SoulAssassin Posted May 16, 2007 Share Posted May 16, 2007 Firstly I have to apologize if this sounds a little confusing. When the Admin signs in, a Session gets created to hold it's user info, and echo it on every page. <? $_SESSION['user_name'] = $row['user_name']; $_SESSION['level'] = $row["user_level"]; $_SESSION['com_usercode'] = $row['com_usercode']; $_SESSION['user_email'] = $row['user_email']; $_SESSION['user_tel'] = $row['user_tel']; $_SESSION['user_date'] = $row['date']; ?> It works fine on every page until the Admin needs to change another user's detail. These Users have got the same fields as the Admin User, so when the edit form gets submitted, the $_POST somehow replaces the $_SESSION. Which means that all fields that's been changed, now echo the $_POST value of the user who's detail has been changed, instead of the original Admin user's SESSION information. It only happens once Admin chooses another user to edit. I need to know why this happen, or if it's something I'm doing wrong. Here's a shortened version of my page. users.php <? session_start(); include "config.php"; $adminuser = $_SESSION['user_name']; $adminlevel = $_SESSION['level']; $admincom_usercode = $_SESSION['com_usercode']; $adminuser_date = $_SESSION['user_date']; $adminuser_email = $_SESSION['user_email']; $adminuser_tel = $_SESSION['user_tel']; if(isset($_POST['Amend'])) { //The only 2 field who gets edited, and who's values replace the $_SESSION $userid = $_POST['userid']; $user_email = $_POST['user_email']; $user_tel = $_POST['user_tel']; $result = mysql_query("Update login_table set user_email='$user_email', user_tel='$user_tel' where userid=".$_POST['userid']); if ($result) { echo "User updated<br>"; $edit = ""; } } if ($order == "") {$order = "userid";} $list = mysql_query("Select * from login_table WHERE com_usercode='$admincom_usercode' ORDER BY '$order'",$con); $num = mysql_num_rows($list); $n = 0; ?> Admin Detail: <? echo "Username - $adminuser"; ?> <br> <? echo "Login Level - $adminlevel"; ?> <br> <? echo "Company Code - $admincom_usercode"; ?> <br> <? echo "E-Mail Address - $adminuser_email"; // After form has been submited, $_POST replace this field ?> <br> <? echo "Telephone Number - $adminuser_tel"; // After form has been submited, $_POST replace this field ?> <br> <? echo "Registered Date - $adminuser_date"; ?> <br> User Information: <table width="100%" border="0"> <tr> <td width="5%"><a href="users.php?order=userid">ID</a></td> <td width="16%"><a href="users.php?order=user_name">User Name</a></td> <td width="8%"><a href="users.php?order=user_level">Level</a></td> <td width="18%"><a href="users.php?order=user_email">E-Mail</a></td> <td width="17%"><a href="users.php?order=user_tel">Tel</a></td> <td width="14%"><a href="users.php?order=user_ip">User IP</a></td> <td width="22%"><a href="users.php?order=date">Date Registered</a></td> </tr> <? while($row = mysql_fetch_array($list, MYSQL_ASSOC)) { $n++; ?> <tr> <td width="5%"><? echo $row['userid']; ?></td> <td width="16%"> <? if($row['userid'] > "1") { ?> <a href="users.php?edit=<? echo $row['userid']; ?>"><? echo $row['user_name']; ?></a> <? } else { echo $row['user_name']; } ?> </td> <td width="8%"><? echo $row['user_level']; ?></td> <td width="18%"><? echo $row['user_email']; ?></td> <td width="17%"><? echo $row['user_tel']; ?></td> <td width="14%"><? echo $row['user_ip']; ?></td> <td width="22%"><? echo $row['date']; ?></td> </tr> <? } ?> </table> <? if ($edit) { $result = mysql_query("Select * from login_table WHERE userid = '$edit'",$con); $row = mysql_fetch_array($result); ?> <br/> <form name="form" method="post" action=""> Edit User: <table width="43%"> <tr> <td width="21%">User Name</td> <td width="43%">E-Mail</td> <td width="36%">Tel</td> </tr> <tr> <td><? echo $row['user_name'];?></td> <td><input type="user_email" name="user_email" value="<? echo $row['user_email']; ?>"></td> <td><input type="user_tel" name="user_tel" value="<? echo $row['user_tel']; ?>"></td> </tr> </table> <input type="hidden" name="userid" value="<? echo $row['userid'];?>"> <input type="Submit" name="Amend" value="Update"> </form> <? } ?> When I echo session_id(); it shows the encrypted filename of the Session. Thought it might be something in my php.ini file, but I can't see anything wrong: session.save_handler = files session.save_path = c:/apache/tmp session.use_cookies = 1 session.name = PHPSESSID session.auto_start = 0 session.cookie_lifetime = 0 session.cookie_path = / session.cookie_domain = session.serialize_handler = php session.gc_probability = 1 session.gc_maxlifetime = 1440 session.referer_check = session.entropy_length = 0 session.entropy_file = session.cache_limiter = nocache session.cache_expire = 180 session.use_trans_sid = 1 Please guys, any suggestions? Thanks Quote Link to comment https://forums.phpfreaks.com/topic/51645-confused-_session/ Share on other sites More sharing options...
SoulAssassin Posted May 16, 2007 Author Share Posted May 16, 2007 Could it have something to do with the fact the page runs XHTML? <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> Quote Link to comment https://forums.phpfreaks.com/topic/51645-confused-_session/#findComment-254430 Share on other sites More sharing options...
MadTechie Posted May 16, 2007 Share Posted May 16, 2007 you need to look at the routines that set the sessions.. the code you have shown doesn't have that bug in (from what i can see) Quote Link to comment https://forums.phpfreaks.com/topic/51645-confused-_session/#findComment-254448 Share on other sites More sharing options...
SoulAssassin Posted May 16, 2007 Author Share Posted May 16, 2007 I also can't see anything wrong with it. $_SESSION are working perfect, except for from when the form values $_POST overwrite it. The Sessions are all renamed to avoid this confusion, but it still overwrite it. It's the funniest thing ever. Quote Link to comment https://forums.phpfreaks.com/topic/51645-confused-_session/#findComment-254463 Share on other sites More sharing options...
MadTechie Posted May 16, 2007 Share Posted May 16, 2007 debug tip print_r($_SESSION); die; add to the top of a page check the output them move to the bottom check output if the same move to next page etc etc etc may help!! Quote Link to comment https://forums.phpfreaks.com/topic/51645-confused-_session/#findComment-254468 Share on other sites More sharing options...
SoulAssassin Posted May 16, 2007 Author Share Posted May 16, 2007 Thanks, let me check it out. Quote Link to comment https://forums.phpfreaks.com/topic/51645-confused-_session/#findComment-254470 Share on other sites More sharing options...
SoulAssassin Posted May 17, 2007 Author Share Posted May 17, 2007 I've done that, and it most definitely changes the Session after form has been posted, and a new user selected for edit. Ok, I'm now posting print screens, maybe it makes more sense I'm printing it with the print_r($_SESSION);, so you guys can see the real session values. This is when I land on the page. The Sessions are all correct. Selected User1 for edit, and change tel. When for POST, see how the Session changes in the print, but on the left, the Session still shows correctly. When Selecting Use2 for edit, see how the Session on left also changes I've been sitting with this problem for 3 days, and it's delaying development. Can someone please check the process sequence, and maybe suggest another place to define my Sessions, or a different method of storing it? I'm obviously over complicating it in my own head. Thanks Quote Link to comment https://forums.phpfreaks.com/topic/51645-confused-_session/#findComment-255177 Share on other sites More sharing options...
kenrbnsn Posted May 17, 2007 Share Posted May 17, 2007 Is register_globals turned on? If it is, this can do strange and unexpected things to sessions variables. Ken Quote Link to comment https://forums.phpfreaks.com/topic/51645-confused-_session/#findComment-255266 Share on other sites More sharing options...
SoulAssassin Posted May 18, 2007 Author Share Posted May 18, 2007 I have tried it now with register globals on and off. the problem lies here: <? $adminid = $_SESSION['userid']; $adminuser = $_SESSION['user_name']; $adminuser_email = $_SESSION['user_email']; $adminuser_tel = $_SESSION['user_tel']; if(isset($_POST['Amend'])) { $userid = $_POST['userid']; $user_name = $_POST['user_name']; $user_email = $_POST['user_email']; $user_tel = $_POST['user_tel']; echo "user name - $user_name"; echo "<br>"; echo "admin name - $adminuser"; echo "<br>"; echo "<br>"; echo "$user e-mail - $user_email"; echo "<br>"; echo "admin e-mail - $adminuser_email"; echo "<br>"; echo "<br>"; echo "user tel - $user_tel"; echo "<br>"; echo "admin tel - $adminuser_tel"; echo "<br>"; } ?> <form name="form" method="post" action=""> Edit User: <table> <tr> <td width="11%">User Name</td> <td width="23%">Password</td> <td width="22%">E-Mail</td> <td width="20%">Tel</td> </tr> <tr> <td><strong><? echo $row['user_name'];?></strong></td> <td><input type="user_pass" name="user_pass" value=""></td> <td><input type="user_email" name="user_email" value="<? echo $row['user_email']; ?>"></td> <td><input type="user_tel" name="user_tel" value="<? echo $row['user_tel']; ?>"></td> </tr> </table> <input type="hidden" name="user_name" value="<? echo $row['user_name'];?>"> <input type="hidden" name="userid" value="<? echo $row['userid'];?>"> <input type="Submit" name="Amend" value="Update"> </form> How does it happen that $adminuser_email ends up being the same as $user_email ? It happens with all the fields. Quote Link to comment https://forums.phpfreaks.com/topic/51645-confused-_session/#findComment-256200 Share on other sites More sharing options...
MadTechie Posted May 18, 2007 Share Posted May 18, 2007 you need to look at the routines that set the sessions.. the code you have shown doesn't have that bug in (from what i can see) Quote Link to comment https://forums.phpfreaks.com/topic/51645-confused-_session/#findComment-256202 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.