parsnip11

Hello...

I have an application that used to work but I'm having problems after
an upgrade to 4.3.3 on iis (w/ the isapi dll). I used to include a
page called login.php in every page which began w/ a session_start();
as per the "page1, page2" tutorial on the php site:

http://us2.php.net/function.session-start

As the site says I will, I'm getting errors that the session is
already started... but that's exactly what they STILL tell you you
should be doing in the tutorial. very frustrating.

Here's a very simplified version of how my site works

index.php:

--
session_start();
session_register("logged_in");
session_register("user_id");

$logged_in="some_random_stuff";
$user_id=$auth_user;
--

login.php (included in every page):
---
session_start();
if(!isset($logged_in) || $logged_in != "some_random_stuff") {
header("someplace_else.php");
exit;}
---

I've had to take the session_start(); message out of the login.php or
I get errors. Every once and awhile (it's very hit and miss) people
are now loosing their $logged_in session variable and I'm thinking
it's because I'm not keeping the session going on every page.

What's the right way to do this?

thanks,
p

ps I'm basically using all the default php.ini setting w/ the
exception of register globals being on, and session cache limiter set
to blank.