session variable - strange thing happening

[scmeeker]

When signed in as a user, the username shows up on the top right page.  Then, if I click a particular product of another user it changes the session variable to that of the other user.  Why would this happen?  It's really odd.

 

[PaulRyan]

Hello Scmeeker.

 

It would be beneficial if you could post some the code that you are working with, it makes finding a solution much simpler...

 

Off the top of my head, I'd say when you are viewing the other user's product, you are over-writing the session variable...it's a simple error such as not checking the variable is already set, or resetting it on the other users product page.

 

Regards, Paul.

[scmeeker]

Here is the code on the product page. It's from this page if a link is clicked on this link form the large code listed below, it changes the session id to the seller.

 

<?php echo $display_block = "<a href=\"artist_store.php?username=".$item_username."&id=".$item_id."&title=".$item_title."\"><img src=\"image_files/artist_store_button.gif\" width=\"180\" height=\"43\" border=\"0\" /></a>" ?>

 

Here is the full code for the item page.

 

<?php
session_start(); ?>

<?php


include('web_connect.php');



$result2 = mysql_query("SELECT date, image_upload_box FROM artist WHERE username = '".$_GET["username"]."'")
or die(mysql_error());
if (mysql_num_rows($result2) < 1) {
   //invalid item
   $display_block .= "<p><em>Invalid item selection.</em></p>";
   
   } else {
   //valid item, get info
   while ($items = mysql_fetch_array($result2)) {
   $artist_date = date('M d Y', strtotime($items['date']));
   $artist_avatar = $items['image_upload_box'];
   }
   }


$result = mysql_query("SELECT inactive, username FROM product WHERE inactive = 1 AND id = '".$_GET["id"]."'")
or die(mysql_error());

if (mysql_num_rows($result) == 1)
{
header("location:error_page.php");
}
else
{


//validate item
$get_item_sql = mysql_query("SELECT c.cat_id, c.cat_title, p.id, p.title, ROUND(p.price,2) AS price, p.image_upload_box, p.username, p.description, ROUND(p.shipping_cost,2) AS shipping_cost, p.ship_to, p.international, p.in_location, ROUND(p.in_shipping,2) AS in_shipping, p.form_of_payment, p.country, p.city, p.state, p.inactive FROM product AS p LEFT JOIN category AS c on c.cat_id = p.cat_id WHERE p.inactive IS NULL AND id = '".$_GET["id"]."'")
or die(mysql_error());

if (mysql_num_rows($get_item_sql) < 1) {
   //invalid item
   $display_block .= "<p><em>Invalid item selection.</em></p>";
   
   } else {
   //valid item, get info
   while ($item_info = mysql_fetch_array($get_item_sql)) {
   $item_url = "artist_store.php?username={$items_info['username']}";
   $item_url2 = "items3.php?id=".$_GET['id']."=username=".$item_username."";  
     $cat_id = $item_info['cat_id'];
   $cat_title = strtoupper(stripslashes($item_info['cat_title']));
   $item_title = stripslashes($item_info['title']);
   $item_price = $item_info['price'];
   $item_image = $item_info['image_upload_box'];
   $item_username = $item_info['username'];
   $item_description = $item_info['description'];
   $item_shipping_cost = $item_info['shipping_cost'];
   $item_form_of_payment = $item_info['form_of_payment'];
   $item_country = $item_info['country'];
   $item_city = $item_info['city'];
   $item_state = $item_info['state'];
   $item_id = $item_info['id'];
   $item_inactive = $item_info['inactive'];
   $item_ship_to = $item_info['ship_to'];
   $item_international = $item_info['international'];
   $item_in_location = $item_info['in_location'];
   $item_in_shipping = $item_info['in_shipping'];

   $content .= "";
   
  
}
     list($width) = getimagesize("image_files/{$item_image}");
  // set the maximum width of the image here
  $maxWidth = 500;
  if ($width > $maxWidth)
  
   //make breadcrumb trail
   $display_block .= "<p><strong><em>You are viewing:</em><br/>
   <a href=\"listtest6.php?cat_id=".$cat_id."\">".$cat_title."</a> > ".$item_title."</strong></p>
   <table cellpadding=\"3\" cellspacing=\"3\">
   <tr>";
   $display_block .= "<td valign=\"middle\" align=\"center\"><img alt=\"Image\" width=\"{$maxWidth}\" src=\"image_files/{$item_image}\" /></td>
   <td valign=\"middle\"><p><strong>Price:</strong> \$".$item_price."</p>";
   
   if ($item_inactive == 1){
   echo "Error, item is no longer active!";
   }

    //free result
   mysql_free_result($get_item_sql);

}
}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>S Gallery Online - Contemporary Art</title>
<link href="styles/sgallery2.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
a:link {
color: #09C;
text-decoration: none;
}
a:visited {
text-decoration: none;
color: #09C;
}
a:hover {
text-decoration: underline;
}
a:active {
text-decoration: none;
}
-->
</style></head>
<div align="center">
<body>


<div class="mainbody">
  <div class="header1">   <?php include('header.php'); ?>
</div>
  <div class="storeitemsleft">
  <br />
  <?php echo $display_block = "<span class=breadcrumb><a href=\"index.php?cat_id=".$cat_id."\">HOME</a> > ".$item_title."</span>" ?><br />
<br />
<?php echo $display_block = "<span class=originalarttitle>".$item_title."</span>" ?><br />
<br />
<?php echo $display_block = "<img alt=\"{$item_title}\" width=\"{$maxWidth}\" src=\"image_files/{$item_image}\" />" ?><br />
<br />
<br />
<br />
<table width="500" height="510" border="0" bgcolor="#d0dfe2" cellpadding="10">
  <tr>
    <td class="storeheaderfont">Item Description</td>
  </tr>
  <tr>
    <td valign="top" class="blackfont"><?php echo $item_description ?></td>
  </tr>
  <tr>
    <td class="storeheaderfont">Shipping Costs</td>
  </tr>
  <tr>
    <td valign="top" class="anotherfont">Ship To:   <?php echo $display_block = "<span class=blackfont>".$item_ship_to."</span>" ?>  <?php echo $display_block = "<span class=blackfont>\$".$item_shipping_cost."</span>" ?><br /><br />
Ship Internationally?:   <?php echo $display_block = "<span class=blackfont>".$item_in_location."</span>" ?>  <?php echo $display_block = "<span class=blackfont>\$".$item_in_shipping."</span>" ?></td>
  </tr>
  <tr>
    <td class="storeheaderfont">Payment:</td>
  </tr>
<tr>
    <td valign="top" class="blackfont"><?php echo $item_form_of_payment ?></td>
  </tr>
<tr>
    <td><img src="paypal_logo.gif"  /></td>
  </tr>

</table>
  </div>
  <div class="storeright"><br />
<br />
<br /><br />


<table width="250" border="0"  cellpadding="10">
  <tr>
    <td><br />
<?php echo $display_block = "\$".$item_price."" ?> USD<br />
<br />
<?php echo "<a href=\"commit_to_buy.php?username=$user_session&id=$item_id\"><img src=\"buy_now_button.gif\" width=\"144\" height=\"43\" border=\"0\" /></a>" ?>
<br />
<br />

  <?php echo "<img src=\"image_files/$artist_avatar\" width=\"50\" height=\"50\" />" ?><br /><br />

<span class="submissionfont"><?php echo $display_block = "$item_username" ?></span><br />
<br />
<span class="submissionfont"># of views: <?php include('counter1.php');  ?></span><br /><br />

<?php include('rate_calculate.php');  ?><br /><br />

<span class="submissionfont">Product Location:</span><br />

<span class="submissionfont"><?php echo $display_block = "$item_city, $item_state - $item_country" ?></span><br /><br />

<span class="submissionfont">Member since: <?php echo $display_block = "$artist_date" ?></span><br /><br />

<?php echo $display_block = "<a href=\"artist_store.php?username=".$item_username."&id=".$item_id."&title=".$item_title."\"><img src=\"image_files/artist_store_button.gif\" width=\"180\" height=\"43\" border=\"0\" /></a>" ?> <br />

<?php echo $display_block = "<a href=\"artist_profile.php?username=".$item_username."&id=".$item_id."&title=".$item_title."\"><img src=\"image_files/artist_policy_button.gif\" width=\"180\" height=\"43\" border=\"0\" /></a>" ?>
<br />

<?php echo $display_block = "<a href=\"artist_policies.php?username=".$item_username."&id=".$item_id."&title=".$item_title."\"><img src=\"image_files/store_policy_button.gif\" width=\"180\" height=\"43\" border=\"0\" /></a>" ?><br />

<?php echo $display_block = "<a href=\"contact_artist.php?id=".$item_id."\"><img src=\"image_files/contact_artist_button.gif\" width=\"180\" height=\"43\" border=\"0\" /></a>" ?><br />

<?php echo $display_block = "<a href=\"favorites.php?username=".$item_username."&id=".$item_id."&title=".$item_title."\"><img src=\"image_files/favorites_button.gif\" width=\"180\" height=\"43\" border=\"0\" /></a>" ?>

<br /> </td>
  </tr>
</table>
<br />

<br />
</div>
<div class="footergallery"><?php include('footer.php'); ?>

[nethnet]

I quickly looked through your code and didn't see any place where a $_SESSION variable is being declared or changed.  Correct me if I'm wrong on that.

 

Post the code where you declare your session variables, in particular the username.  I'm assuming it is located in your header.php file.

[scmeeker]

Sorry, here is that code:

 

<a href="index.php"><img src="Logo.gif" width="200" height="75" border="0" /></a>       <a href="join.php">Join</a>    <a href="sell.php">Sell</a>    <a href="the_hub.php">The Hub</a>    <a href="about.php">About</a>    <a href="faq.php">FAQ</a>    <a href="user_login.php">LOGIN</a>    
  <?php echo $display_block = "<a href=\"sign_in.php?username=".$_SESSION['username']."\"><strong>My sGallery</strong></a>" ?>   <?php if (isset($_SESSION['username']) && $_SESSION['username'] == $_SESSION['username']) { echo 'Welcome:';} ?>  
  <span class="orangefont"><?php echo $_SESSION['username'] ?></span>    <?php if (isset($_SESSION['username']) && $_SESSION['username'] == $_SESSION['username']) {
      echo "<a href=\"logout.php\" class=\"submissionfont\">logout </a>";} ?>

[PFMaBiSmAd]

This problem smells of register_globals being on (your $_GET['username'] sets your $_SESSION['usrename'] variable.)

 

What does a phpinfo(); statement show for the register_globals setting?