ajoo

Hi all ! Thanks all for all inputs so far. especially Mac_Gyver whose really tried to help me with this one and narrowing it down. So I found some more things like missing in the code like "mysqli_free_result" and "mysqli_close" which I thought, being memory and database related, could also cause the logouts and so i went forward and put them at the appropriate places hoping that finally the unwanted logouts will cease. But to my dismay that too did not solve the problem. Then I went and did the only thing that to my mind was left and that was to deactivate the session_regenerate_id command in my function sec_session_start() and lo the problem disappeared and no matter how fast I hammer on the menu or other buttons now, it does not cause unexpected logouts anymore. Unfortunately that does not end my problem because I want to use session_regenerate_id() to avoid or limit session fixation and session hijacking as far as possible. Does it mean that all programs or websites that use session_regenerate_id() command will similarly give abnormal logouts if they are using buttons or if the f5 refresh key is kept pressed? So now that I know what's causing the problem, how do i resolve it. How should I use session_regenerate_id() and ensure that it won't cause logouts. Looking for someone to shed some light on this; Thanks all !

A small correction to the last one, the $_SESSION['usr'] variable is displaying across pages. I missed the echo. So unlike as i thought earlier, the $_SESSION['usr'] is able to maintain its value across pages. So it cannot be the first reason as suggested by you as i previously thought. I have checked for the 3rd as well but that does not seem to be it. I am not so sure about 2nd one and not even sure how to go about checking for it. Thanks !

Hi Mac, Thanks for that great reply. Yes i am trying to put together a website login and I thought the best way would be to go ahead and do it, make mistakes and learn. I read a whole lot on sessions before I began but i guess they are quite confusing. Taking your advise I have gone through the entire code again, with error reporting on, and removed almost as many errors I could find to reduce the warnings to a bare minimum. Tried to make it as consistent as possible. Most of the errors and inconsistencies you found were a result of a many days of changes to the code. I read an article on session security and it said that session_regenerate_id should be called on login. Hence I have sec_session_start() after login. I have tried the code with it removed but that does not prevent the logouts. I was not sure if I needed the sec_session_start() on the various sub pages and I asked about that earlier: sec_session_start() does give a notice/ warning and ignores the session_start() command in sec_session_start(); So I have removed it from all the subpages. Of the three logout symptoms that you mentioned above I think its the first one because when I tried, I was unable to display the $_SESSION['usr'] value on the home page after login. So it seems that $_SESSION['usr'] is available only on demo.php and not elsewhere. I hope you can tell me why and show me how to ensure the session integrity across sub pages ( like the home page that get included via menu button ). I also got two warnings on demo.php as folows: Notice: Undefined index: usr in D:\xampp\htdocs\xampp\temp\demo.php on line 302 Notice: Undefined index: id in D:\xampp\htdocs\xampp\temp\demo.php on line 305 and one on member_1.php Notice: Undefined index: page in D:\xampp\htdocs\xampp\temp\member_1.php on line 22 I do not know how to remove these notices in the usual manner as it kind of upsets the php syntax. Please find attached the demo.php and other files. <?php // error_reporting(E_ALL & ~E_NOTICE); define('INCLUDE_CHECK',true); require_once 'connect_1.php'; // connect_1.php provides the database link $link sec_session_start(); $now = time(); //echo "INDEX Time = ".date('d-m-Y H:i:s',$now)."<br>"; // server_mod if(isset($_SESSION['timeout'])) { $is_timed_out = is_timed_out(); if($is_timed_out == 1) { $_SESSION['msg'] = " FROM --- TIMEOUT --- LINE 51"; header ("Location: loggedout.php"); exit; } } //// Asan1 - df2881 /////////// /* if($_SESSION['id'] && !isset($_COOKIE['tzRemember']) && !$_SESSION['rememberMe']) { // If you are logged in, but you don't have the tzRemember cookie (browser restart) // and you have not checked the rememberMe checkbox: $err[]='You are already logged in!'; $_SESSION['msg']['login-err'] = implode('<br />',$err); header("Location: demo.php"); exit; } */ if(isset($_GET['logoff'])) { $_SESSION = array(); session_destroy(); header("Location: demo.php"); exit; } function sec_session_start() { $session_name = 'sec_session_id'; $secure = false; $httponly = true; ini_set('session.use_only_cookies', 1); // Forces sessions to only use cookies. $cookieParams = session_get_cookie_params(); session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], $secure, $httponly); // 0, /, ''. session_name($session_name); session_start(); session_regenerate_id(TRUE); // regenerated the session, delete the old one. } if(isset($_POST['submit']) && $_POST['submit']=='Login') { if(isset($_SESSION['usr'])) { echo $_SESSION['usr']. "Already Logged in "; echo " You are being logged out as you have logged in from another page "; session_destroy(); header("Location: loggedout.html"); exit(); } $err = array(); // Will hold our errors if(!$_POST['username'] || !$_POST['password']) $err[] = 'All the fields must be filled in!'; if(!count($err)) { $_POST['username'] = mysql_real_escape_string($_POST['username']); $_POST['password'] = mysql_real_escape_string($_POST['password']); $_POST['rememberMe'] = (int)$_POST['rememberMe']; // Escaping all input data $query = "SELECT id,Username FROM members WHERE Username='".$_POST['username']."' AND Password = '".md5($_POST['password'])."' "; $result = mysqli_query($link, $query); $row = mysqli_fetch_assoc($result); if($row['Username']) { // If everything is OK login sec_session_start(); // regenerate_ID // Store some data in the session $_SESSION['usr']=$row['Username']; $_SESSION['id'] = $row['ID']; $_SESSION['logged'] = 1; $_SESSION['user_id'] = $row['Username']; $pass = md5($_POST['password']); $_SESSION['rememberMe'] = $_POST['rememberMe']; } else $err[]='Wrong username and/or password!'; } if($err) $_SESSION['msg']['login-err'] = implode('<br />',$err); // Save the error messages in the session header("Location: demo.php"); exit; } else if(isset($_POST['submit']) && $_POST['submit']=='Register') { // code to register header("Location: demo.php"); exit; } $script = ''; if(isset($_SESSION['msg']) && $_SESSION['msg']!="") { // The script below shows the sliding panel on page load $script = ' <script type="text/javascript"> $(function(){ $("div#panel").show(); $("#toggle a").toggle(); }); </script>'; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>SMASHIN CLUB </title> <link rel="stylesheet" type="text/css" href="demo.css" media="screen" /> <link rel="stylesheet" type="text/css" href="login_panel/css/slide.css" media="screen" /> <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script> <!-- PNG FIX for IE6 --> <!-- http://24ways.org/2007/supersleight-transparent-png-in-ie6 --> <!--[if lte IE 6]> <script type="text/javascript" src="login_panel/js/pngfix/supersleight-min.js"></script> <![endif]--> <style> #level0 { background:#FC0;} #level1 { margin-left:143px; padding-left:9px; background:#FFF;} #level2 { background:#FFF3AC;} p { display: block; } </style> <script src="login_panel/js/slide.js" type="text/javascript"></script> <?php echo $script; ?> </head> <body> <!-- Panel --> <div id="panel"> <div class="content clearfix"> <?php if(!isset($_SESSION['usr'])): ?> <div class="left"> <!-- Login Form --> <form class="clearfix" action="" method="post"> <h1>Member Login</h1> <?php if(isset($_SESSION['msg']['login-err'])) { echo '<div class="err">'.$_SESSION['msg']['login-err'].'</div>'; unset($_SESSION['msg']['login-err']); } ?> <label class="grey" for="username">Username:</label> <input class="field" type="text" name="username" id="username" value="" size="23" /> <label class="grey" for="password">Password:</label> <input class="field" type="password" name="password" id="password" size="23" /> <label><input name="rememberMe" id="rememberMe" type="checkbox" checked="checked" value="1" /> Remember me</label> <div class="clear"></div> <input type="submit" name="submit" value="Login" class="bt_login" /> </form> </div> <div class="left right"> <!-- Register Form --> <form action="" method="post"> <h1>Not a member yet? Sign Up!</h1> <?php if(isset($_SESSION['msg']['reg-err'])) { echo '<div class="err">'.$_SESSION['msg']['reg-err'].'</div>'; unset($_SESSION['msg']['reg-err']); } if(isset($_SESSION['msg']['reg-success'])) { echo '<div class="success">'.$_SESSION['msg']['reg-success'].'</div>'; unset($_SESSION['msg']['reg-success']); } ?> <label class="grey" for="username">Username:</label> <input class="field" type="text" name="username" id="username" value="" size="23" /> <label class="grey" for="email">Email:</label> <input class="field" type="text" name="email" id="email" size="23" /> <label class="grey" for="role">role:</label> <input class="field" type="text" name="role" id="role" size="23" /> <input type="submit" name="submit" value="Register" class="bt_register" /> <label>A password will be e-mailed to you.</label> </form> </div> <?php else: ?> <div class="left"> <h1>Members panel</h1> <a href="page2.php?varname=<?php echo $var_value ?>">Page2</a> <p>You can put member-only data here</p> <p>You can put member-only data here</p> <p>- or -</p> <a href="?logoff">Log off</a> </div> <div class="left right"> </div> <?php endif; ?> </div> </div> <!-- /login --> <!-- The tab on top --> <div class="tab"> <ul class="login"> <li class="left"> </li> <li>Hello <?php echo $_SESSION['usr'] ? $_SESSION['usr'] : 'Guest';?>!</li> <li class="sep">|</li> <li id="toggle"> <a id="open" class="open" href="#"><?php echo $_SESSION['id']?'Open Panel':'Log In | Register';?></a> <a id="close" style="display: none;" class="close" href="#">Close Panel</a> </li> <li class="right"> </li> </ul> </div> <!-- / top --> </div> <!--panel --> <?php if(isset($_SESSION['usr'])): ?> <? include("member_1.php"); ?> <? endif; ?> </body> </html> member_1.php <?php //error_reporting(E_ALL & ~E_NOTICE); if(!defined('INCLUDE_CHECK')) die('member_1.php cannot run directly'); require_once'connect_1.php'; // sec_session_start(); // removing the sesion_start since already started in demo.php if(isset($_SESSION['timeout'])) { $is_timed_out = is_timed_out(); // check for timeout of a session. if($is_timed_out == 1) { // echo "Timed Out from TIME OUT !"; // server_mod $_SESSION['msg'] = " FROM --- TIMEOUT --- LINE 51"; header ("Location: loggedout.php"); // logout if timed out exit; } } include_once("include/fra_header.php"); include_once("include/fra_navbar.html"); $page = $_GET['page']; switch ($page) { case "gallery": include_once("include/fra_gallery.php"); break; default: include_once("include/fra_home.php"); break; } include_once("include/fra_footer.html"); ?> fra_header.php <?php //error_reporting(E_ALL & ~E_NOTICE); if(!defined('INCLUDE_CHECK')) die('header.php cannot run directly'); // sec_session_start(); // removed as already declared in demo if(isset($_SESSION['timeout'])) { $is_timed_out = is_timed_out(); // check for timeout of a session. if($is_timed_out == 1) { // echo "Timed Out from TIME OUT !"; // server_mod $_SESSION['msg'] = " FROM --- TIMEOUT --- LINE 51"; header ("Location: loggedout.php"); // logout if timed out exit; } } ?> <link rel="stylesheet" type="text/css" href = 'css/layout.css' media="screen"> <title> Smashin CLUB </title> <body> <div class = 'wrapper'> <div class = 'header'> <h4><br> WELCOME TO THE CLUB PANEL </br></h4> </div> <div class = 'lowerheader'> <div class='datenow'> <?php echo "Date: ".date("d-m-Y"); ?><br> </div> <div class='center_id'> <?php echo "<h3> CLUB : "; $user_id = $_SESSION['id']; $query = "Select city from employees WHERE ID = '$user_id'"; $result = mysqli_query($link, $query); if(!$result)die('Error in accessing the Database ' . mysqli_error($link)); else $row = mysqli_fetch_array($result); $city = $row['city']; echo "$city "; $sql = "SELECT room_no FROM employees WHERE ID = '$user_id'"; $result = mysqli_query($link, $sql); if(!$result)die('Error in accessing the Database ' . mysqli_error($link)); else { $count = mysqli_num_rows($result); $selcnt = 0; // selection count echo "<select name='room_no' STYLE='background-color: #efefef;' >"; while ($row = mysqli_fetch_array($result)) { echo "<option value='" .$row['room_no']. "'"; if($selcnt == 0) echo "selected >"; else echo " >"; echo $row['room_no']. "</option>"; $selcnt += 1; } echo "</select></h3>"; } ?> </div> <div class='timenow'> <?php echo "Time: ".date("H-i-s"); ?><br> </div> </div> fra_home.php <?php //error_reporting(E_ALL & ~E_NOTICE); if(!defined('INCLUDE_CHECK')) die('fra_home.php cannot execute this file directly'); $query = "SELECT * FROM $table"; $row = mysqli_query($link, $query); ?> <div class = 'mainbody'> <table border = 1 cellspacing =5 cellpadding = 15> <tr><hd2><? $_SESSION['usr']."\s club listing. Session ID = ".$_SESSION['id']; ?></hd2></tr> <tr> <th> ID </th> <th> Name </th> <th> Surname </th> <th> City </th> <th> Room No. </th> </tr> <? while ($record=mysqli_fetch_array($row)) { ?> <tr> <td> <? echo $record['ID']; ?> </td> <td> <? echo $record['fname']; ?> </td> <td> <? echo $record['lname']; ?> </td> <td> <? echo $record['city']; ?> </td> <td> <? echo $record['room_no']/2; ?> </td> <? } ?> </table> </div> I hope you won't locate any syntactical errors on this one and will be able to find the root cause of the abnormal logout behavior. Thanks loads.

Hi guys !! So I have started once again to unravel the reason for the logging out that occurs when i double click the buttons or the menu buttons. The reason for that is that disabling buttons is a temporary solution and some sort of bug would remain in the program. Besides I would have to do the button disabling for all buttons on all forms. So might as well try and nip it at the bud. Inspiration ofcourse was from Mac_Gyver. So still more help is needed. I am doing it all from the beginning trying to see where the problem lies. I have a sliding login panel and at the very end of it I have added the web page as follows:- </div> <!--panel --> <?php if($_SESSION['usr']): ?> <? include("member_1.php") ?> <? endif; ?> </body> The structure of member_1.php is as follows:- <?php // error_reporting(E_ALL & ~E_NOTICE); //if(!defined('INCLUDE_CHECK')) die('member_1.php cannot run directly'); define('INCLUDE_CHECK',true); require_once 'f_load_1.php'; session_start(); session_regenerate_id(true); include_once("include/fra_header.php"); include_once("include/fra_navbar.html"); $page = $_GET['page']; switch ($page) { case "members": include_once("include/clubmem.php"); break; default: include_once("include/home.php"); break; } include_once("include/fra_footer.html"); ?> Members.php and home.php can be simply one line files echoing "members" and "home" respectively. The question is that since i am including the member_1.php in the main login file would I need to do a session_start and session_regenerate_id in member_1.php and for that matter in the home.php and clubmem.php like we need to for files that are accessed via a link to ensure the session integrity. If not then does it mean that if files are included like I have done, the session integrity is maintained thru all the files that are loaded vai includes ( like home,php is via member_1.php.) Once I am clear on this I can proceed forward. Thanks all !

Hi guys ! Thanks very much for all the inputs so far. Neil your solution works except that all buttons get disabled together - like i said was ok -but i am sure that can be changed to ensure that the one pressed gets disabled and displays the waiting message. So thanks loads. To answer your questions. - Why 3 buttons ----- because i designed the form like that. It loads a record from a DB and then the next or previous records can be displayed from there on using the next and previous buttons. Then if the edit button is pressed, the form can be edited and two further buttons update and cancel can be used to update or cancel the record. - If the problem of double click was to be ignored for the moment, then its fairly easily to detect the button clicked using php. - once the button handler has done its job, I remain on the same page. I am not using any redirection. I have already said what the buttons do. Since you have been so kind and helpful I have actually changed the code on the website to show you the functioning of my form. If you feel it's ok then please try out the working of the form on www.bestbet.bugs3.com/club/demo.php. The login and password are once again "Itsme" and "bcf134". There if you go to the gallery, you'll see the submit form. A right div has a small search box. Type any alphabet and press enter and that would load the form and the new buttons will appear. -- PREV - EDIT - NEXT and you can check their usage. If you double click on any buttons, you'll get logged out. That's another issue and the main reason I was trying to disable the buttons temporarily. Maybe you can give me some suggestion then as regards the design of the form. Mac_gyver thanks for being so persistent trying to think out the real cause of the logout. I was in fact trying to find a temporary solution in disabling buttons so that I could get on with the rest of it and then come back to the logout problem. I have in fact tried to look into all the 3 reasons that you have mentioned. Quite frankly I am sure that there is no conflict in the button names. If there was a conflict then the buttons would not work at all. The conflict would show up even on a single click. So the buttons are uniquely identifiable. My form validating code does validate the user and checks for blank username and password fields etc and the usual for email etc. I am not sure about the last one because I don't know what you mean by "login form processing code should not be active". But i don't think because it checks for a logged in user and login & register modules are only activated by the login and register modules which can be activated only by the respective button clicks on the login and register panel. Mac if you would like to have a look at the files I would be happy to send them across to you. I too am flummoxed by this logout. I tried to segregate the code as much as I could to try and locate the reason for this logout but so far no luck. One thing that has really surprised me is the fact that there is no real simple -short n sweet - solution to the double click issue in HTML. I searched so much on the net and tried so much code till NEIL was kind enuff to help me using jquery. I may or may not be able to use it but i am grateful for it was a great learning experience. MAC I sure wish you'ld allow me to send you the files to have a look at them. Thanks all for all the help and inputs to this so far.

Hi Guys ! Thanks for the inputs and Neil you are absolutely correct that the above line of code would disable temporarily all the buttons. I too observed that while I was trying to figure things out with these buttons. So while it disables the buttons, it does not send any information of the button that was actually pressed. The $_POST array does not contain any information that would indicate which of the tree buttons was actually pressed. Here's the version :- <?php if($_SERVER['REQUEST_METHOD'] == "POST") { echo "<pre>"; print_r($_POST) ; echo "</pre>"; if(isset($_POST['but1'])&& $_POST['but1']=='SUBMIT1') // && $_POST['myButton'] == "myButton") { echo " Submittin -- But1 Caught <br>"; echo "Submit = ".$_POST['but1']; } if(isset($_POST['but2'])) // && $_POST['but2']=='SUBMIT2') // && $_POST['myButton'] == "myButton") { echo " Submittin -- But2 Caught <br>"; echo "Submit = ".$_POST['but2']; } if(isset($_POST['but3']) && $_POST['but3']=='SUBMIT3') // && $_POST['myButton'] == "myButton") { echo " Submittin -- But3d Caught <br>"; echo "Submit = ".$_POST['but3']; } }else echo "POST Not caught"; ?> <head> <title>Test</title> <script src="//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script> <script type="text/javascript"> $(document).ready(function() { // do stuff when the submit button is clicked $('form[name="myform"]').submit(function(e) { // disable the submit button $('input[type="submit"]').attr('disabled', true); // submit the form return true; }); }); </script> </head> <form name = "myform" action = "button5.php" method = "post" > <p>First Name: <input type="text" size="32" name="firstname"></p> <p>Last Name: <input type="text" size="32" name="lastname"></p> <p><input type="submit" name="but1" value = "SUBMIT1" ></p> <p><input type="submit" name="but2" value = "SUBMIT2" ></p> <p><input type="submit" name="but3" value = "SUBMIT3" ></p> </form> So working with this code I added a hidden field which I could then check to find which button was actually pressed. I will just paste the HTML bit of the code for brevity since the rest is the same. So here's the code with the hidden field. <form name = "myform" action = "button5a.php" method = "post" > <p>First Name: <input type="text" size="32" name="firstname"></p> <p>Last Name: <input type="text" size="32" name="lastname"></p> <Input type ="hidden" name="hidbut" value="" id="hidbut"> <p><input type="submit" name="but1" value = "SUBMIT1" onclick="document.getElementById('hidbut').value='SUBMIT1'" ></p> <p><input type="submit" name="but2" value = "SUBMIT2" onclick="document.getElementById('hidbut').value='SUBMIT2'" ></p> <p><input type="submit" name="but3" value = "SUBMIT3" onclick="document.getElementById('hidbut').value='SUBMIT3'" ></p> </form> and when I ran this code, not only did i get the correct value of the button in the hidden field but surprisingly I also got the submit button value which i did not expect. And greater wonder ( though disappointing) still the temporary disabling of the buttons just vanished !!! I tried a lot of variations but I failed to get that what i wanted which is once again: 1. When any button is pressed, it should submit the $_POST data with the submitted button information ( as a hidden field OR as name pair value) 2. that button should be temporarily, for a short duration, disabled , with an intermediate button state with value changed to say ..wait.. 3. The button handler should do the needful and change the state of the button back to Submit just before exiting the button handler routine. Its ok if all buttons are temporarily reset or just that particular button. Thanks for the patience everybody. I am really a beginner in JS so I may be trying all wrong. I really hope that someone can help me solve this. Thanks loads everybody.

Hi all ! Neil I have just tried your code. Sorry I was looking for a javascript solution but have not found one so far. So finally I tried it. It seems to work though earlier I could not figure it out. I have implemented in an example below. What I have is a form which has 3 buttons. The problem now is that of figuring which of those buttons is being triggered which I think would need a hidden field as Mac has just suggested. I would be glad if you can show me how to do that for 3 buttons on a form. Here's the code using Neil's jquery solution. <?php if($_SERVER['REQUEST_METHOD'] == "POST") { echo "<pre>"; print_r($_POST) ; echo "</pre>"; if(isset($_POST['but1'])&& $_POST['but1']=='SUBMIT1') // && $_POST['myButton'] == "myButton") { echo " Submittin -- But1 Caught <br>"; echo "Submit = ".$_POST['but1']; } if(isset($_POST['but2'])) // && $_POST['but2']=='SUBMIT2') // && $_POST['myButton'] == "myButton") { echo " Submittin -- But2 Caught <br>"; echo "Submit = ".$_POST['but2']; } if(isset($_POST['but3']) && $_POST['but3']=='SUBMIT3') // && $_POST['myButton'] == "myButton") { echo " Submittin -- But3d Caught <br>"; echo "Submit = ".$_POST['but3']; } }else echo "POST Not caught"; ?> <head> <title>Test</title> <script src="//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script> <script type="text/javascript"> $(document).ready(function() { // do stuff when the submit button is clicked $('form[name="myform"]').submit(function(e) { // disable the submit button $('input[type="submit"]').attr('disabled', true); // submit the form return true; }); }); </script> </head> <form name = "myform" action = "button5.php" method = "post" > <p>First Name: <input type="text" size="32" name="firstname"></p> <p>Last Name: <input type="text" size="32" name="lastname"></p> <p><input type="submit" name="but1" value = "SUBMIT1" ></p> <p><input type="submit" name="but2" value = "SUBMIT2" ></p> <p><input type="submit" name="but3" value = "SUBMIT3" ></p> </form> Since I have been hunting for a javascript solution I tried the following as well. This does not seem to work for more than one button . I'll put this here too just in case anyone has some ideas on improving this and getting it working. Would be great ! <?php if($_SERVER['REQUEST_METHOD'] == "POST") { // echo "<pre>"; print_r($_POST) ; echo "</pre>"; if(isset($_POST['but1'])&& $_POST['but1']=='SUBMIT1') // && $_POST['myButton'] == "myButton") { echo " Submittin -- But1 Caught <br>"; echo "Submit = ".$_POST['but1']; } if(isset($_POST['but2'])) // && $_POST['but2']=='SUBMIT2') // && $_POST['myButton'] == "myButton") { echo " Submittin -- But2 Caught <br>"; echo "Submit = ".$_POST['but2']; } if(isset($_POST['but3']) && $_POST['but3']=='SUBMIT3') // && $_POST['myButton'] == "myButton") { echo " Submittin -- But3d Caught <br>"; echo "Submit = ".$_POST['but3']; } }else echo "POST Not caught"; ?> <script type="text/javascript"> function locksubmit(button) { var oldValue = button.value; button.setAttribute('disabled', true); button.value = '...processing...'; setTimeout(function(){ button.value = oldValue; button.removeAttribute('disabled'); }, 500) } </script> <form action = "button3.php" method = "post" > <p>First Name: <input type="text" size="32" name="firstname"></p> <p>Last Name: <input type="text" size="32" name="lastname"></p> <p><input type="submit" name="but1" value = "SUBMIT1" id = "but1" onclick = "locksubmit(this)"></p> <p><input type="submit" name="but2" value = "SUBMIT2" id = "but2" onclick = "locksubmit(this)"></p> <p><input type="submit" name="but3" value = "SUBMIT3" id = "but3" onclick = "locksubmit(this)"></p> </form> Thanks you all.

Hi Mac_gyver & the rest. Thanks for all the inputs so far. So the panel falling down problem is finally solved. I put the boiled down version of the site out there because someone on the jquery forum asked me to do so as he did not wish to receive an email of the zipped file for reasons as stated by mac_gyver. He however was willing to look it up on a site. This is not a sessions problem. The problem is that i wish to ignore the second double click for a short while ( like 1-2 seconds). This can be achieved by disabling the submit button for a short while after its been clicked once. That's all I wish to achieve. So i researched quite a bit and found that I need to use the following (A) <input name="submitButton" id="submitButton" type="submit" value="Submit"onclick="this.disabled=true;this.form.submit();" /> or the 2nd version (B) this.disabled=true;if(this.form.onsubmit()){this.form.submit();}else{this.disabled=false;} with a NOTE NOTE: If in your code, you are using the following to check if the form has been submitted: if (isset($_POST['submitButton'])) { echo "Form submitted!"; } It will need to be replaced by the following: if ($_SERVER['REQUEST_METHOD'] == "POST") { echo "Form submitted!"; } Well (A) above definitely solves the logging out problem. So it does ignore the 2nd click for a very short while as it submits the form but THE FORM SUBMIT IS NOT DETECTED BY ITS HANDLER ROUTINE. For eg I submit the empty form and the handler is supposed to display an error message which I do not receive. So the handler is unable to catch the form submission. Well that solves one problem and creates another. Can anyone suggest something here. I have tried both if (isset($_POST['submitButton']) and if ($_SERVER['REQUEST_METHOD'] == "POST") with to catch the $_post array but none seems to work, Thanks all !

Hi Mac, No this is a different problem. The earlier problem involves the jquery login panel which falls down on button / menu click. That has nothing to do with a double click. I have in fact put that on a website whose link I have already put on that query. If you visit that link you can see the problem in action. In fact I think both problems can be seen there. the double click as well as the login panel sliding down on button and menu clicks. Yea ok so i have just checked it out on the website and both these problems can be seen there. The link is : www.bestbet.bugs3.com/club/demo Username is "Itsme" (without quotes) and password is bcf134 I'ld also like to mention that I am very close to solving the panel drop problem. I think I now have an idea why that is occurring because I have been working on it and slowly eliminating portions one by one. So I think that would be solved. The double clicking problem is not really a problem. All I need is to be able to prevent the second click to be ignored even if for a short ( few seconds time). So thats what I was trying to ask help for here. So these are two disparate problems. Thanks all !

Hi barrikor, I tried using the unique token method but that does not prevent the double click from logging me out. Yes this does cause a data to be entered into a database but the problem of duplication is not the real problem since I get logged out. The problem is to prevent / cause to ignore the second click ( double click) totally. The logging out takes places because I have a session count which if it exceeds 2( >2) , it causes the program to logout. So a double click kind of triggers that. Actually I have been studying to implemented a login system where if a user is already logged in elsewhere ( on machine A, another browser on the same machine ) and tries to login from another machine (machine B or another browser on Machine A), he gets logged out from the first ( machine A / browser). That logic causes the successive clicks to log the user out. Implementing the solution here : http://www.webdevelo...g-a-form-button does prevent the second click but alas the data does not get submitted somehow. I must mention that I am very new to javascript with little knowledge of it. Hence I wanted a PHP solution or one involving as little as possible JS ( something that I understood easily) Any more ideas. Thanks loads.

Hi, I am trying to achieve preventing double clicking of submit buttons on php forms because double clicking causes the user to logout. After checking on the net i found that only javascript can be used for that purpose and came across this article here:- http://www.webdeveloper.com/forum/showthread.php?28560-How-to-prevent-double-clicking-a-form-button However when i tried it, well it stopped the user from logging out but for some reason the form is no longer submitting. i.e. this.form.submit() part of it seems not to be functioning. I was actually looking for something as simple as this for my code. Can someone point me in the right direction. A simple example that works would be great ! Thanks.

Hi all ! Ok so i guess I figured that out myself while I was trying to boil down the code to a bare minimum. So thanks all for all the inputs.

Hi guys !! Hope you all had a great weekend ! I had a great one too trying to get the boiled down version of the code into a website so that you guys could have a look at it. Well that's done and I would now be glad & very grateful to have you gurus have a look at it. So here's the website link www.bestbet.bugs3.com/club/demo.php It would then request for a login and password which are Itsme ( capital I) and bcf134 respectively. That takes us to the Welcome club screen, There are three buttons Home Gallery and Contacts ( they ofcourse don't do anything they say). So long as you go beteent the home and gallery button only and do not touch the contacts, things are fine. But if you just hit the contacts button once ( things are fine still ) and move back to press the home or gallery buttons even without doing anything in the contacts screen at all, the login panel falls and now it falls with each button press thereafter. So I am sure the problem is somewhere in the contacts related file. Ofcousre now its reduced to inspecting just one file which I would like to send personally to the gurus here (via email) who would like to take a look at it. So kindly do reply and send me your email address so that I may then mail the contacts file. I hope that's ok. Thanks all !!

Hi Thanks for the reply mac_gyver. Definitely there must be some error. I was aware that you would have to take a look at the code so i have kinda boiled down the code and tried to remove a number of files and reduce the project size to as much as I could. I now have prepared a zip file that would unzip the project into a directory structure and can then be easily tested on a local host. It also has a database with two very small tables ( few < 5 rows) that would have to be imported into phpmyadmin. Just that sometimes , including myself, people tend to shy away from zipped files n stuff so I am asking if you would be willing to let me post those to you for you to take a look. Please let me know. Thanks loads

Hi !! I am trying to build a website and using a slider login panel created by Web-kreation for loggin in users. On the user page I have created a menu using css and there are some forms to be filled. Once the user navigates the webpages using the menu buttons or the form buttons, the slider panel suddenly starts to fall and open with each such button click. So I have to press the close button again and again to close the panel. Does anybody have any idea why this is happening and how I can keep the panel locked at in the panel close position once the user is logged in. Any help or suggestion on this would be most helpful and I'ld be much obliged. Thanks all !

Hi Ok so i took a quick look at the article and its using javascript which i wanted to avoid since I am mainly using php. Frankly I have tried a similar approach in php by using variables and checking their value just before the button click. In fact the button is supposed to be displayed only if the value is true. <? if isset($button) && ($button==true) ?> <input type = "submit" name = "submit" value = "Submit" > However this does not seem to work. So is there any other way to achieve this without the javascript or is that a must. Thanks again for the reply and definitely looking for some more information on this one. Thanks.

Hi thanks cyberRobort. No i have not so I'll take a look atit and revert. Thanks for the reply.

Hi all. I have just created a login page which logs a person into a page with menu buttons. However, i have noticed that if, inadvertently, i double click any of the menu buttons or the other form submit buttons, i get logged out. I think this is because of the session_regenerate_id that i used for the login purpose and which I don't want to change. So I would like to know if there is some way to ignore subsequent clicks for a certain period of time once the button has been clicked. For e.g. if i have clicked a submit button, then i want that any further clicks on the same button be ignored if they occur within say 500ms of the 1st one. Something like that. Or better still if the subsequent clicks are ignored until the previous button action has been completetd once it is clicked. Again for e.g. if i a submit button is accessing a database and takes say 300ms to retrive and display that information, then once that button has been clicked, subsequent clicks on it should be ignored - in this eg. for 300 ms - till the previous button action is complete. Implore all the gurus for their invaluable inputs and guidance. Thanks all !

Hi guys ! thanks for both the replies. Ginerjim, you were right. leaving the quotes off the variable did the trick. Surprising thing is that I tried that before posting this question and for some reason it did not work. After your suggestion I tried it again just now and it worked !! Thanks loads both of you. Very grateful. Ajoo.

Hi all ! I wish to build a mysql query which is very simple. An example of the query I want is as follows: $query = "Select * FROM $table WHERE tables=1 OR tables=2 AND Member_status = 'D' "; The problem is that the conditions Where tables=1 or tables=2 can vary and i can have tables=3 , tables=4 etc. as well. So basically the OR condition is ramdom and must be constructed in a loop. I constructed a loop which stores the result in a variable $tablescnt. i.e. echo .$tablescnt; gives tables=1 OR tables=2 OR tables=3 and so on depending upon the loop iterations. However i don't know i am going to substitute this ($tablescnt) into $query above. I tried $query = "Select * FROM $table WHERE '$tablescnt' AND Member_status = 'D' "; where i hoped that $tablescnt would expand as desired. However it did not work. So any suggestions on how I may proceed would be very helpful. Thanks all for your time to check this out and help me.

Hi, I am stuck trying to get the link/href statement to work. I have tried so many variations but i get a very persistent error. Kindly help while($rows=mysqli_fetch_array($result)) { $count = $count+1; $field[$count] = $rows['Member_ID']; echo "<tr> <td>".$count."</td> <td> &nbsp ".$rows['fname'].' '.$rows['lname']."</td> <td> < a href = "$_SERVER['PHP_SELF']?id = $count "> Update </a> </td> </tr>"; } It results in this error "Parse error: syntax error, unexpected T_VARIABLE, expecting ',' or ';' in D:\xampp\htdocs\xampp\MagicLogin\includes\fra_register1.php on line 84". I have tried the following variations: < a href = "$_SERVER['PHP_SELF']? id = <? echo $count; ?> "> Update </a> < a href = "$_SERVER['PHP_SELF']?id = <? echo $count; ?> "> Update </a> < a href = "$_SERVER['PHP_SELF']? id = <?php echo '.$count.'; "> Update </a> < a href = "$_SERVER['PHP_SELF']? id = <? echo '$count'; "> Update </a> and maybe a few more I did not keep track of but the error persists and I can't figure it out. Please note that there is no actual variable like "id" that i am using in the statement ($_SERVER['PHP_SELF']? id= ) . So far as I know that only used to pass a value back to the program. This could be very stupid but could someone help me out. Thanks.

Thanks Kicken, That gave me a lot of confidence. I'll try the alias again now. I have tried it twice but it did not work but maybe i did make some mistake. Thanks loads. Gurus are great !

Hi Barand, I have another small question. I have the following query : Select Distance, SUM((Score/10)*100)/MAX(ID) as Racetime FROM Race, Here the Racetime is an alias. While the value of Racetime calculated is perfect, I am unable to access this value from php using the usual procedure, $query = "Select Distance, SUM((Score/10)*100)/MAX(ID) as Racetime FROM Race"; $result = mysqli_query($link,$query); $row=mysqli_fetch_assoc($result); $dis = $row['Distance']; $RT = $row['Racetime']; I have left out some commands for checking the status of the query's output for brevity. So please explain how can a calculated alias field like 'Racetime' be received into PHP. Thanks

Hi Barand, Thanks. I'll try and clarify. OK his refers to the players own. To clarify, I'll take your example of 2 players A and B. Lets say player A logs in first. As mentioned, the game accesses player A's initial values and settings and he plays his game for 10 minutes all the while he's connected to the DB i.e. the program does not use a command like mysqli_close to close the connection with the database for those 10 minutes A is playing the game. Now if player B tries to log into the same game / program/ application after say 2 minutes of player A's login and the program / application tries to access the database to get player Bs settings, would the program be able to do so or would the fact that the database is already opened by player As instance of the game / prog/ application be a hindrance? Surely the program will update both player As and player Bs scores and add it to the database. No question of the players updating their own or another person's score. The program will update their scores into a common database once they have played their games because it would need those to rank the players. Finally I have also read some articles on database locking and what I have gathered is that just because a database connection is opened by one player, it does not mean that it cannot be accessed by another especially if we define the SQL commands using NOLOCK or ROWLOCK commands if we are sure that it would be just one or 2 rows that would be affected by our SQL commands. And for some commands we don't even have to have a lock and so we can use NOLOCK. However the programmer should be clear of the amount of database entries that his SQL commands are affecting. So I'll be happy if you can confirm what i have construed is correct regarding locks and also look into the players example and answer that as well. Thanks especially Barand and all gurus on this forum. You guys rock !

Hi Barand, I read through that which you suggested and am none the wiser. Gurus like yourself are able to understand such complex noob stuff but i just felt sleepy !! I'ld be grateful if you can answer my two questions yourself in a simplified language. I'll take an example for the 2nd question. Suppose I have a game being played by 100's of persons simultaneously and their scores are recorded in a database. Now when each person logs into the game he accesses the database for his initial settings ( READ ONLY) like level etc and maintains his connection with the DB ( mysqli_connect). Once he finishes the game he updates his score and quits. If the entire process lasted for 10 minutes, from login to playing the game, updating the score and logging out, would another gamer be not able to update his score to the same database in those 10 minutes. Is it that bad? Couldn't be. I don't think so and certainly certainly hope not. For my first question, i read through the MySql chapter 19 as suggested by you, but did not find any practical example of using the procedures/functions using php. Will try and look up on the net still even after i write this mail. Please help. Thanks loads !!