Jump to content

Archived

This topic is now archived and is closed to further replies.

heartonsleeve

Updating a session without ending it first

Recommended Posts

Okay, I'm working on a site that deals with user profiles and everything is working pretty well.

However, when a user tries to update their profile picture I've got it set up to delete their old one (only if the new one uploads successfully) and the session still calls the old one. If the user logs out and logs back in, it works just fine but is there a way I can skip that step?

Share this post


Link to post
Share on other sites
[code]
<?php include $_SERVER['DOCUMENT_ROOT']."/common.php";
function myheader($ptitle){

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title><?php echo ($ptitle); ?></title>
</head>

<body onLoad="preloadImages();">
<div class="page_body">
<div align="right" class="account_area">
<?
if($_SESSION['login'] == true){



?>
<div class="top_stuff_box">
<div class="top_stuff_words">
Welcome, <? echo $_SESSION[first_name];?>

<div class="top_stuff_account"><a href="edit_profile.php">edit profile</a> &nbsp;|&nbsp; <a href="view_profile.php">view profile</a> &nbsp;|&nbsp; <a href="logout.php">logout</a></div>
</div>
<div class="top_stuff">
<img src="<? echo $_SESSION[profile_pic];?>" alt="<? echo $_SESSION[username];?>" style="padding: 3px; border: 1px solid #6a7f92;" />
</div>
</div>
</div>
<?
} else {
?>
<div class="top_stuff_box">
<div class="top_stuff_words">
welcome, Guest
<div class="top_stuff_account"><a href="login.php">sign in</a> &nbsp;|&nbsp; <a href="join.php">create an account</a></div>
</div>
<div class="top_stuff">
<img style="padding: 3px; border: 1px solid #6a7f92;" src="images/guest_pic.gif" alt="sampleprofile" />
</div>
</div>
</div>
<?
}
?>
[/code]

That's my layout.php page. $_SESSION[profile_pic] is what I'm having trouble with...

Share this post


Link to post
Share on other sites
More appropriate to post the code that changes the user's image.

Probably all you need to do as the last thing in the part that verifies the new image is set

$_SESSION['profile_pic'] to their new image.

then just to be safe call:

session_write_close(); and refresh the page to wherever you need it.

Jeff

Share this post


Link to post
Share on other sites
Sorry, this is the upload code I'm using.

I would use what Jenk suggested but I'm hosted at Godaddy and their php version is older than what regenerate_session_id requires.



[code]
// Get a specific result from the "example" table
$result = mysql_query("SELECT * FROM members
WHERE member_id='$_SESSION[member_id]'") or die(mysql_error()); 

// get the first (and hopefully only) entry from the result
$row = mysql_fetch_array( $result );

$old_pic = $row['profile_pic'];

if ($_FILES['imagefile']['type'] == "image/gif"){

// random 4 digit to add to our file name
// some people use date and time in stead of random digit
$random_digit=rand(00000,99999);

//combine random digit to you file name to create new file name
//use dot (.) to combile these two variables

$new_file_name=$random_digit . "_" . $_SESSION[username] . "_";
// Where the file is going to be placed
$target_path = "users/images/" . $new_file_name;

/* Add the original filename to our target path. Result is "uploads/filename.extension" */
$target_path = $target_path . basename( $_FILES['imagefile']['name']);

// This is how we will get the temporary file...
$_FILES['imagefile']['tmp_name'];

$target_path = "users/images/" . $new_file_name;

$target_path = $target_path . basename( $_FILES['imagefile']['name']);
list($width, $height, $type, $attr) = getimagesize( $_FILES['imagefile']['tmp_name']);
if ($width > 65 OR $height > 65){
echo "<h3>Whoa, there</h3><br />Your dimensions are too big. They need to be 65px x 65px. <a href=\"javascript:history.go(-1)\">Go back</a> and try again.";
footer(); exit();}



if(move_uploaded_file($_FILES['imagefile']['tmp_name'], $target_path)) {
  echo "The file ". basename( $_FILES['imagefile']['name']). " has been uploaded<br />
<h3>Your new profile picture</h3>
<br /><div align=\"center\"><img src=\"".$target_path."\"alt=\"$_SESSION[username]\" style=\"padding: 3px; border: 1px solid #6a7f92;\" /></div>
<p><div align=\"center\"><a href=\"view_profile.php\">view your profile</a> | <a href=\"edit_profile.php\">edit your profile</a></div>
</p>";
$image = $target_path ;


if($row['profile_pic'] == "images/guest_pic.gif"){
echo "";
}
elseif
(file_exists($old_pic)) {
  unlink($old_pic);
print("");
} else {
  print("");
}

$sql = @mysql_query("UPDATE members SET profile_pic='$image' WHERE member_id='$_SESSION[member_id]'");
  if(!$sql){
      echo "Error inserting your information into MySQL: ".mysql_error();
  }
} else{
    echo "There was an error uploading the file, please try again!";
}

}elseif

($_FILES['imagefile']['type'] == "image/jpeg"){

// random 4 digit to add to our file name
// some people use date and time in stead of random digit
$random_digit=rand(00000,99999);

//combine random digit to you file name to create new file name
//use dot (.) to combile these two variables

$new_file_name=$random_digit . "_" . $_SESSION[username] . "_";
// Where the file is going to be placed
$target_path = "users/images/" . $new_file_name;

/* Add the original filename to our target path. Result is "uploads/filename.extension" */
$target_path = $target_path . basename( $_FILES['imagefile']['name']);

// This is how we will get the temporary file...
$_FILES['imagefile']['tmp_name'];

$target_path = "users/images/" . $new_file_name;

$target_path = $target_path . basename( $_FILES['imagefile']['name']);
list($width, $height, $type, $attr) = getimagesize( $_FILES['imagefile']['tmp_name']);
if ($width > 65 OR $height > 65){
echo "<h3>Whoa, there</h3><br />Your dimensions are too big. They need to be 65px x 65px. <a href=\"javascript:history.go(-1)\">Go back</a> and try again.";
footer(); exit();}



if(move_uploaded_file($_FILES['imagefile']['tmp_name'], $target_path)) {
  echo "The file ". basename( $_FILES['imagefile']['name']). " has been uploaded<br />
<h3>Your new profile picture</h3>
<br /><div align=\"center\"><img src=\"".$target_path."\"alt=\"$_SESSION[username]\" style=\"padding: 3px; border: 1px solid #6a7f92;\" /></div>
<p><div align=\"center\"><a href=\"view_profile.php\">view your profile</a> | <a href=\"edit_profile.php\">edit your profile</a></div>
</p>";
$image = $target_path ;

if($row['profile_pic'] == "images/guest_pic.gif"){
echo "";
}
elseif
(file_exists($old_pic)) {
  unlink($old_pic);
print("");
} else {
  print("");
}


$sql = @mysql_query("UPDATE members SET profile_pic='$image' WHERE member_id='$_SESSION[member_id]'");
  if(!$sql){
      echo "Error inserting your information into MySQL: ".mysql_error();
  }
} else{
    echo "There was an error uploading the file, please try again!";
}



} else {

echo "<h3>Sorry</h3><br /> we only accept .gif and .jpg profile pictures. <a href=\"javascript:history.go(-1)\">Go back</a> and try a different image.";
}

[/code]

Share this post


Link to post
Share on other sites
reading user notes on php.net helps..

[code]<?php
session_start();
$old_sess = $_SESSION;
if (isset($_COOKIE[session_name()])) setcookie(session_name(), '', time()-999, '/');
session_destroy();
session_start();
$_SESSION = $old_sess;
?>[/code]

Share this post


Link to post
Share on other sites
Sorry, I'm having trouble getting that to work.

This is what my session looks like
[code]
<?php

session_start();
session_name('IndieThreads');
header("Cache-control: private"); // Fix for IE

?>
[/code]

Do I put that code in there or on my layout.php page or my picture upload page?

Share this post


Link to post
Share on other sites
You want to call session_name() before you call session_start() by the way.

[code]<?php
session_name('IndieThreads');
session_start();
$old_sess = $_SESSION;
if (isset($_COOKIE[session_name()])) setcookie(session_name(), '', time()-999, '/');
session_destroy();
session_start();
$_SESSION = $old_sess;
?>[/code]

Share this post


Link to post
Share on other sites
Okay, I tried that but now it's just killing all of my information.

When I log in it takes me to my welcome page but if I try to go anywhere from there it takes me back to the login page.

This is my login funtion. Do I need to change something in there as well?
[code]
function login_check(){
    if($_SESSION['login'] != TRUE){
      myheader("Login Required!");
      include $_SERVER['DOCUMENT_ROOT'].
              '/html/forms/login_form.html';
      footer();
      exit();
  }
}[/code]

Share this post


Link to post
Share on other sites
what happens when you just set the session to the new value?

$_SESSION['val'] = "newValue";

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.