Session variable in a while loop

[Jvinciliond]

I need to be able to pull an ID on a separate page depending on which row is selected. The while loop will show all the rows I need, but it overwrites the session variable each time. Is there a way to pull the ID with out sending it through the URL using get? I'd rather not do it that way for security reasons.

[jazzman1]

I am not sure what exactly you wanna achieve, but when we're talking about php, mysql, apache, etc... it's always good idea to provide us some sample of your code.

 

Anyways......you could pass an url by global get variable like a daemon using a shell_exec() function for that example, make sure that you have installed php-cgi module.

 

Let's say we have two different files,

 

index.php

<?php

############ MYSQL DATABASE SCRIPTS #############

$id = $_SESSION['id']; // the id to this particular session

//executing the GET['id'] by terminal 
echo shell_exec("php-cgi -f /var/www/html/test/debug.php id=$id");

debug.php

<?php

// get user's information selected by array id
$blogPosts = array(
    
    1 => array(
        
        'date'      => '2011-03-29',
        'author'    => 'jazzman',
        'title'     => 'phpfeaks',
        'body'      => 'some content',
    ),
    2 => array(
        
        'date'      => '2011-03-29',
        'author'    => 'mac_gyver',
        'title'     => 'phpfeaks',
        'body'      => 'some beautiful content',
    ),
);


echo '<pre>'.print_r($blogPosts[$_GET['id']], true).'</pre>';

Results:

 

Array(    [date] => 2011-03-29    [author] => jazzman    [title] => phpfeaks    [body] => some content)

Edited May 18, 2013 by jazzman1

[Jvinciliond]

Thanks for the response Jazzman1! I appreciate it! In regard to pasting in code, I did not think it would be necessary considering what I was asking. 

 

This page is users.php

<section>
		<p><a href="new_user.php">Add User</a></a>
	</section>
	<?php
	while ($row = mysql_fetch_assoc($query)){
		$id_school = $row['id_school'];
		$_SESSION['user'] = $row['id_user'];
		$school_query = mysql_query("SELECT name FROM schools WHERE id_school='$id_school'");
		$school = mysql_fetch_assoc($school_query);
	?>
			<section style="width:100%; padding:10px; background:#FFF8DC; border:1px solid #666;">
			<h3><a href="#"><?php echo $row['name']. " " . $row['last'];?></a></h3>
			<ul>
				<li>Username: <strong><?php echo $row['username']; ?></strong> </li>
				<li>Email: <strong><?php echo $row['email']; ?> </strong></li>
				<li>Details: 
					<p><?php echo $row['description'] ?></p>
				</li>
				<li>Privilege Set: <strong><?php echo $row['usergroup'] ?></strong></li>
				
				<li>Associated School: <strong><?php echo $school['name'] ?></strong></li>
			</ul>		
			<p class="button"><a href="user_details.php"> Edit User </a></p>
			</section>

This page is user_details.php

$id = $_SESSION['user'];

$query = mysql_query("SELECT username, name, email, id_user, school, usergroup, description FROM users WHERE id_user='$id'");
$row =  mysql_fetch_array($query) or die(mysql_error());

The $_SESSION['user']; only returns the ID from the last row in users.php. I need it to store the ID of the user I click to show details.

 

The details page will allow a user to edit information for the user they choose. 

 

I know why it's only showing the last ID, and that is because the variable gets overwritten each iteration of the loop. I don't want to pass the ID in the URL, because then someone could just change the number and view users they are not authorized to view. 

 

Again, thank you for the help!

[Jessica]

I don't want to pass the ID in the URL, because then someone could just change the number and view users they are not authorized to view.

No, your code should prevent them from doing that.

[Jvinciliond]

Jessica:

 

Thanks you for your response. I guess I'll have to do it that way. I'll just have to add some more code I guess, lol.