onedumbcoder Posted July 28, 2009 Share Posted July 28, 2009 here is an odd bug i am running into and cant seem to figure out wtf is going on. maybe one of you has encounter something similar? i am encountering a really weird bug this one page i log in from the index page and i go to many different pages and everything is fine but then i got to this page c lets say and it logs me out but when i log in the second time and do the same procedure and go to page C it does not log me out... This is what happens for example a) I log in b) go to page A c) go to page B d) go to page C > site logs me out and sends me back to index page to log in again. So at this point I log in for the second time and do the same thing a) I log in b) go to page A c) go to page B d) go to page C > Page works perfectly and it does not log me out. Quote Link to comment Share on other sites More sharing options...
shedokan Posted July 28, 2009 Share Posted July 28, 2009 Does it matters which page is page C? the problem might be at page C, if it's the same one each time. Quote Link to comment Share on other sites More sharing options...
gevans Posted July 28, 2009 Share Posted July 28, 2009 Is this mysql or php related? How are you managing your login system, lets see some code. Quote Link to comment Share on other sites More sharing options...
Maq Posted July 28, 2009 Share Posted July 28, 2009 Maybe a sessions issue...? It's hard to tell with the lack of information. Is there a specific reason you posted this in the MySQL section? Quote Link to comment Share on other sites More sharing options...
onedumbcoder Posted July 28, 2009 Author Share Posted July 28, 2009 it only happens at the same page. they all use the same two include files which is connect $host = ""; $user = ""; $password = ""; $database = ""; if (!($db = mysql_pconnect($host, $user , $password))){ die("Can't connect to database server."); } else { if (!(mysql_select_db("$database",$db))) { die("Can't connect to database."); } } and session session_start(); $sessionuser = $_SESSION['username']; $sessionpassword = $_SESSION['password']; $userid = ""; $sessionquery = "SELECT id FROM user WHERE username = '" . trim($sessionuser) . "' AND password = '" . trim($sessionpassword) ."'"; $query_sessionresult = mysql_fetch_array(mysql_query($sessionquery)); if (mysql_affected_rows() < 1) { header("Location: ../index.php"); } $userid = $query_sessionresult['id']; Quote Link to comment Share on other sites More sharing options...
gevans Posted July 28, 2009 Share Posted July 28, 2009 Can you show the page that's causing the problem? Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted July 28, 2009 Share Posted July 28, 2009 It sounds like the hostname/subdomain is changing - www. verses no-www. on the domain name and the session cookie is not setup to match both URL's (with and without a hostname/subdomain.) The first time through you are probably using URL's of one type. When you get to page C, the URL changes to the other type. When you go back to the log in page it stays as the type of URL that matches page C and it remains as that type so that when you get tp page C again the session cookie matches the URL you are using to get to page C and your session is resumed whereas it was not the first time you reached page C. If this is what is happening (what are your actual URL's?), you need to set the domain portion of the session cookie settings to match your domain independently of having or not having a www. hostname on it. Quote Link to comment Share on other sites More sharing options...
onedumbcoder Posted July 28, 2009 Author Share Posted July 28, 2009 PFMaBiSmAd you nailed it right on the head, I was about to come over here and say that since i just figured it out too. However I did not know the solution. But i dont use cookies or know how to use them, can you help me with it? Also is there a way to do it without cookies? Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted July 28, 2009 Share Posted July 28, 2009 By default, the session id is propagated using a cookie. To set the domain portion of the session cookie parameters, you need to use - http://us2.php.net/manual/en/function.session-set-cookie-params.php See the third parameter and you need to do this before every session_start() statement. It is often better to globally set the session.cookie_domain in a .htaccess file (when php is running as an Apache module) or in a local php.ini (when php is running as a CGI application.) Quote Link to comment Share on other sites More sharing options...
rhodesa Posted July 28, 2009 Share Posted July 28, 2009 in the session include file, shouldn't this: $sessionquery = "SELECT id FROM user WHERE username = '" . trim($sessionuser) . "' AND password = '" . trim($sessionpassword) ."'"; $query_sessionresult = mysql_fetch_array(mysql_query($sessionquery)); if (mysql_affected_rows() < 1) { header("Location: ../index.php"); } $userid = $query_sessionresult['id']; be $sessionquery = "SELECT id FROM user WHERE username = '" . trim($sessionuser) . "' AND password = '" . trim($sessionpassword) ."'"; $query_sessionresult = mysql_query($sessionquery); if (mysql_num_rows($query_sessionresult) !== 1) { header("Location: ../index.php"); } $query_sessionrow = mysql_fetch_array($query_sessionresult); $userid = $query_sessionrow['id']; Quote Link to comment Share on other sites More sharing options...
onedumbcoder Posted July 29, 2009 Author Share Posted July 29, 2009 in the session include file, shouldn't this: $sessionquery = "SELECT id FROM user WHERE username = '" . trim($sessionuser) . "' AND password = '" . trim($sessionpassword) ."'"; $query_sessionresult = mysql_fetch_array(mysql_query($sessionquery)); if (mysql_affected_rows() < 1) { header("Location: ../index.php"); } $userid = $query_sessionresult['id']; be $sessionquery = "SELECT id FROM user WHERE username = '" . trim($sessionuser) . "' AND password = '" . trim($sessionpassword) ."'"; $query_sessionresult = mysql_query($sessionquery); if (mysql_num_rows($query_sessionresult) !== 1) { header("Location: ../index.php"); } $query_sessionrow = mysql_fetch_array($query_sessionresult); $userid = $query_sessionrow['id']; Whats the difference? Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted July 29, 2009 Share Posted July 29, 2009 A SELECT query does not set mysql_affected_rows() (first piece of code), it sets mysql_num_rows() (second piece of code) and you need to test how many rows are in the result set before you use mysql_fetch_array() and the header() redirect needs an exit; statement after it to prevent the rest of the code on the page from being executed. Quote Link to comment Share on other sites More sharing options...
onedumbcoder Posted July 29, 2009 Author Share Posted July 29, 2009 A SELECT query does not set mysql_affected_rows() (first piece of code), it sets mysql_num_rows() (second piece of code) and you need to test how many rows are in the result set before you use mysql_fetch_array() and the header() redirect needs an exit; statement after it to prevent the rest of the code on the page from being executed. thats odd, it seems to work, i been using it all through out my code and it always returns the right number. Am I missing something? Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted July 29, 2009 Share Posted July 29, 2009 In the original posted code, the header() redirect is probably failing and then the remainder of the code is being executed anyway, so it would 'appear' that the code is working. If the code has a previous INSERT, UPDATE, REPLACE or DELETE in it, mysql_affected_rows() could also return a value and make it 'appear' that the code is working. The posted code is not correct. Quote Link to comment Share on other sites More sharing options...
onedumbcoder Posted July 29, 2009 Author Share Posted July 29, 2009 PFM I think you might be wrong on this one. I just executed this code to test it include("/include/cms/connect.inc.php"); $result = mysql_query("SELECT * from user"); echo mysql_affected_rows(); and it returned the correct number of rows. this is the include file $host = ""; $user = ""; $password = ""; $database = ""; if (!($db = mysql_pconnect($host, $user , $password))){ die("Can't connect to database server."); } else { if (!(mysql_select_db("$database",$db))) { die("Can't connect to database."); as you can see there is no insert update replace or delete. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted July 29, 2009 Share Posted July 29, 2009 It might be returning the expected value, but don't count on it. This is the current definition - Get the number of affected rows by the last INSERT, UPDATE, REPLACE or DELETE query associated with link_identifier . Php.net has a history of introducing changes (both documented and undocumented) that are later undone. Someone may in fact have altered the base code so that mysql_affected_rows() does the same thing as mysql_num_rows(), but it is not documented, so don't rely on it (the people in the past that have relied on 'undocumented' features in php have gotten burnt by using them.) Both rhodesa and I are trying to get you to use the correct function in your code that we know will work now and later. What you have now cannot be guaranteed to work outside of your current version of php/mysql. Quote Link to comment Share on other sites More sharing options...
onedumbcoder Posted July 29, 2009 Author Share Posted July 29, 2009 I see what your saying, and its going to be hell for me to go back and change them all, i would have to look over 300 files. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.