Jump to content


Photo

Users getting connected to a different session


  • Please log in to reply
2 replies to this topic

#1 mikejarrett

mikejarrett
  • New Members
  • Pip
  • Newbie
  • 4 posts

Posted 23 May 2006 - 09:57 PM

I have an application that, upon successful login, stores the name of the MySQL database and various other values in $_SESSION varibles. There have been several instances where it appears that a user in one database seems to connect to the session of another.

The session process that I am using is simple:

<?php
session_start();
...

and my connections to the database are though:

@ $db = mysql_pconnect(host, user, password);

mysql_select_db($_SESSION['dbname']);

Many of my databases have the same table names, so that a user may see data that should be seen only by another.

I am not terminating my pconnect or database queries -- and it seems that the termination of the scripts should all end them cleanly, right? Is there anything that I need to be doing with my $_SESSION that would cause it to work incorrectly? The SESSION stuff has seems to work well, but it pretty much magic to me. Should I store the session values in local cookies rather then on the server (at least, that is where I think that I am storing them)? Do I have to worry about how the server points one session file to another? Is there something that I need to think about regarding the naming of session?

Thanks for your help.

Mike

#2 mikejarrett

mikejarrett
  • New Members
  • Pip
  • Newbie
  • 4 posts

Posted 24 May 2006 - 04:29 AM

Ok, I'll post my own answer.

What was happening was my session was timing out, and the $_SESSION['dbname'] was not set. If you call a pconnect without selecting a database, it will grab a database randomly (that is, it probably uses a connection that is pre-connected to a database). I have built a test case that proved my hypothesis.

So, how to fix? I can either test the $_SESSION['dbname'] or probably a connect (not pconnect) would work. I think that I am going to go with the first -- but do you know the difference of connect vs. pconnect?

#3 trq

trq
  • Staff Alumni
  • Advanced Member
  • 31,041 posts

Posted 24 May 2006 - 05:01 AM

If you don't know the difference between pconnect and connect you do NOT need pconnect. Without going into detail, unless you are absolutely sure you know what you are doing, pconnect is a complete resource hog and usually impractical.

My bigest question however is.... Why do your users require individual databases?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users