Hi there, so my site has a public side and an admin side, the admin side which requires a login. The used id is stored in a session variable to limit access to certain features based on the number. In the admin side a user and show or hide pages from the navigation on the public side, and they can also view the pages in a popup window. What I'm trying to do is if the userid is set to show a button in the public naviagation to toggle hidden items on and off. The trouble is my session isn't carrying over to the popup. Most of this is code someone else wrote and I am currently added in some new features.

page.php snippets

            include("ver.php"); //starts session and verifies user can have access to admin side
            include("db.php"); //sets $_SESSION vars
            $p_sqlstmt = $_SESSION["db1"]->prepare("select pageid, navname, name, navname, hide, url from tblpage where  parentid=".$p_id." order by disorder");    

            $p_sqlstmt->execute();
            while($p_rs=$p_sqlstmt->fetch())
               {
             $url = "http://www.".$_SESSION["domain"]."/".$p_rs["url"];
            <a href="javascript:{winpop('<?=$url?>', 'preview','');}" class="none" title="View this page">
            }

winpop

            function winpop(URL, winname, features)
            {
                var objwin;

                if(features!="")
                {
                    objwin=window.open(URL,winname,features);
                }else{
                    //force a new window
                                objwin=window.open(URL,winname,'width=1000,height=500,menubar=yes,resizable=yes,scrollbars=yes,toolbar=yes,alwaysRaised=yes');
                }

                objwin.focus();
            }

and then the window that pops up is index.php?id=whatever

and I have session_start() in index.php but the session doesn't seem to be set when I try use any of the variables.

Member Avatar for diafol

Do you really need a new window? Can't you use a js dialog and use ajax? Spawning windows is considered by many to be very naughty.

so I figured out my problem. I'm just not sure how to fix the issue.

when I access the admin side I type it in the address bar, leaving off the http://www. however; when the popup generates it uses http://www. which seems to reset my session. I echo'd out my session id's and they don't match.

The reason the pop up is using the http://www. is because of my htaccess file. We're using mod_rewrite to rewrite our urls and it doesn't seem to agree with anything but complete urls. So if I leave off the http://www. from the url the pop window actually opens with that url tacked onto the admin url.

(so instead of the new window being DOMAIN/home it's actually coming up as DOMAIN/admin/DOMAIN/home)

lol okay never mind! leaving the http:// but removing the www. solved my problem

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.