Jump to content

cross log in issue


sofia403

Recommended Posts

Hi, I have two login tables for visitors, different login scripts for both

 

Table1 - Username1

 

Table2 - Username2

 

If i login with username1 and then login with username2 without loginout either of them, and if i do a refresh of the page of Username1 i will get transfered to Username2 page (without all the information field, but with all the table names )

 

Basically the previous username gets transfered to the new one that i sign in with even though they in different tables. What is causing this and how can i prevent this? Does that makes sence? I can provide additional information if needed.

 

Oh i also should add - its only an issue if i use same computer to login to different accounts, it works as it suppose to if i use different computers.

 

Thank you.

Link to comment
Share on other sites

sounds like a cookie or session issue.

 

I betting on something like this simplified example:

 

1. user logs in

2. a session variable is created (or a cookie) with username="john doe", and another one with login="ok" (or something of the sorts)

3. every time a page is accessed (or refreshed), the code looks at the 'login' variable to see if there's a user logged in (login="ok")

4. the the page grabs the username and uses that to get the rest of the information on the user.

 

if you use the same browser (if it works fine on 2 different computers, it will work fine on 2 different browsers) to login again, the variable that holds the username is overwritten. this is basically bad design, as the login page should detect if a user is already logged in, and force a logout before allowing another one. Of course it is possible to create a system that allows multiple logins, but why? two people cannot use the same computer at the same time. Even facebook, google, etc.. will not allow you to login with 2 seperate accounts at the same time on the same computer (same browser).

 

hope this helps

Link to comment
Share on other sites

I guess im worried since i have different logins on a website. the way it works now i have several tables and each has unique user name and password so if user will create 2 accounts for 2 separate tables and then log in from same browser that will overwrite one of his sessions.

Link to comment
Share on other sites

that sounds like a case of bad database design.

 

From what I understand, you have (lets say 2) two different pages, that show 2 different things, and you have 1 user that has access to page 1, and a different user that has access to page 2. (correct me if I'm wrong)

 

you should only have one users table, and a set of permissions for each user. then you can specifically say:

 

user xxxx can access page 1

user yyyy can access page 2

user zzzz can access page1 and page 2

 

 

Link to comment
Share on other sites

that makes sence and yes you exactly right thats how i have it. thats my first time designing this kinda stuff so im still learning along the way. lol.

 

so if i would want to have 2 separate pages that show 2 separate things i can store all my user information in 3rd table and grant permissions which table they can access?

Link to comment
Share on other sites

ok, imagine something like this: (this is a very basic example)

 

user table: `id`,`username`,`password`,`permissions` with the following values ('1','John Doe', 'xxxxx','NYNN')

you also grab his permissions. You'll have a variable with the values NYNN

 

At the top of each page you set a pageID number that refers directly to the position on the letters in your permissions field. (remember, first letter is position 0 and not 1)

then you check the session variable (or cookie if you stored the info there) to see if that user can access the page he's on:

session_start();
$pageID = 1;
if($_SESSION['permissions'][$pageID] == 'Y'){
  // ok to proceed
}else{
  // permission denied: show error or redirect
}

 

of course, there are much better and efficient ways to do this, but they  would be hard to explain here.

 

hope this helps

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.