jworisek
-
Posts
112 -
Joined
-
Last visited
Never
Posts posted by jworisek
-
-
I've been messing around with this on and off for a while now and I just cant figure it out...
I have three pages.
login.php
authentication.php
index.php
you type your user/pass on login and it takes you to the auth page. On auth I verify the user/pass and if they are correct I start the session, register session variable names, and set the variables. Then I use header() to send the user to index.php. Index then checks to make sure the user is authorized.
When I do this, I get a new session id from the auth page, and then the index page tries to use the session id from the last successful login from that user. The variance in session ids causes my script to kick the user back to the login page. The second time the user tries to login the auth page has another new session id but this time the index page also uses the same id and it works fine. To logout I have a link that takes the user to a page that uses session_destroy();
here is the basic code:
auth
<?php //verify login credentials if (mysqli_num_rows($result)==1){//verified session_start(); //CHECKPOINT#1 session_register('curr_sess_id'); $_SESSION[curr_sess_id]=session_id(); //CHECKPOINT#2 header('http://mydomain.com/protected/index.php') exit; } else{ //return back to login with error } ?>index
<?php session_start(); //CHECKPOINT#3 if ($_SESSION[curr_sess_id]==session_id()){//this is not the check that I do, I am just trying to simplify it // good} } else{ // kick user back to login } ?>On the first attempt you would get
CHECKPOINT#1 session id=g20i9aj6j78f61ceq4ecj8vj65 curr_sess_id=
CHECKPOINT#2 session id=g20i9aj6j78f61ceq4ecj8vj65 curr_sess_id=g20i9aj6j78f61ceq4ecj8vj65
CHECKPOINT#3 session id=kcne7s5fbfcpeukuq2mrselgg4 curr_sess_id=kcne7s5fbfcpeukuq2mrselgg4
On the second attempt I get:
CHECKPOINT#1 session id=c30fi9pfctt2i18mn68822skm3 curr_sess_id=
CHECKPOINT#2 session id=c30fi9pfctt2i18mn68822skm3 curr_sess_id=c30fi9pfctt2i18mn68822skm3
CHECKPOINT#3 session id=c30fi9pfctt2i18mn68822skm3 curr_sess_id=c30fi9pfctt2i18mn68822skm3
Anyone have an idea? It happens on multiple browsers and PCs. could it be something with settings in php.ini?
-
well its really hard to know what you are expecting.... post the rows of data that you should be getting... you weren't getting 3 repeated rows of the same data to begin with.
-
I'm confused by what is so difficult here... all you need are if/else statements on the next page to determine which query to apply...
-
I think its you query... try this:
SELECT * FROM smf_messages, smf_topics WHERE smf_messages.ID_BOARD = smf_topics.ID_BOARD AND smf_topics.ID_BOARD = ' . $BoardID;
You are never specifying how to join the tables so the query doesn't join them... it looks for results in one table then pulls results for the next (I think).
-
what is being echoed 3 times? are you pulling 3 results from your query?
-
-
actually, I would move the $customer_id clause to the where...like
SELECT orders.order_date, orders.received_date, orders.updated_date,orders.received_by,orders.destroyed_by,orders.model_number, orders.serial_number, orders.capacity, orders.confirmation_id, customers.contact_name, customers.contact_phone, manufacturers.manufacture_name FROM orders LEFT JOIN customers on orders.customer_id = customers.customer_id LEFT JOIN manufacturers on orders.manufacturer_id=manufacturers.manufacturer_id WHERE orders.confirmation_id ='$confirmation_id' AND orders.customer_id = '$customer_id'
-
LEFT JOIN customers on orders.customer_id = $customer_id
you arent stating how customers should be joined... should probably be:
LEFT JOIN customers on (orders.customer_id = customers.customer_id and customers.customer_id = $customer_id)
-
the exact table structure is irrelevant... only that there is a unique identifier in table1 and a unique identifier in table2.
in this case you could use
ID as the table1 id
short as the table2 id
if table1 only stores ID and SERVICES, then you can restructure table1 and you have no need for table 3.
I'm just saying if you make them all on their own rows with the same ID, then it is very easy to write the query since you have established a direct relation.
-
let me know if I am understanding you correctly....
table1
t1_id short other
------------------
1 a,b,e,f ........
2 a,f .........
etc.
table2
t2_id short long
---------------------
1 A Apple
2 B Ball
3 E Egg
4 F Fly
etc...
what I am saying is remove the short column from table1 and make a tabl3 that would look like:
table3
t1_id t2_id
-----------------
1 1
1 2
1 3
1 4
2 1
2 4
The same data is stored, table3 just allows you to relate the data in an easier fashion.
-
the simplest way to do it with mysql would be to make it relational...
table 1 (t1_id, other_data)
table2 (t2_id, short, long)
table3 (t1_id, t2_id)
Then you don't have to mess around with breaking up strings to make joins.
SELECT long from table1 t1 INNER JOIN table3 t3 ON (t1.t1_id=t3.t1_id) INNER JOIN table2 t2 ON (t3.t2_id=t2.t2_id)
-
are you pulling many records at the same time for this? it would be easy to make into an array after you pull it out and just do it with a second query.
-
SELECT long FROM table1 t1 INNER JOIN table2 t2 ON (t1.short=t2.short)
-
have you checked that you have update privileges for that user? I'm assuming you verified that the variables are actually being put in the query by echoing it back?
-
This should be possible but I just can't think of it right now...
WORK table (work_id, input_user_id, worker_user_id)
USERS table (user_id, user_name)
I need to get names from their respective IDs for both input_user_id (the person who inputs the job data) and worker_user_id (the person who does the job) in one sql statement.
So I currently have:
SELECT work_id, input_user_id, user_name as worker_name FROM work W INNER JOIN users U ON (W.worker_user_id=U.user_id)
And then do another query on input user_id.
-
can't get it all in one SQL statement?
SELECT * FROM table1 LEFT JOIN table2 ON (table1.code=table2.code) where .....
-
slightly off topic, but are the exploits of mail scripts only possible if you place user input into the header? Personally I don't put the users email address as From:. I just put our website so that we know it was submitted from the web and then the users email is listed in the body.
-
can you just save the date the contact was made and then sort based on dates to get the number?
-
decide on a new format and adjust the existing data for that... I would say either use military time (1pm being 13:00) or having a seperate column to check am or pm. Then you also want to check the input to make sure that people only enter valid times. If its going to be a headache, make a dropdown for the hours then a dropdown for the minutes and combine them before submitting.
-
well, you could just scan the profiles for telltale code when they submit...
like <script type=Javascript or <? or <?php etc -
headers should be called like this:
[code]
header (Location: "http://www.blahblah.com");
[/code]
yours is printed as this:
[code]
header (Location: http://www.blahblah.com);
[/code] -
well I populate mine with php into a bunch of arrays (I just put the static arrays there as an example)... like I said though, if you want to do it without refreshing and dynamically check the database, look into using AJAX.
-
post the code for it
-
try something like this... its what I use:
[code]
<SCRIPT LANGUAGE="JavaScript">
<!-- Original: Jerome Caron (jerome.caron@globetrotter.net) -->
<!-- This script and many more are available free online at -->
<!-- The JavaScript Source!! http://javascript.internet.com -->
<!-- new Array("display", value) -->
colors = new Array(
new Array(
new Array("Blue", 638),
new Array("Yellow", 945),
),
new Array(
new Array("Red", 638),
new Array("Orange", 945),
new Array("pink", 634)
);
function fillSelectFromArray(selectCtrl, itemArray, goodPrompt, badPrompt, defaultItem) {
var i, j;
var prompt;
// empty existing items
for (i = selectCtrl.options.length; i >= 0; i--) {
selectCtrl.options[i] = null;
}
prompt = (itemArray != null) ? goodPrompt : badPrompt;
if (prompt == null) {
j = 0;
}
else {
selectCtrl.options[0] = new Option(prompt);
j = 1;
}
if (itemArray != null) {
// add new items
for (i = 0; i < itemArray.length; i++) {
selectCtrl.options[j] = new Option(itemArray[i][0]);
if (itemArray[i][1] != null) {
selectCtrl.options[j].value = itemArray[i][1];
}
j++;
}
// select first item (prompt) for sub list
selectCtrl.options[0].selected = true;
}
}
// End -->
</script>
[/code]
[code]
<form method="POST" action="two.php" name="Main">
<h1>New Order</h1>
<h2>Process</h2>
<SELECT NAME="process_id" onChange="fillSelectFromArray(this.form.color_id, ((this.selectedIndex == -1) ? null : colors[this.selectedIndex-1]));">
<OPTION VALUE="-1">Select Process</option>
<? echo $process_list; ?>
</SELECT>
<h2>Enhancement</h2>
<SELECT NAME="color_id">
<option value="0">Select Enhancement</option>
</SELECT>
<input type="submit" value="submit" name="submit" />
</form>
[/code]
So depending on which process chosen, the correct enhancements are placed in the dropdown menu. Unfortunately this way I need to preload all enhancements. If you want to do it on the fly look into using AJAX to access a php script and bring the data back without refreshing.
session id behaving odd
in PHP Coding Help
Posted
I dont think you read my post... the first attempt at login the authentication sets one session id and then the index page tries to use the session id from the last successful connection (not the one the auth page just used) by that user.
as I said:
the session isnt being transferred properly between pages and I was just trying to show that. Besides which, checking the session variable wouldn't be acceptable if it was trying to use an old session id.