JS killing the session...

[Coreye]

Hey guys,

 

A friend and me are developing a chat, but for some reason when user's login it kills there session. It worked fine before we added the userlist. Can anyone see why it's not keeping the session? I've included both chat.js and ajax.php.

 

/ajax.php

<?php
session_start();
header("Content-type: application/xml");

define('CORE', './core/'); // Folder that the core files are in; if you didn't rename any folders, don't change this line. \\
define('IN_CMS', true);

include(CORE . 'main.php'); // Include our main file \\

$do = $_GET['module'];

$xml .= "<root>";
if ($do == 'messages')
{
	$xml .= "<messages>";
	if (!is_numeric($_SESSION['last_message']))
		$_SESSION['last_message'] = 0;
	$messages = $main->db->get_data('messages', 'id', $_SESSION['last_message'], 0, 'id|ASC', '>=');
	if (is_array($messages))
		foreach ($messages as $message)
		{
			$_SESSION['last_message'] = $message['id'] + 1;

			// Sender's information \\
			$sender = new user(array('id' => $message['user_id']), array('get_info'));

			// Put the message in the correct format \\
			$message['message'] = str_replace(array('{$user_color}', '{$user_name}', '{$message}', '{$color}'), array($sender->group['color'], $sender->info['username'], $message['message'], $message['color']), $message['m_format']);

			// Date & Time of the message \\
			$message['date_time'] = explode(';', $message['date_time']);
			$date = $message['date_time'][0];
			$time = $message['date_time'][1];

			if ( stristr($message['to'], 'user:' . $me->info['id'] . ';') || stristr($message['to'], 'room:1') )
			{			
				$xml .= "<message>";
				$xml .= "<id>".$message['id']."</id>";
				$xml .= "<date>".$date."</date>";
				$xml .= "<time>".$time."</time>";
				$xml .= "<message>" . htmlspecialchars($message['message'])."</message>";
				$xml .= "</message>";
			}
		}
	$xml .= "</messages>";
}
elseif ($do == 'SendMessage')
{
	$sys = array(
		'id' => 86,
		'color' => 'ffcc00'
	);
	function send_message($user, $message, $color, $to)
	{
		$ip= $_SERVER['REMOTE_ADDR'];
		$GLOBALS['main']->db->insert_data('messages', array('user_id', 'ip', 'message', 'to', 'color'), array($user, $ip, $message, $to, $color));
	}
	$message = $main->clean($_GET['message']);
	if ($me->checkBan())
	{
		$message = "You are currently banned so you cannot talk.";
		send_message($sys['id'], $message, $sys['color'], 'user:' . $me->info['id'] . ';');
	}
	elseif (!$main->is_blank($message))
	{
		if (stristr($message, '/'))
		{
			$cmd = explode('/', $message);
			$cmd = explode(' ', $cmd[1]);
			$args = $cmd[1];
			$cmd = $cmd[0];
			if (!include('modules/commands/' . $cmd . '.php'))
			{
				$message = "This is not a valid command.";
				send_message($sys['id'], $message, $sys['color'], 'user:' . $me->info['id'] . ';');
			}
		}
		elseif (preg_match('/(ass|bitch|bastard|fuck|shit)/', strtolower($message)))
		{
			$message = "You cannot use language like that.";
			send_message($sys['id'], $message, $sys['color'], 'user:' . $me->info['id'] . ';');
		}
		else
		{
			$me->info['points'] = $me->info['points']+1;
			$main->db->update('users', 'points', $me->info['points'], 'id', $me->info['id']);
			send_message($me->info['id'], $message, $me->group['color'], 'room:1');
		}
	}
	else
	{
		$message = "You cannot send blank messages.";
		send_message($sys['id'], $message, $sys['color'], 'user:' . $me->info['id'] . ';');
	}
}
elseif ($do == 'users')
{
	if (!$_SESSION['online']) $_SESSION['online'] = array();
	$users = $db->get_data('online', 'time', time(), 0, '', '>');
	$xml .= "<offline>";
	if (is_array($_SESSION['online']))
		foreach ($_SESSION['online'] as $check)
		{
			if (!$users["{$check['id']}"])
			{
				$xml .= "<user>";
					$xml .= "<color>" . $check['color'] . "</color>";
					$xml .= "<badge>" . $check['badge'] . "</badge>";
					$xml .= "<name>" . $check['username'] . "</name>";
					$xml .= "<id>" . $check['id'] . "</id>";
					$xml .= "<group>" . $check['group'] . "</group>";
				$xml .= "</user>";
			}
		}
	$xml .= "</offline>";
	$xml .= "<online>";
	if (is_array($users))
		foreach ($users as $user)
		{
			if (!in_array($user['id'], $_SESSION['online']))
			{
				$xml .= "<user>";
					$xml .= "<color>" . $user['color'] . "</color>";
					$xml .= "<badge>" . $user['badge'] . "</badge>";
					$xml .= "<name>" . $user['username'] . "</name>";
					$xml .= "<id>" . $user['id'] . "</id>";
					$xml .= "<group>" . $user['group'] . "</group>";
				$xml .= "</user>";
				$_SESSION['online']["{$user['id']}"] = $user;
			}
		}
	$xml .= "</online>";
	$_SESSION['online'] = $users;
}
$xml .= "</root>";
echo $xml;
?>

 

/chat.js

function GetXmlHttpObject()
{
var objXMLHttp=null ;
if (window.XMLHttpRequest)
{ 
	objXMLHttp=new XMLHttpRequest();
} 
else if (window.ActiveXObject)
{ 
	objXMLHttp=new ActiveXObject("Microsoft.XMLHTTP");
}
return objXMLHttp;
}
function SendMessage()
{
var messages_xmlHttp=GetXmlHttpObject();
if (messages_xmlHttp==null){ return false; }
message = encodeURIComponent(document.forms.send_message.message.value);
var url="ajax.php?module=SendMessage&message=" + message;
messages_xmlHttp.open("GET",url,true);
messages_xmlHttp.send(null);
document.forms.send_message.message.value = "";
return false;	
}
function moveScrollBar(div)
{
document.getElementById(div).scrollTop = document.getElementById(div).scrollHeight;
}
function GetMessages()
{
var messages_xmlHttp=GetXmlHttpObject();
if (messages_xmlHttp==null){ return }
var url="ajax.php?module=messages";
messages_xmlHttp.open("GET",url,true); 
messages_xmlHttp.onreadystatechange = function ()
{ 
	if (messages_xmlHttp.readyState == 4)
	{
		var response = messages_xmlHttp.responseXML.documentElement;
		var messages = response.getElementsByTagName("message");
		var messages_div = document.getElementById('messages');
		for (i=0; i < messages.length; i++)
		{
			var text=messages[i].getElementsByTagName("message")[0].firstChild.data
			var child_div = document.createElement('div');
			child_div.innerHTML = text;
			messages_div.appendChild(child_div);
			moveScrollBar('messages');
		}
	}
}; 
messages_xmlHttp.send(null);
var messageTimer = setTimeout("GetMessages()", 1000);	
}
function GetUsers()
{
var messages_xmlHttp = GetXmlHttpObject();
if (messages_xmlHttp == null) { return }
var url = "ajax.php?module=users";
messages_xmlHttp.open("GET",url,true);
var users_div = document.getElementById('users');
messages_xmlHttp.send(null);
messages_xmlHttp.onreadystatechange = function ()
{ 
	if (messages_xmlHttp.readyState == 4)
	{
		var response = messages_xmlHttp.responseXML.documentElement;
		var online = response.getElementsByTagName("online");
		online =online[0].getElementsByTagName("user");
		var offline = response.getElementsByTagName("offline");
		offline =offline[0].getElementsByTagName("user");
		for (i=0; i < online.length; i++)
		{
			var newdiv = document.createElement('div');
			var user_id=online[i].getElementsByTagName("id")[0].firstChild.data
			var username=online[i].getElementsByTagName("name")[0].firstChild.data
			var color=online[i].getElementsByTagName("color")[0].firstChild.data
			var badge=online[i].getElementsByTagName("badge")[0].firstChild.data
			var child_div = document.createElement('div');
			var divIdName = 'user_' + user_id;
			if (!document.getElementById(divIdName))
			{
				newdiv.setAttribute('id',divIdName);
				newdiv.innerHTML = "<img src='"+badge+"' /> "+username;
				users_div.appendChild(newdiv);
			}
		}
		for (ii=0; ii < offline.length; ii++)
		{
			var user_id=offline[ii].getElementsByTagName("id")[0].firstChild.data
			var olddiv=document.getElementById("user_" + user_id);
			users_div.removeChild(olddiv);
		}
	}
}; 
var userTimer = setTimeout("GetUsers()", 3500);
}

 

Thanks,

Corey

[Coreye]

When we comment out

$xml .= "<name>" . $user['username'] . "</name>";

it keeps the session. But then the user list doesn't work.