PHP - Session doesnt work on mobile

php session session-variables
Daniels Jirgensons picture Daniels Jirgensons · May 27, 2017 · Viewed 7.4k times · Source

For login im using a session_start(), for desktop its works fine, but on mobile, it doesnt work. When I make a session_id() with variable, for example, session_id('login') its works on mobile, but break other sessions on other computers. But when session_id() is generated automatically, it doesn't work on mobile. What should I do?

My session_start code on index.php

session_start();
if (isset($_SESSION['username'])){
    session_id();
}

Whole code for login.php file

<?php
require('config.php');
$usernameOK = false; $passwordOK = false;
if (isset($_POST['username']) and isset($_POST['password'])){

        $username = $_POST['username'];
        $password = $_POST['password'];

        $UserQuery = "SELECT username FROM `members` WHERE username='$username'";
        $userTestResult = mysqli_query($connection, $UserQuery);
        $usernameTEST = mysqli_num_rows($userTestResult);
        if($usernameTEST == 1){$usernameOK = true;}

        $PasswordQuery = "SELECT password FROM `members` WHERE username='$username'";
        $result = mysqli_query($connection,$PasswordQuery);
        $row = mysqli_fetch_row($result);

        if (password_verify($password, $row[0])){$passwordOK = true;}

        if($usernameOK == true && $passwordOK == true){
            $_SESSION['username'] = $username;
        }else{
            $error_message = "Incorrect login data";
        }
    }

    if (isset($_SESSION['username'])){
        header("Location: ../");
        exit;
    }else{?>
    <form class="login-form" method="POST">
        <?php if(isset($error_message)){ ?><div class="mini-mes error"> <?php echo $error_message; ?> </div><?php } ?>

        <span class="placeholder">username</span>
        <input type="text" name="username" placeholder="username" required>

        <span class="placeholder">password</span>
        <input type="password" name="password" id="inputPassword" placeholder="password" required>

        <button type="submit">Login</button>
        <a class="form-link" href="register.php">Register</a>
    </form>

<?php } ?>

Answer

Kishor picture Kishor · May 30, 2017

Not really sure what your code does, because I dont see anything regarding setting the username or anything of that sort. What your code does is, it starts the session and checks if username variable in session is set, and if YES, it calls session_id.

Can you use this to check if the session is created properly?

session_start();
if (session_status() !== PHP_SESSION_NONE)
{
echo session_id();
}

Starts a session and shows you the session ID if the session_status is not PHP_SESSION_NONE

Related questions

Check if PHP session has already started

I have a PHP file that is sometimes called from a page that has started a session and sometimes from a page that doesn't have session started. Therefore when I have session_start() on this script I sometimes get the …

Read More
How to use store and use session variables across pages?

When one page is accessed, I would like to start a session and store a session variable: <?php session_start(); $_SESSION['myvar']='myvalue'; ?> Then from another page, I would like to check if that session variable has been …

Read More
Session variables not working php

Here are the code of my login page where the login script checks for the authenticity of the user and then redirects to inbox page using header function. <?php session_start(); include_once('config.php'); $user=htmlentities(stripslashes($_POST[…

Read More