Programming C, C++, Java, PHP, Ruby, Turing, VB
Computer Science Canada 
Programming C, C++, Java, PHP, Ruby, Turing, VB  

Username:   Password: 
 RegisterRegister   
 sessions
Index -> Programming, PHP -> PHP Help
View previous topic Printable versionDownload TopicSubscribe to this topicPrivate MessagesRefresh page View next topic
Author Message
Blade




PostPosted: Tue Jul 27, 2004 2:43 am   Post subject: sessions

sometimes when navigating through my site, i will end up logged in as a different user, what could be causing this? i have my index page, and it just includes other pages, so i only need to start my session on the index... it doesn't destroy the session when the browser is closed, thats the only reason i can think of
Sponsor
Sponsor
Sponsor
sponsor
Amailer




PostPosted: Tue Jul 27, 2004 9:20 am   Post subject: (No subject)

That only happned to me when a friend of mine, he used the same session names for two sites hosted off the same server.. I could log on with 1 username on 1 site, and I would be auto logged on, on the other with a username that doesn't exist on the other site :S
Blade




PostPosted: Tue Jul 27, 2004 11:03 am   Post subject: (No subject)

well, i don' t really think its that because i end up with different registered variables of someone else who i know is logged in at the same time as me. there were 3 of us testing it, and me and my buddy were gettin logged in as the other person.. is there any way i can keep track of their phpsessid then start the session with that id? because php sessions seem to be really flimbsy and unreliable
Lang




PostPosted: Fri Oct 08, 2004 11:39 am   Post subject: (No subject)

Well, if you ahven't changed the default variable that holds the session id then do this.

Create a session id place in your users table.

Then when someone logs in, it inserts their session id. Then to get information from the certain user that's logged in do this:

code:
<?
$sql = "SELECT * FROM users WHERE session_id = '".$PHPSESSID."'";
$sql = mysql_query($sql);

While ($get = MySQL_fetch_array($sql)){
         $username = $get['user_name'];
}
?>


That will select the username from the person that ahs the current session id.

I hope this helps.
JHanson90




PostPosted: Sat Oct 09, 2004 9:17 pm   Post subject: (No subject)

Amailer wrote:
That only happned to me when a friend of mine, he used the same session names for two sites hosted off the same server.. I could log on with 1 username on 1 site, and I would be auto logged on, on the other with a username that doesn't exist on the other site :S


Yeah I decided not to ever use anything like that again... I've got so many security flaws on my sites made in PHP....



And for the first post, you might consider using a different method than including files into the index. It's been found to be better to use other methods, plus it's iNsEcUrE. I'm implementing a different, safer method in the web database application I'm writing (was writing, since my HD is like no more). And then, just to make it even more fun, I was going to translate the site into Perl and Ruby Smile
Blade




PostPosted: Sat Oct 16, 2004 11:09 pm   Post subject: (No subject)

lol yeah. i figured out what the problem was... i was using the same variable name in a registered variable and in a variable that i was extracting from a mysql database.. pretty stupid eh? ... i decided it'd be better to put all the registered variables into an array that way i dont have that problem anymore..
Display posts from previous:   
   Index -> Programming, PHP -> PHP Help
View previous topic Tell A FriendPrintable versionDownload TopicSubscribe to this topicPrivate MessagesRefresh page View next topic

Page 1 of 1  [ 6 Posts ]
Jump to:   


Style:  
Search: