Strange Database Occurrences

[coolego1]

Hello,

I am working on a new site that is database driven and I am writing all my own scripts.  There are many members on this site, and I have a simple form that allows an administrator to edit their information.  When an admin clicks on the "Add/Edit Member" link, they are brought to a page which interprets its action using GET.  The site tries to get form information from a dropdown and submit button to populate the fields.  Obviously, if a member has just clicked on the link without submitting this form, there will be no form information to get.  Sounds simple, right?

Somehow, if you are logged in as an admin and you click this link for the first time, you are brought to the page with fields filled in based on the session variables for some reason.  Then, if you change the form to edit a different member, the session variables appear to change, which causes the userid and first/last names to change, which is effectively like switching users.  This behavior is unacceptable.  I had it working on my local, but when I moved to remote, it died.  Suggestions?

[Barand]

First guess would be that the application is maybe using session_register() and register_globals is on. Both of which are deprecated.

 

Crystal ball aside, posting some code would help us to help you.

[coolego1]

Alright, here's some code...  It may get a bit lengthy:

 

This is the code for the first 40 lines of the header which is included in all pages.  If the user is not logged in, they are presented with a form on the side of the page to login with.  This code is just the handler for that login form.

<?php session_start() ?>

<?php 
include("functions.php"); 

if ($_POST['login']) {
	echo '<font color="white">LOGGING IN!!!</font>'; // for debugging
	$username = ($_POST['user']);
	$password = ($_POST['password']);
	$error_msg = array();
	if ($username=="") {
		$error_msg[] = "Please Enter a Username";
	}
	if ($password=="") {
		$error_msg[] = "Please Enter a Password";
	}

	if (!$error_msg) {
		$connectid = connsql();
		$userdata = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'", $connectid) or die("Unable to Look Up User");
		$userinfo = mysql_fetch_array($userdata, MYSQL_ASSOC);
		$uid = $userinfo['id'];
		if ($uid <> 0) { // User Exists
			$first = $userinfo['first'];
			$last  = $userinfo['last'];
			$officer1 = $userinfo['officer1'];
			$commhours = $userinfo['commservice'];
			$absences = $userinfo['absences'];
			$_SESSION['uid'] = $uid;
			$_SESSION['officer'] = $officer1;
			$_SESSION['first'] = $first;
			$_SESSION['last'] = $last;
			$_SESSION['commhours'] = $commhours;
			$_SESSION['absences'] = $absences;
		} else {  // Bad User
			$error_msg[] = "Invalid User/Password";
		}
		mysql_close($connectid);
	}
}
?>

 

Inside the page that is acting up, this is the form code.  The "first" and "last" textfields fill themselves, as well as the "$id" value.  This should not happen unless the "editmember" submit is used.

 

	<form name="addmember" action="officer.php?action=addmember&view=editmem" method="POST" style="padding-left:10px;">
		Select a Member to Edit: <select name="memberselect">
			<option value="0">New Member</option>
			<?php
				$connectid = connsql();
				$sql = "SELECT id, first, last FROM users ORDER BY last";
				$userlist = mysql_query($sql, $connectid);
				while ($user = mysql_fetch_array($userlist, MYSQL_ASSOC)) {
					if ($user['id'] == $uid) {
						$selected = "selected";
					} else {
						$selected = "";
					}
					print '<option value="'.$user['id'].'" '.$selected.'>'.$user['first'].' '.$user['last'].'</option>';
				}
			?>
		</select> 
		<input type="submit" name="editmember" id="editmember" value="Edit"><br><br>
		Username: <input type="text" name="username" size="8" maxlength="8" value="<?php print $username ?>"> 
		Password: <input type="password" name="password" size="16" maxlength="16" value="<?php print $password ?>"><br><br>
		First Name: <input type="text" name="first" size="16" maxlength="16" value="<?php print $first ?>">  
		Last Name: <input type="text" name="last" size="16" maxlength="16" value="<?php print $last ?>"><br><br>
		Phone Number: <input type="text" name="phone" size="16" maxlength="16" value="<?php print $phone ?>">  
		Email: <input type="text" name="email" size="16" maxlength="50" value="<?php print $email ?>"><br><br>
		Homeroom: <input type="text" name="homeroom" size="8" maxlength="16" value="<?php print $homeroom ?>">  
		Community Service: <input type="text" name="commservice" size="6" maxlength="8" value="<?php print $commservice ?>"> Hours<br><br>
		Position: <select name="officer1">
			<?php
				$connectid = connsql();
				$sql = "SELECT * FROM officers ORDER BY id";
				$officespace = mysql_query($sql, $connectid);
				while ($office = mysql_fetch_array($officespace, MYSQL_ASSOC)) {
					if ($office['id'] == $officer1) {
						$selected = "selected";
					} else {
						$selected = "";
					}
					print '<option value="'.$office['id'].'" '.$selected.'>'.$office['office'].'</option>';
				}
			?>
		</select>  Inducted: <input type="checkbox" name="inducted" value="1" <?php if ($inducted == 1) { print 'checked'; } ?>><br><br>
		Graduating Year: <input type="text" size="4" maxlength="4" value="<?php print $grad_year ?>">  Absences: <input type="text" size="2" value="<?php print $absences ?>"><br><br>
		Active: <input type="checkbox" name="active" value="1" <?php if ($active == 1) { print 'checked'; } ?>><br><br>
		<input type="hidden" name="id" value="<?php print $uid ?>">
		<input type="submit" name="addmember" value="Add/Edit Member">
                </form>

The forms wouldn't cross with eachother, would they?  It appears that the $_SESSION['first'] $_SESSION['last'] and $_SESSION['id'] are being set by the form inside the page, which is incorrect.  Note that both these forms appear on the same page due to includes.

 

Let me know if you need any more code...

 

Thanks