Chrome Toggle different devices view destroys the session

Question

I am working on a website admin cp with PHP as a back end technology and in the same time I am fixing some responsive issues.

So I am logged in to the admin panel But when i toggle different devices such as Galaxy, Nexus Iphone or even responsive mode to test the responsive look or fixes that i have done i find myself logged out and redirected to login page and also i see things that shouldn't appear before login such as admin menu but it is not accessible in other words it's half logged in and half not.

cashing is not disabled.

session id is the same i can see it.

I really can't get my head around it!

Is that something normal in the browser which means every device is independent from the whole browser?

Or i'm doing something wrong?

Answer 1

Finally and after several hours of reviewing my code and debugging every single thing I came up with a solution to my problem :

• my hypothesis in the question that the devices are independent from each other is quite correct because every device has a different HTTP_USER_AGENT

You can try it like this :

echo $_SERVER['HTTP_USER_AGENT'];

Toggle different devices on the browser and see the result .

So as for sessions best practice based on stack overflow and many other resources it is a good practice to save $_SERVER['HTTP_USER_AGENT'] in a session and later on check the session after login which means the logged in user is exactly the user coming from that browser

And that's what i was doing i was checking for the user login session and the user agent session

And that's what was causing the problem so when i toggle different devices the HTTP_USER_AGENT gets changed so the session doesn't match and therefore i get logged out automatically.