fontaine1900
New member
I have some functional code to allow users to access their account portal for various operations. This works perfectly fine logging in from "url/login". Code works are redirects to url/account (home page for account portal).
If someone bookmarks an internal account page "url/account/feature.php" they are shown the login page (as expected). They can then login and see the bookmarked page (not the account home page). This is also as expected.
However, once the user is logged in (from an internal account page as opposed to url/login), they can only see the internal page (url/account/feature.php), but as soon as they click on any other link in the /account protected directory, they are shown the login page again. If they login again on that page, they see it as expected, but see the login AGAIN if they click anywhere else.
In short, login is only successful (functionally) if user logs in from url/login. Any internal bookmarked pages break once they navigate to other pages in /account.
This is all session based login using php/mysql. All protected pages start with session_start() and include the access.php page (the functional login page).
This is likely a quick fix that I'm just overlooking.
I can post relavent code if needed.
Thanks!
If someone bookmarks an internal account page "url/account/feature.php" they are shown the login page (as expected). They can then login and see the bookmarked page (not the account home page). This is also as expected.
However, once the user is logged in (from an internal account page as opposed to url/login), they can only see the internal page (url/account/feature.php), but as soon as they click on any other link in the /account protected directory, they are shown the login page again. If they login again on that page, they see it as expected, but see the login AGAIN if they click anywhere else.
In short, login is only successful (functionally) if user logs in from url/login. Any internal bookmarked pages break once they navigate to other pages in /account.
This is all session based login using php/mysql. All protected pages start with session_start() and include the access.php page (the functional login page).
This is likely a quick fix that I'm just overlooking.
I can post relavent code if needed.
Thanks!