PHP Session not working in Firefox

I am using a PHP session.

Here is my code for establishing session:

<?php
require_once "dbconfig.php"; // include the database information
$sql = mysql_query("SELECT * FROM users WHERE username='".addslashes($_POST['username'])."'") or die("username was in correct. MySQL said".mysql_error()); // this checks to see if the username exists
$result = mysql_fetch_array($sql); // puts the database information into an array

$link="<a href=\"http://www.website/login.html\">login</a>";
 
if($result['password'] == sha1($_POST['password'])) { // if the passwords match
session_start(); // start the session
$_SESSION['sessioname'] = $_POST['username'];
header("location: http://www.website/pm2j8dyq3o.php");
}else{
echo "Invalid! Please $link again.";
}
?>

Snipped is my code for the protected page:

My problem is that all works well in internet explorer. However i keep getting the login prompt when i use firefox?............
<?php
session_start();
////////////////////////////////////////////////////////////////////////////////////////////////////// SESSION STARTED
$link="<a href=\"http://www.website/login.html\">login</a>";
if(!isset($_SESSION["sessioname"])){
echo "You are not authorized to view this page! Please Login Here: $link";
}else{
////////////////////////////////////////////////////////////////////////////////////////////////////MY PROTECTED CONTENT
include 'pmheader.php';
require_once "dbpmconfig.php";
 
$sql = "SELECT id, job, description FROM joblist WHERE pm = '".($_SESSION["sessioname"])."' ORDER BY job asc";
$res6 = mysql_query($sql, $mysql);
?>
 
<html>
<form action="generate_sub.php" method="POST">
	<p></p>
	<table border="0" width="100%" id="table3" height="37">
		<tr>
		<td>
		<p align="center"><u><b><font size="4">Request Subcontract</font></b></u></td></tr>
		
			<tr><td width="100%">&nbsp;</td>
		</tr>
		
			<tr><td width="100%">
				<p align="center">Job <? if(mysql_num_rows($res6) > 0){
 
    echo "<select name=\"job\">";
 
        while($row = mysql_fetch_array($res6)){
   
         echo "<option value=\"".$row['job']."\">".$row['job']." ".$row['description']."</option>";
  }
  echo("</select>");
}
else
{
  echo("<i>No values found.</i>");
}
 
?> <input type="submit" value="Continue" name="B1" style="float: center"></td>
		</tr>
		</table>
	<p align="center">
			<img border="0" src="images/2complete.GIF" width="218" height="61"></p>
	<p align="left">&nbsp;</p>
</form>
</html>
 
<? include 'footer.php'; }?>

Open in new window

LVL 2
bcmeyer1983Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Beverley PortlockCommented:
Make sure that you have cookies enabled in Firefox. Your session data is stored in a file on the server. The id for that file is stored in a cookie in your browser.
0
bcmeyer1983Author Commented:
my cookies are enabled in firefox: "accept cookies from site" until they expire.
0
almilyoCommented:
So it definitely works in browsers other than firefox?

I'd try to sniff a http session between the client and the server with ethereal, then see if I can see where things are going wrong, that would show you:

Is the server not issuing a cookie to firefox?
Is firefox not using the cookie?
Is the server issuing different cookies for some reason?

..then when you know where the problem is happening sounds like this could be a pretty simple misconfiguration somewhere.
0
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

carchitectCommented:
Why don't you try a couple of simple pages first.

index.php
--------------------------
<?php
session_start();
session_destroy();
?>
<SCRIPT LANGUAGE="JavaScript">
<!--
      self.location.href="init.php";      
//-->
</SCRIPT>

init.php
----------------------
<?php
session_start();
if(!session_is_registered('ses_interview_login_flag'))
{
      session_register("ses_interview_login_flag");
      $_SESSION['ses_interview_login_flag'] = 0;      

      session_register("ses_interview_msg");
      $_SESSION['ses_interview_msg'] = "Login Authentication ! ! !";

      header("Location: login.php");
}
else
{
      header("Location: index.php");
}
?>

login.php
-------------------------------------
<?php
session_start();
if(!session_is_registered('ses_interview_login_flag'))
{
      header("Location: index.php");
}
else
{
        echo $_SESSION['ses_interview_msg'];
}
?>


if login.php prints the msg, session is working properly along with javascript on firefox (Should never be a problem)
0
nplibCommented:
can you post the code where the session is actually created.
0
Beverley PortlockCommented:
"my cookies are enabled in firefox: "accept cookies from site" until they expire."

So definitely not using any firefox add-ons that disable cookies?

I find it extremely strange that only FF has the problem and I suspect that it is either misconfigured or has something that interferes with the session ID cookie

If you inspect your session id cookie for this session, what are its properties?
0
nplibCommented:
There has to be something different,

because PHP coding, is SERVER side, FF never sees the PHP coding.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bcmeyer1983Author Commented:
ok after some digging im hoping someone can help me out with this info:

Once the user is logged in to his home page a PHPSESSID is created for host www.domain.com - this appears in my cookies list within firefox

Now when i go to another secure page particularly those with SQL generated drop downs it is prompting me to login again!!

When I log in again there is second PHPSESSID is created for host domain.com - this appears in my cookies list within firefox

Why is it creating 2 sessions one for host www.domain.com and another for host domain.com for pages with the same session configuration?

I have confirmed this by removing the PHPSESSID cookie or cookies with the same exact results everytime.

0
bcmeyer1983Author Commented:
figured it out.
My link that is going to the secure page is pointing to domain.com/somepage.php
not
www.domain.com/somepage.php
changing the link to www.domain.com/somepage.php allows everything to work!!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.