0

I login into my website (running on localhost), and store the user id in a session variable

$_SESSION['user_id'] = $user_id;

The main page loads, and all is fine. I show the user id on the main page, so I'm sure of its value. When I load another page, using

php = 'some_php_file.php';
window.open(php,php);

The second page opens ok. But if I try to open the same page again, clicking on the same button on the main page, the system will logout. If I omit the second php in window.open() (using '' instead), I may have multiple copies of the same window (what I don't want), but no problem of automatic logout.

Any idea what may be happening?

EDIT: If I close the second window and repeat the process, I have no logout problem. I can close and reopen the second window as many times as I wish. The problem only happens if I try to open the second window, but it is already open. I can also open different 'second windows' (different php files). I'm only getting logged off if I try to open TWICE the same window.

EDIT 2: Seems I've found it. Before I call window.open(), I'm testing for the existence of the php file, using this function:

function fileExists(url){
    var http = new XMLHttpRequest();
    http.open('HEAD',url,true);
    http.send();
    return http.status != 404;
}

If I change the http.open() line to

http.open('HEAD',url,false);

it works! But the manual tells us to use 'true' in the third parameter... What should I do?

Rodrigo
  • 4,706
  • 6
  • 51
  • 94
  • 4
    Have you got a `session_start()` at the beginning of each PHP entry point? – Jonnix Nov 16 '15 at 14:49
  • Yes, I have. If I haven't, the problem of automatic logout would not disappear just because I omit the window title (the php variable), would it? Actually, it would not even open ok the first time, would it? – Rodrigo Nov 16 '15 at 14:50

1 Answers1

1

It seems to me that your fileExists function simply returns true all the time because it does not wait for the XHR to complete. Except when you specify async = false.

Time to read How to return the response from an asynchronous call? probably.

I have no clue what is the consequence of this always being true, as you do not share exactly what you do with that result.

Now if you want to "stick with the manual" and keep async = true (you should really indeed), then simply wrap your following code in a callback. E.g.:

function fileExistsAsync(url, callback){
    var http = new XMLHttpRequest();
    http.open('HEAD',url,true);
    http.send();
    http.onreadystatechange = function () {
        if (http.readyState === 4) {
            callback(http.status != 404);
        }
    }
}

fileExistsAsync(url, function (exists) {
    console.log("async " + exists);
});

Demo: http://jsfiddle.net/52xqLfow/

ghybs
  • 47,565
  • 6
  • 74
  • 99