RE: Sessions question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hey Mike,

After some intensive testing it seemed that $user_id did not solve the
isue

I hereby give the script to get the $user_id:

// check if the user info validates the db
($username and $password are the POST values of username and password
given in on a form)
$sql = mysql_query("SELECT * FROM users WHERE username='$username' AND
password='$password' AND activated='1'");
$login_check = mysql_num_rows($sql);

if($login_check > 0){
	while($row = mysql_fetch_array($sql)){
	foreach( $row AS $key => $val ){
		$$key = stripslashes( $val );
	}
		// Register some session variables!
		session_register('user_id');
		$_SESSION['user_id'] = $user_id;
		session_register('first_name');
		$_SESSION['first_name'] = $first_name;
		session_register('last_name');
		$_SESSION['last_name'] = $last_name;
		session_register('email_address');
		$_SESSION['email_address'] = $email_address;
		session_register('user_level');
		$_SESSION['user_level'] = $user_level;
		
		mysql_query("UPDATE users SET last_login=now() WHERE
user_id='$user_id'"); 
		
		header("Location: main.php");  

	}

Now this is my conclusion till now:

All other session items are correctly displayed, except the
$_SESSION['user_id']
I'm trying to find the way when this happens since it does not seem to
happen in a strict order
The method mentioned b4:
'>Now let's say user 1 logs in, his session is registered (with userid 
> from database is 5 and first_name is XXX) Then another user logs in, 
> again his session is registered (with userid from database is 1 and 
> first_name is YYY)'

is not always faulty.
I've checked everything I know and the last thing I've done is putted:

session_start();

On the first line instead of after this:
<?
require('xx.inc.php');
connect_db();

Untill now all seems to be ok, but I'm not certain at all it is ok.
There can be hundreds of methods how several users log in, upload, log
out etc. so I can not test them all... :(

It seems that sometimes the $_SESSION['user_id'] of the several users
get mixed and this may not happen.

I don't know if this is a known bug or if there are cases which can
cause this...
If im not certain if this can be solved I will have to use another
method to keep the logged in users info (but what one? Don't want to use
cookies)

Thx in advance for any help.

Greetings,

Reinhart 

-----Original Message-----
From: Mike Smith [mailto:mikeosmith@xxxxxxxxx] 
Sent: donderdag 21 oktober 2004 13:28
To: rv@xxxxxxxx
Cc: php-general@xxxxxxxxxxxxx
Subject: Re:  Sessions question


On Thu, 21 Oct 2004 11:39:23 +0200, Reinhart Viane <rv@xxxxxxxx> wrote:
> Hey all, i'm new to this list so forgive me if  i make any huge 
> mistakes. I'm in a beginning stage of learning php and i hope you guys

> can help me out with this question:
> 
> in a file named checkuser i do this when a users logs in:
> PHP Code
> // Register some session variables!
>         session_register('userid');
>         $_SESSION['userid'] = $userid;
>         session_register('first_name');
>         $_SESSION['first_name'] = $first_name;
>         session_register('last_name');
>         $_SESSION['last_name'] = $last_name;
>         session_register('email_address');
>         $_SESSION['email_address'] = $email_address;
>         session_register('user_level');
>         $_SESSION['user_level'] = $user_level;
> 
> Now let's say user 1 logs in, his session is registered (with userid 
> from database is 5 and first_name is XXX) Then another user logs in, 
> again his session is registered (with userid from database is 1 and 
> first_name is YYY)
> 
> Now user 1 leaves the pages (closes the browser) and user 2 uploads a 
> document (with my own script).
> 
> When the document is succesfully uploaded i display this:
> PHP Code
> echo ($_SESSION['first_name']).", the document has been succesfully 
> added"; echo ($_SESSION['userid']);
> 
> This results in the folowing output:
> YYY, the document has been succesfully added
> 5
> 
> Meaning the $_SESSION['first_name'] is correct, but the 
> $_SESSION['userid'] is the one of the user who logged out...
> 
> Now when using user_id in all places it seems to work correctly...
> 
> Is userid something that is defined by the server when making 
> sessions?
> 
> If not, i don't have any clue what is going wrong...
> Can someone help me on this? So i know what is wrong?
> 
> Thx in advance
> 
> Reinhart Viane
> 
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
> 

Where does the value $userid come from is it the result of a query i.e.
SELECT userid FROM users WHERE username='$_POST['username']' AND
passwd='$_POST['password']'

 or do you have a form (text/hidden) with that value?

You mention userid and user_id maybe a typo, but those would be
different. You can see all session variables (for testing) by adding:

echo "<pre>\n";
print_r($_SESSION);
echo "</pre>\n";

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux