Jump to content

Recommended Posts

I am getting this warning

 

Notice: Undefined index: 5 in C:\Apache\htdocs\OB\php\userfuncs.php on line 448

 

which refers to this section

// if there is no match for any session, return false so session is destroyed
foreach($session_array as $key) {
if(strcmp($key, $items[$key]) != 0) {
	return false;
}
}

 

What is causing this warning?  Do i need to wrap that code above in an if statement so it's only called if a session is registered>  I can disable warnings as it works fine but i don't know the best way to make this code work as it should without warnings.

 

Here is the whole code

 

/**
  * This function is called by the checkLogin function
  * It connects to the datanase and gets the record with the users credentials in it.
  * It then creates 2 arrays, 1 for the database record and the other for the session.
  * it then compares each array with the other to see if there is a match.
  * If there is a match then everything is fine.  if not someone has been tampering with the cookie so return false
  **/
$items = array();
while ($row = $result->fetch()) {
	$items = array(
		'user_id' => $row['userid'],
		'username' => $row['username'],
		'email' => $row['email'],
		'user_level' => $row['user_level'],	
		'encrypted_id' => md5($row['userid']),
		'encrypted_name' => md5($row['username']),
		'encrypted_email' => md5($row['email']),
		'encrypted_user' => md5($row['user_level'])
		);
}
$session_array = array(
	$_SESSION['userid'],
	$_SESSION['username'],
	$_SESSION['email'],
	$_SESSION['user_level'],
	$_SESSION['encrypted_id'],
	$_SESSION['encrypted_name'],
	$_SESSION['encrypted_email'],
	$_SESSION['encrypted_user']
);

// if there is no match for any session, return false so session is destroyed
foreach($session_array as $key) {
	if(strcmp($key, $items[$key]) != 0) {
		return false;
	}
}

You should only add the session keys to $session_array not the session values

$session_array = array('userid', 'username', 'email', 'user_level', 'encrypted_id', 'encrypted_name', 'encrypted_email', 'encrypted_user');

 

Then your foreach loop should be

foreach($session_array as $key) {
	if(strcmp($_SESSION[$key], $items[$key]) != 0) {
		return false;
	}
}

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.