sessions problem

[graham23s]

Hi GUys,

 

just found a problem with my login, when i login to my site , it displays all my information like it should, but if i view another members profile THEN go back to my control panel i take on there session and see all they're information instead of my own! i dont know what is doing this

 

logincheck.php

 

<?php
  require("includes/db_connection.php");
  
  ## The all important post variables
  $var_username = mysql_real_escape_string(trim($_POST['username']));
  $var_password = mysql_real_escape_string(trim($_POST['password']));
  
  ## blank submission
  if(empty($var_username) || empty($var_password)) {
  
  echo '<div align="center" style="border: 1px solid black;padding:10px; background: yellow; color: #000000; font-size: 14px;"><b>You never filled in both fields, please fill them both in.</b></div><br />';
  exit;	
  
  }
  
  $q = "SELECT `id`,`username`,`password` FROM `users` WHERE `username`='$var_username' AND `password`='$var_password' LIMIT 1";
  $r = mysql_query($q);
  $row = mysql_fetch_array($r);
  
  $any_results = mysql_num_rows($r);
  
  if($any_results != 1) {
  
  echo '<div align="center" style="border: 1px solid black;padding:10px; background: yellow; color: #000000; font-size: 14px;"><b>We can\'t find that username/password combination in the database, please re-check your login details.</b></div><br />';
  exit;	
     
 } else {

  ## update the login timer
  $var_update_time_query = mysql_query("UPDATE `users` SET `last_login` = now() WHERE `username`='$var_username' AND `password`='$var_password'");

  ## There was a result back
  session_start(); 
  $_SESSION['id'] = $row['id'];
  $_SESSION['username'] = $row['username'];
  $_SESSION['loggedin'] = 'yes'; 
  
  ## redirect to members page
  header("Location:myaccount.php"); 

  }
?>

 

sessions.php

 

<?php
session_start(); 
  header("Cache-control: private");
  if($_SESSION['loggedin'] != 'yes') { 
    header("Location: login.php"); 
    exit; 
} 
  ## a variable for easier access
  $var_loggedinuserid = $_SESSION['id'];
  $var_loggedinuser = $_SESSION['username'];
?>

 

the code above is what i use as an include at the top of every page, can anyone see what i have done wrong?

 

thanks guys

 

Graham

[nuxy]

The login script seems fine.

But I doubt the problem lays with the login or sessions script.

 

Can you please post the script that fetches the user's data and displays it.

[graham23s]

sure, it's after visiting this page that everything goes wrong.

 

profile.php

 

<?php
  ## The id of the user in the address bar
  $recipientsid = $_GET['id'];
  
  ## First of all update the profile views
  $var_profileviews = mysql_query("UPDATE `users` SET `profileviews`= profileviews+1 WHERE `id`='$recipientsid'");
  
  ## Get some user details from mysql
  $querydetails = "SELECT * FROM `users` WHERE `id`='$recipientsid'";
  $resultsdetails = mysql_query($querydetails) or die (mysql_error());
  $row = mysql_fetch_array($resultsdetails) or die (mysql_error());
  $username = $row['username'];
  $email = $row['email'];
  $thumb = $row['thumbnail'];
  $yearborn = $row['year'];
  $firstname = $row['fname'];
  $lastname = $row['lname'];
  $gender = $row['gender'];
  $ethnicity = $row['ethnic'];
  $country = $row['country'];
  $haircolor = $row['hair'];
  $eyecolor = $row['eye_c'];
  $build = $row['build'];
  $publicemail = $row['publicemail'];
  
  ## age calculations
  $thisyear = date('Y');
  
  if(empty($yearborn)) {
   
   $profileyear = "<b>N/A</b>";
    
    } else {
  
    $profileyear;
  
  }
   
  ## Year calculation
  $profileyear = $yearborn - $thisyear;
  
  ## Get rid of the - sign
  $profileyear = str_replace("-"," ", $profileyear);
  
  if(empty($yearborn)) {
   
   $profileyear = "<b>N/A</b>";
    
  } 
  
   ## Ternary operators 
  $profilefirstname = (!empty($firstname) ? "$firstname" : "N/A");
   $profilelastname = (!empty($lastname) ? "$lastname" : "N/A");
     $profilegender = (!empty($gender) ? "$gender" : "N/A");
  $profileethnicity = (!empty($ethnicity) ? "$ethnicity" : "N/A");
    $profilecountry = (!empty($country) ? "$country" : "N/A");
       $profilehair = (!empty($haircolor) ? "$haircolor" : "N/A");
       $profileeyes = (!empty($eyecolor) ? "$eyecolor" : "N/A");
      $profilebuild = (!empty($build) ? "$build" : "N/A");
      
     
  ## quick elseif for gender
  if(($gender) == 'M') {
  
  $profilegender = "Male";
  
  } elseif($gender == 'F') {
  
  $profilegender = "Female";  
  
  }
  
  ## Private email
  if($publicemail == 'Yes') {
  
  $profileemail = $email;
  
  } elseif($profileemail == 'No') {
  
  $profileemail = '<i><b>Private</b></i>';
  
  } else {
  
  $profileemail = '<i><b>Private</b></i>';
  
  }
  
  ## Create page layout
  echo ("<table class=\"tables\" align=\"left\" width=\"300\" border=\"0\" cellpadding=\"5\" cellspacing=\"0\">");
  echo ("<tr>");
  echo ("<td colspan=\"2\" class=\"header_boxes\" align=\"center\"><span class=\"prof_head\">$username's Vital Statistics</span></td>");
  echo ("</tr>");
  echo ("<tr>");
  echo ("<td class=\"prof_bgcolor\" align=\"center\">");
  if(empty($thumb)) {
  
  echo ("<img src=\"images/no_headshot_uploaded.bmp\" alt=\"$username\"></td>");
  
  } else {
  
  echo '<img src="thumbs/'.$thumb.'" alt="'.$username.'">';
  
  }
  echo ("</td>");
  echo ("</tr>");
  echo ("<tr>");
  echo ("<td align=\"center\"><b>View My: <a class=\"foot_links\" href=\"\">Photos (0)</a> | <a class=\"foot_links\" href=\"\">Videos (0)</a></b></td>");
  echo ("</tr>");
  echo ("<tr>"); 
  echo ("<td>");
  echo ("<table align=\"left\" width=\"300\" border=\"0\" cellpadding=\"5\" cellspacing=\"0\">");
  echo ("<tr>");
  echo ("<td class=\"prof_bgcolor\" width=\"50%\" align=\"right\">Age:</td><td class=\"prof_bgcolor\" width=\"50%\" align=\"left\"><b>$profileyear</b></td>");
  echo ("</tr>");
  echo ("<tr>");
  echo ("<td bgcolor=\"\" width=\"50%\" align=\"right\">First Name:</td><td width=\"50%\" align=\"left\"><b>$profilefirstname</b></td>");
  echo ("</tr>");
  echo ("<tr>");
  echo ("<td class=\"prof_bgcolor\" width=\"50%\" align=\"right\">Last Name:</td><td class=\"prof_bgcolor\" width=\"50%\" align=\"left\"><b>$profilelastname</b></td>");
  echo ("</tr>");
  echo ("<tr>");
  echo ("<td bgcolor=\"\" width=\"50%\" align=\"right\">Gender:</td><td width=\"50%\" align=\"left\"><b>$profilegender</b></td>");
  echo ("</tr>");
  echo ("<tr>");
  echo ("<td class=\"prof_bgcolor\" width=\"50%\" align=\"right\">Ethnicity:</td><td class=\"prof_bgcolor\" width=\"50%\" align=\"left\"><b>$profileethnicity</b></td>");
  echo ("</tr>");
  echo ("<tr>");
  echo ("<td bgcolor=\"\" width=\"50%\" align=\"right\">Country:</td><td width=\"50%\" align=\"left\"><b>$profilecountry</b></td>");
  echo ("</tr>");
  echo ("<tr>");
  echo ("<td class=\"prof_bgcolor\" width=\"50%\" align=\"right\">Hair Color:</td><td class=\"prof_bgcolor\" width=\"50%\" align=\"left\"><b>$profilehair</b></td>");
  echo ("</tr>");
  echo ("<tr>");
  echo ("<td bgcolor=\"\" width=\"50%\" align=\"right\">Eye Color:</td><td width=\"50%\" align=\"left\"><b>$profileeyes</b></td>");
  echo ("</tr>");
  echo ("<tr>");
  echo ("<td class=\"prof_bgcolor\" width=\"50%\" align=\"right\">Build:</td><td class=\"prof_bgcolor\" width=\"50%\" align=\"left\"><b>$profilebuild</b></td>");
  echo ("</tr>");
  echo ("<tr>");
  echo ("<td width=\"50%\" align=\"right\">E-Mail:</td><td width=\"50%\" align=\"left\"><b>$profileemail</b></td>");
  echo ("</tr>");
  echo ("<tr>");
  echo ("<td class=\"prof_bgcolor\" colspan=\"2\" bgcolor=\"\" width=\"50%\" align=\"center\"><form action=\"sendmessage.php?id=$recipientsid\" method=\"post\"><input type=\"submit\" name=\"sendmessage\" value=\"Contact $username\"></form></td>");
  echo ("</tr>");
  echo ("<tr>");
  echo ("<td class=\"prof_bgcolor\" valign=\"middle\" colspan=\"2\" bgcolor=\"\" width=\"50%\" align=\"center\"><form action=\"sendemail.php?id=$recipientsid\" method=\"post\"><input type=\"submit\" name=\"sendemail\" value=\"E-Mail $username\"></form></td>");
  echo ("</tr>");
  echo ("</table>"); 
  echo ("</td>");
  echo ("</table>");
?>

 

thanks mate

 

Graham

[MadTechie]

search your project for

$_SESSION['id'] = 

, thats where the problem is more likely to be..

also are Register Globals off ? <-- i am guessing their on

[graham23s]

Hi MT,

 

yeah they are on, i'm using a server, can/should they be switched off?

 

Graham

[MadTechie]

Yes.. but i am guessing the problem is because of them..

they cause lots of problems..

 

Just an idea.. change $_SESSION['id'] to $_SESSION['UserLoginID'] everywhere

 

make a backup first

 

now i assume you don't use UserLoginID anywhere

 

BUT: don't set UserLoginID an ANYTHING else ie no $UserLoginID no $_COOKE['UserLoginID'] no form post values etc

[graham23s]

No probs MT will do small update:

 

i think i see the problem-ish, after i view a profile THEN go back to myaccount.php thats where the change of sessions seems to appear:

 

myaccount.php (part of)

 

<?php
###################################################
# myaccount.php                                   #
###################################################
  ## Debugging
  echo $var_loggedinuser;

  ## Grab some basic fields from mysql
  $queryfields = "SELECT `id`,`username`,`thumbnail`,`profileviews` FROM `users` WHERE `username`='$var_loggedinuser'";
  $resultsfields = mysql_query($queryfields);
  $rowfields = mysql_fetch_array($resultsfields);
  
  ## Vars
  $var_id = $rowfields['id'];
  $var_username = $rowfields['username'];
  $var_views = $rowfields['profileviews'];
  $thumnail = $rowfields['thumbnail'];
  
  ## Grab messages from mysql
  $querypms = "SELECT `recipientid` FROM `privatemessages` WHERE `recipientid`='$var_id'";
  $resultpms = mysql_query($querypms);
  $numpms = mysql_num_rows($resultpms);
  
  if($numpms > 0) {
  
  $numpms = "<font color=\"#8f0002\">$numpms</font>";
  
  } 

 

the "$var_loggedinuser" variable changes to whoevers profil i last visited, could that be the problem?

 

cheers

 

Graham