On Thu, 21 Oct 2004 14:43:45 +0200, Reinhart Viane <rv@xxxxxxxx> wrote:
> Hey Mike,
>
> After some intensive testing it seemed that $user_id did not solve the
> isue
>
> I hereby give the script to get the $user_id:
>
> // check if the user info validates the db
> ($username and $password are the POST values of username and password
> given in on a form)
> $sql = mysql_query("SELECT * FROM users WHERE username='$username' AND
> password='$password' AND activated='1'");
> $login_check = mysql_num_rows($sql);
>
> if($login_check > 0){
> while($row = mysql_fetch_array($sql)){
> foreach( $row AS $key => $val ){
> $$key = stripslashes( $val );
> }
> // Register some session variables!
> session_register('user_id');
> $_SESSION['user_id'] = $user_id;
> session_register('first_name');
> $_SESSION['first_name'] = $first_name;
> session_register('last_name');
> $_SESSION['last_name'] = $last_name;
> session_register('email_address');
> $_SESSION['email_address'] = $email_address;
> session_register('user_level');
> $_SESSION['user_level'] = $user_level;
>
> mysql_query("UPDATE users SET last_login=now() WHERE
> user_id='$user_id'");
>
> header("Location: main.php");
>
> }
>
> Now this is my conclusion till now:
>
> All other session items are correctly displayed, except the
> $_SESSION['user_id']
> I'm trying to find the way when this happens since it does not seem to
> happen in a strict order
> The method mentioned b4:
> '>Now let's say user 1 logs in, his session is registered (with userid
> > from database is 5 and first_name is XXX) Then another user logs in,
> > again his session is registered (with userid from database is 1 and
> > first_name is YYY)'
>
> is not always faulty.
> I've checked everything I know and the last thing I've done is putted:
>
> session_start();
>
> On the first line instead of after this:
> <?
> require('xx.inc.php');
> connect_db();
>
> Untill now all seems to be ok, but I'm not certain at all it is ok.
> There can be hundreds of methods how several users log in, upload, log
> out etc. so I can not test them all... :(
>
> It seems that sometimes the $_SESSION['user_id'] of the several users
> get mixed and this may not happen.
>
> I don't know if this is a known bug or if there are cases which can
> cause this...
> If im not certain if this can be solved I will have to use another
> method to keep the logged in users info (but what one? Don't want to use
> cookies)
>
> Thx in advance for any help.
>
> Greetings,
>
> Reinhart
>
>
>
> -----Original Message-----
> From: Mike Smith [mailto:mikeosmith@xxxxxxxxx]
> Sent: donderdag 21 oktober 2004 13:28
> To: rv@xxxxxxxx
> Cc: php-general@xxxxxxxxxxxxx
> Subject: Re: Sessions question
>
> On Thu, 21 Oct 2004 11:39:23 +0200, Reinhart Viane <rv@xxxxxxxx> wrote:
> > Hey all, i'm new to this list so forgive me if i make any huge
> > mistakes. I'm in a beginning stage of learning php and i hope you guys
>
> > can help me out with this question:
> >
> > in a file named checkuser i do this when a users logs in:
> > PHP Code
> > // Register some session variables!
> > session_register('userid');
> > $_SESSION['userid'] = $userid;
> > session_register('first_name');
> > $_SESSION['first_name'] = $first_name;
> > session_register('last_name');
> > $_SESSION['last_name'] = $last_name;
> > session_register('email_address');
> > $_SESSION['email_address'] = $email_address;
> > session_register('user_level');
> > $_SESSION['user_level'] = $user_level;
> >
> > Now let's say user 1 logs in, his session is registered (with userid
> > from database is 5 and first_name is XXX) Then another user logs in,
> > again his session is registered (with userid from database is 1 and
> > first_name is YYY)
> >
> > Now user 1 leaves the pages (closes the browser) and user 2 uploads a
> > document (with my own script).
> >
> > When the document is succesfully uploaded i display this:
> > PHP Code
> > echo ($_SESSION['first_name']).", the document has been succesfully
> > added"; echo ($_SESSION['userid']);
> >
> > This results in the folowing output:
> > YYY, the document has been succesfully added
> > 5
> >
> > Meaning the $_SESSION['first_name'] is correct, but the
> > $_SESSION['userid'] is the one of the user who logged out...
> >
> > Now when using user_id in all places it seems to work correctly...
> >
> > Is userid something that is defined by the server when making
> > sessions?
> >
> > If not, i don't have any clue what is going wrong...
> > Can someone help me on this? So i know what is wrong?
> >
> > Thx in advance
> >
> > Reinhart Viane
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
> >
>
> Where does the value $userid come from is it the result of a query i.e.
> SELECT userid FROM users WHERE username='$_POST['username']' AND
> passwd='$_POST['password']'
>
> or do you have a form (text/hidden) with that value?
>
> You mention userid and user_id maybe a typo, but those would be
> different. You can see all session variables (for testing) by adding:
>
> echo "<pre>\n";
> print_r($_SESSION);
> echo "</pre>\n";
>
> --
>
>
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
How about changing
> while($row = mysql_fetch_array($sql)){
> foreach( $row AS $key => $val ){
> $$key = stripslashes( $val );
> }
to
while($row = mysql_fetch_array($sql)){
$_SESSION['user_id']=$row[0]; //or whatever position user_id is in.
}
When you execute your query does it only give you one result?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
