Home » Php » php – Magento – Checking if an Admin and a Customer are logged in

php – Magento – Checking if an Admin and a Customer are logged in

Posted by: admin July 12, 2020 Leave a comment


I have a web server with Magento installed. I have another web site that shares credential with it. I’ve managed to check if the customer is logged in or not (after having changed the cookies location in Magento), but things got complicated when I also tried to figure out if an admin was logged in. I can only get the proper answer for the first session I asked for (either the customer OR the admin, the second one is NEVER logged in).

How can I have both answers?

Here is the code I’m using to test that out:

require_once '../app/Mage.php';
umask(0) ;


// Checking for customer session
Mage::getSingleton('core/session', array('name'=>'frontend') );
$session=Mage::getSingleton('customer/session', array('name'=>'frontend') );

if ($session->isLoggedIn()) {
    echo "Customer is logged in";
} else {
    echo "Customer is not logged in";

// Checking for admin session
Mage::getSingleton('core/session', array('name'=>'adminhtml') ); 
$adminsession = Mage::getSingleton('admin/session', array('name'=>'adminhtml'));

if($adminsession->isLoggedIn()) {
    echo "Admin Logged in";
} else {
    echo "Admin NOT logged in";

So with the code like this, the admin is never logged in. If you put the part about the admin first, then the customer is never logged in. It seems like I’m missing a line between the two requests.

This may be the same problem than this unanswered question: Magento how to check if admin is logged in within a module controller

This seems like a popular problem, but I could not find the proper solution…

Thanks for your help!

How to&Answers:

What you need to do is switch the session data. You can do this with the following code:

$switchSessionName = 'adminhtml';
$currentSessionId = Mage::getSingleton('core/session')->getSessionId();
$currentSessionName = Mage::getSingleton('core/session')->getSessionName();
if ($currentSessionId && $currentSessionName && isset($_COOKIE[$currentSessionName])) {
    $switchSessionId = $_COOKIE[$switchSessionName];
    $this->_switchSession($switchSessionName, $switchSessionId);
    $whateverData = Mage::getModel('mymodule/session')->getWhateverData();
    $this->_switchSession($currentSessionName, $currentSessionId);

protected function _switchSession($namespace, $id = null) {
    $GLOBALS['_SESSION'] = null;
    $session = Mage::getSingleton('core/session');
    if ($id) {


I’ve found that “bug-feature” from another angle of view (trying to login customer from adminside), but still found the cause.

The problem is with session_name() function. If you go to Mage_Core_Model_Session_Abstract_Varien you’ll see there that the session object is using standart PHP session functions and PHP can’t handle two sessions at the same time.

You session id for adminside is stored in cookie adminhtml, while for clientside your session id is in frontend cookie. Then in adminside you have session ID initialized by adminhtml cookie. When in adminside, your customer/session object is stored inside something like $_SESSION[‘customer’] (haven’t checked exact key) inside PHP session for ID stored in adminhtml cookie. This means that customer/session object is refering to different sessions when inside admin and client parts of magento.


Here is what I use..

Mage::getSingleton('core/session', array('name'=>'adminhtml'));
$session = Mage::getSingleton('admin/session');;
if (!$session->getUser())
    die("You aren't an admin!"); 


It is quite simple but not a recommended solution. I myself spend number of hours to do this.
For, windows based server try below solution:

$sessionFilePath = Mage::getBaseDir('session').DS.'sess_'.$_COOKIE['adminhtml'];
$sessionFile     = file_get_contents($sessionFilePath); 
$exp_cookie   = explode(';',$sessionFile);
if(count($exp_cookie)   >   100)
  return "login";
return "expire";    

For, Linux based server try below solution:

$sessionFilePath = Mage::getBaseDir('session').DS.'sess_'.$_COOKIE['adminhtml'];
$sessionFile     = file_get_contents($sessionFilePath); 
$exp_cookie   = explode('--',$sessionFile)
if(count($exp_cookie)   >   10)
  return "login";
return "expire";



Here is a simple script to check admin is logged or not and if logged get admin details of Magento.You can call to the session and the call to user function to get all details.

$userDetails = Mage::getSingleton('admin/session');    // Get data from the session
$userID      = $userDetails->getUser()->getUserId();   // Get user ID
$userID      = $userDetails->getUser()->getEmail();   // Get user Email

Please refer to http://webexplorar.com/magento-admin-details/ for more details.