Computer Science Canada

sessions

Author:	Blade [ Tue Jul 27, 2004 2:43 am ]
Post subject:	sessions
sometimes when navigating through my site, i will end up logged in as a different user, what could be causing this? i have my index page, and it just includes other pages, so i only need to start my session on the index... it doesn't destroy the session when the browser is closed, thats the only reason i can think of

Author:	Amailer [ Tue Jul 27, 2004 9:20 am ]
Post subject:
That only happned to me when a friend of mine, he used the same session names for two sites hosted off the same server.. I could log on with 1 username on 1 site, and I would be auto logged on, on the other with a username that doesn't exist on the other site :S

Author:	Blade [ Tue Jul 27, 2004 11:03 am ]
Post subject:
well, i don' t really think its that because i end up with different registered variables of someone else who i know is logged in at the same time as me. there were 3 of us testing it, and me and my buddy were gettin logged in as the other person.. is there any way i can keep track of their phpsessid then start the session with that id? because php sessions seem to be really flimbsy and unreliable

Author:

Lang [ Fri Oct 08, 2004 11:39 am ]

Post subject:

Well, if you ahven't changed the default variable that holds the session id then do this.

Create a session id place in your users table.

Then when someone logs in, it inserts their session id. Then to get information from the certain user that's logged in do this:

code:

<?
$sql = "SELECT * FROM users WHERE session_id = '".$PHPSESSID."'";
$sql = mysql_query($sql);

While ($get = MySQL_fetch_array($sql)){
$username = $get['user_name'];
}
?>

That will select the username from the person that ahs the current session id.

I hope this helps.

Author:	JHanson90 [ Sat Oct 09, 2004 9:17 pm ]
Post subject:
Amailer wrote: That only happned to me when a friend of mine, he used the same session names for two sites hosted off the same server.. I could log on with 1 username on 1 site, and I would be auto logged on, on the other with a username that doesn't exist on the other site :S Yeah I decided not to ever use anything like that again... I've got so many security flaws on my sites made in PHP.... And for the first post, you might consider using a different method than including files into the index. It's been found to be better to use other methods, plus it's iNsEcUrE. I'm implementing a different, safer method in the web database application I'm writing (was writing, since my HD is like no more). And then, just to make it even more fun, I was going to translate the site into Perl and Ruby

Author:	Blade [ Sat Oct 16, 2004 11:09 pm ]
Post subject:
lol yeah. i figured out what the problem was... i was using the same variable name in a registered variable and in a variable that i was extracting from a mysql database.. pretty stupid eh? ... i decided it'd be better to put all the registered variables into an array that way i dont have that problem anymore..

You can syndicate this boards posts using the file backend.php or view the topic map using sitemap.php.

Terms of Use | Privacy Policy