sessions
| Author |
Message |
Blade
|
 Posted: Tue Jul 27, 2004 2:43 am Post subject: sessions |
|
|
| sometimes when navigating through my site, i will end up logged in as a different user, what could be causing this? i have my index page, and it just includes other pages, so i only need to start my session on the index... it doesn't destroy the session when the browser is closed, thats the only reason i can think of |
|
|
|
|
 |
Sponsor
Sponsor
|
|
|
Amailer
|
| Posted: Tue Jul 27, 2004 9:20 am Post subject: (No subject) |
|
|
| That only happned to me when a friend of mine, he used the same session names for two sites hosted off the same server.. I could log on with 1 username on 1 site, and I would be auto logged on, on the other with a username that doesn't exist on the other site :S |
|
|
|
|
|
Blade
|
| Posted: Tue Jul 27, 2004 11:03 am Post subject: (No subject) |
|
|
| well, i don' t really think its that because i end up with different registered variables of someone else who i know is logged in at the same time as me. there were 3 of us testing it, and me and my buddy were gettin logged in as the other person.. is there any way i can keep track of their phpsessid then start the session with that id? because php sessions seem to be really flimbsy and unreliable |
|
|
|
|
|
Lang
|
| Posted: Fri Oct 08, 2004 11:39 am Post subject: (No subject) |
|
|
Well, if you ahven't changed the default variable that holds the session id then do this.
Create a session id place in your users table.
Then when someone logs in, it inserts their session id. Then to get information from the certain user that's logged in do this:
| code: | <?
$sql = "SELECT * FROM users WHERE session_id = '".$PHPSESSID."'";
$sql = mysql_query($sql);
While ($get = MySQL_fetch_array($sql)){
$username = $get['user_name'];
}
?> |
That will select the username from the person that ahs the current session id.
I hope this helps. |
|
|
|
|
|
JHanson90
|
| Posted: Sat Oct 09, 2004 9:17 pm Post subject: (No subject) |
|
|
Amailer wrote: That only happned to me when a friend of mine, he used the same session names for two sites hosted off the same server.. I could log on with 1 username on 1 site, and I would be auto logged on, on the other with a username that doesn't exist on the other site :S
Yeah I decided not to ever use anything like that again... I've got so many security flaws on my sites made in PHP....
And for the first post, you might consider using a different method than including files into the index. It's been found to be better to use other methods, plus it's iNsEcUrE. I'm implementing a different, safer method in the web database application I'm writing (was writing, since my HD is like no more). And then, just to make it even more fun, I was going to translate the site into Perl and Ruby  |
|
|
|
|
|
Blade
|
| Posted: Sat Oct 16, 2004 11:09 pm Post subject: (No subject) |
|
|
| lol yeah. i figured out what the problem was... i was using the same variable name in a registered variable and in a variable that i was extracting from a mysql database.. pretty stupid eh? ... i decided it'd be better to put all the registered variables into an array that way i dont have that problem anymore.. |
|
|
|
|
|
|
|
Register
Wiki
Blog
Search
Turing
Chat Room
Members
