James at skinsupport dot com raises a good point (warning)
about additional requests from the browser. The request for
favicon.ico, depending on how it is handled, can have
unintended results on your sessions.
For example, suppose you have ErrorDocument 404 /signin.php,
no favicon.ico file and all pages in your site where the
user signs in are also redirected to /signin.php if they're
not already signed in.
If signin.php does any clean up or reassigning of session_id
(as all good signin.php pages should) then the additional
request from the browser for favicon.ico could potentially
corrupt the session as set by the actual request.
Kudos to James for pointing it out and shame on me for
skimming past it and not seeing how it applied to my
problem. Thanks too to the Firefox Live HTTP Headers
extension for showing the additional request.
Don't waste days or even hours on this if your session
cookies are not being sent or if the session data isn't what
you expect it to be. At a minimum, eliminate this case and
see if any additional requests could be at fault.
----
Server IP: 64.71.164.2
Probable Submitter: 209.203.118.87
----
Manual Page -- http://www.php.net/manual/en/function.session-start.php
Edit -- https://master
.php.net/note/edit/70007
Del: integrated -- h
ttps://master.php.net/note/delete/70007/integrated
Del: useless -- http
s://master.php.net/note/delete/70007/useless
Del: bad code -- htt
ps://master.php.net/note/delete/70007/bad+code
Del: spam -- https:/
/master.php.net/note/delete/70007/spam
Del: non-english --
https://master.php.net/note/delete/70007/non-english
Del: in docs -- http
s://master.php.net/note/delete/70007/in+docs
Del: other reasons-- https://mast
er.php.net/note/delete/70007
Reject -- https://mast
er.php.net/note/reject/70007
Search -- https://
master.php.net/manage/user-notes.php
--
PHP Notes Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub
.php
|