2

I'm setting a session to access admin area in my website, I'm checking afterwards for security purposes, the way I check if session has been set is like this:

session_start();
if($_SESSION['LOGIN_CHECK'] == true)
{

}
else
{
    header("location:login.php");
}

this works fine in Firefox and Chrome, but when I open a new window from JavaScript (yes the page I open has the session_start() too):

javascript: window.location.href = 'http://www.whatever.com/admin/other/'

It works on Firefox, but in Chrome, the session is deleted...

Any hints?

amphetamachine
  • 27,620
  • 12
  • 60
  • 72
user997593
  • 423
  • 5
  • 16
  • Sessions are set by server not a browser. Also if you created session in Firefox and then you open the page in Chrome it won't be the same session. – Robert May 27 '14 at 18:34
  • http://stackoverflow.com/questions/1185448/php-session-data-not-being-stored – Rahil Wazir May 27 '14 at 18:36
  • you mean : if(isset($_SESSION['LOGIN_CHECK'])){} ?? – HoangHieu May 27 '14 at 19:39
  • It's not clear from your post, but if the session ID is appended to URLs, it will not be appended to the javascript ones and therefore get lost when that js link gets visited. Use cookies instead. – Zdenek May 27 '14 at 19:39
  • Robert, you misunderstood me, Im not jumping from one browser to the other expecting the session to be there, just saying that session works when navigating with firefox but it doesn't with chrome.
    I don't mean if(isset($_SESSION['LOGIN_CHECK'])){} because when I have started the session I have set LOGIN_CHECK equal to true: $_SESSION['LOGIN_CHECK'] = true; I'm using Javascript in a link to open the new address, and that way the session is still alive when I use firefox.     – user997593 May 27 '14 at 20:27

1 Answers1

1

The problem was simple; cookies set for "mydomain.com" are not set for "www.mydomain.com" and that was all. Now everything is working fine.

Thanks for your time!

user997593
  • 423
  • 5
  • 16