sofia403 Posted June 10, 2011 Share Posted June 10, 2011 Hi, I have two login tables for visitors, different login scripts for both Table1 - Username1 Table2 - Username2 If i login with username1 and then login with username2 without loginout either of them, and if i do a refresh of the page of Username1 i will get transfered to Username2 page (without all the information field, but with all the table names ) Basically the previous username gets transfered to the new one that i sign in with even though they in different tables. What is causing this and how can i prevent this? Does that makes sence? I can provide additional information if needed. Oh i also should add - its only an issue if i use same computer to login to different accounts, it works as it suppose to if i use different computers. Thank you. Quote Link to comment Share on other sites More sharing options...
sofia403 Posted June 10, 2011 Author Share Posted June 10, 2011 could that be a cookie issue? Quote Link to comment Share on other sites More sharing options...
WebStyles Posted June 11, 2011 Share Posted June 11, 2011 sounds like a cookie or session issue. I betting on something like this simplified example: 1. user logs in 2. a session variable is created (or a cookie) with username="john doe", and another one with login="ok" (or something of the sorts) 3. every time a page is accessed (or refreshed), the code looks at the 'login' variable to see if there's a user logged in (login="ok") 4. the the page grabs the username and uses that to get the rest of the information on the user. if you use the same browser (if it works fine on 2 different computers, it will work fine on 2 different browsers) to login again, the variable that holds the username is overwritten. this is basically bad design, as the login page should detect if a user is already logged in, and force a logout before allowing another one. Of course it is possible to create a system that allows multiple logins, but why? two people cannot use the same computer at the same time. Even facebook, google, etc.. will not allow you to login with 2 seperate accounts at the same time on the same computer (same browser). hope this helps Quote Link to comment Share on other sites More sharing options...
sofia403 Posted June 11, 2011 Author Share Posted June 11, 2011 So can i changed the cookie name by adding session id along with it or something, or i can leave it the way it is? and yes its happening only with same browser. same computer and different browser works no problem. Quote Link to comment Share on other sites More sharing options...
WebStyles Posted June 11, 2011 Share Posted June 11, 2011 It depends, do you really need to login with 2 different users from the same machine? (even now that you know you can use 2 different browser to get the job done?) Quote Link to comment Share on other sites More sharing options...
sofia403 Posted June 11, 2011 Author Share Posted June 11, 2011 I guess im worried since i have different logins on a website. the way it works now i have several tables and each has unique user name and password so if user will create 2 accounts for 2 separate tables and then log in from same browser that will overwrite one of his sessions. Quote Link to comment Share on other sites More sharing options...
WebStyles Posted June 11, 2011 Share Posted June 11, 2011 that sounds like a case of bad database design. From what I understand, you have (lets say 2) two different pages, that show 2 different things, and you have 1 user that has access to page 1, and a different user that has access to page 2. (correct me if I'm wrong) you should only have one users table, and a set of permissions for each user. then you can specifically say: user xxxx can access page 1 user yyyy can access page 2 user zzzz can access page1 and page 2 Quote Link to comment Share on other sites More sharing options...
sofia403 Posted June 11, 2011 Author Share Posted June 11, 2011 that makes sence and yes you exactly right thats how i have it. thats my first time designing this kinda stuff so im still learning along the way. lol. so if i would want to have 2 separate pages that show 2 separate things i can store all my user information in 3rd table and grant permissions which table they can access? Quote Link to comment Share on other sites More sharing options...
WebStyles Posted June 11, 2011 Share Posted June 11, 2011 ok, imagine something like this: (this is a very basic example) user table: `id`,`username`,`password`,`permissions` with the following values ('1','John Doe', 'xxxxx','NYNN') you also grab his permissions. You'll have a variable with the values NYNN At the top of each page you set a pageID number that refers directly to the position on the letters in your permissions field. (remember, first letter is position 0 and not 1) then you check the session variable (or cookie if you stored the info there) to see if that user can access the page he's on: session_start(); $pageID = 1; if($_SESSION['permissions'][$pageID] == 'Y'){ // ok to proceed }else{ // permission denied: show error or redirect } of course, there are much better and efficient ways to do this, but they would be hard to explain here. hope this helps Quote Link to comment Share on other sites More sharing options...
sofia403 Posted June 11, 2011 Author Share Posted June 11, 2011 awesome! thanks, i will try this approach. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.