u_cache['logged_in'])
{
if (is_page(array('sign-in', 'sign-up', 'forgot-password')))
{
header('Location: '.get_bloginfo('url').'/my-home');
die();
}
}
else
{
if (is_page(array('my-home', 'edit-home', 'sign-out')))
{
header('Location: '.get_bloginfo('url').'/sign-in');
die();
}
}
?>
what happens is it lets me log in, shows me the “my-home” page, then kicks me off almost immediately after and sends me back to the sign-in page. all of the custom session variables are dropped.
1 Answer
Are you sure it works in other browsers?
WordPress by default drops/unset all unknown variables. Check wp-includes/load.php inside the function wp_unregister_GLOBALS().
I had similar session variable issue and fixed it using (in functions.php)
<?php
// Enable session
add_action('init', 'custom_init_session', 1);
function custom_init_session() {
if (!session_id())
session_start();
}
ie. Call session_start() during init instead of in header.php.
Give it a try!
