Jump to content

Issue maintaining session user

CincoPistolero

By CincoPistolero
in PHP Coding Help

 Share

Recommended Posts

CincoPistolero Member

CincoPistolero

Posted
Posted

I am trying to use Sessions to track a admin section of a website. In the header.php file that every page calls, I have:

 

<?php session_start(); ?>

and 

$queryaccess = "SELECT * FROM users WHERE userName = '$_SESSION[userName]'";
$resultaccess = mysql_query($queryaccess) or die ("Error in query: $queryaccess. " . mssql_error());
$rowaccess= mysql_fetch_array($resultaccess);
extract($rowaccess);

 

On each page I have a:

Welcome: <b><?php echo $rowaccess["userName"]; ?></b>

 

All work fine until I go to my users pages.

The initial page is listusers.php and the above works fine. It lists out the current users in db.

When I click on a user to go to the modify.php page, it changes the user to the last user in the array, and even though the URL in the web browser shows the correct userID=, the user listed in the modified page is always the last user in my array. Below is the extra SELECT statements from the list users page and the modify users page. It seems to be changing who my SESSION belongs to.

 

listusers.php

$queryusers = " SELECT * FROM users ORDER BY lastName";
$resultusers = mysql_query($queryusers) or die ("Error in query: $queryusers. " . mysql_error());

 

and further down the page where list is set.

while ( $row= mysql_fetch_array($resultusers)){extract($row);

 

modifyusers.php

$queryusers = "SELECT * FROM users WHERE userID='$userID' ";
$usersresult = mysql_query($queryusers) or die ("Error in query: $queryusers. " . mysql_error());
$usersrow= mysql_fetch_array($usersresult);
extract($usersrow);

 

the listuser.php and modifyuser.php each also contain the header.php

Link to comment
Share on other sites
CincoPistolero Member

CincoPistolero

Posted
  • Author
Posted

in this link?

td class='$row_color' width='180'><a href='modifyuser.php?userID=$userID'>$userName</a></td>

 

on the listuser page

I have fname, lname, username. the link is attached to the username as userID. When I hover over link, it shows correct ID for each user. but when I click on link, I get sent to last user in array on modify.php page. ON modify.php page it shows wrong data in fields yet lists correct userID in browser Address bar.

Link to comment
Share on other sites
redarrow Advanced Member

redarrow

Posted
Posted

use ur link goto your current page tell me the result please....

 

the id echoed should be the id in the link............

 

$userID=$_POST['userID'];
$queryusers = "SELECT * FROM users WHERE userID='$userID' ";
echo $queryusers;
$usersresult = mysql_query($queryusers) or die ("Error in query: $queryusers. " . mysql_error());
$usersrow= mysql_fetch_array($usersresult);
extract($usersrow);

Link to comment
Share on other sites
CincoPistolero Member

CincoPistolero

Posted
  • Author
Posted

Below is the list of users and what each link displays when the mouse hovers over it.

adfad adfadf adfdaf Yes - upon hovering the ID shows 11

coolio1 coolio1 coolio Yes  - upon hovering the ID shows 10

fredrich fred12 fred Yes - upon hovering the ID shows  3

john1 john john Yes - upon hovering the ID shows  6

roberto roberto roberto Yes - upon hovering the ID shows  8

sgsfg sfgsfg sfgsfg Yes - upon hovering the ID shows  9

 

When I click on the coolio link the browser url displays.

http://yadayadayada.com/wcc/users/modifyuser.php?userID=10

 

The data in the form displays the data for sgsfg.

 

No matter which link I click, I get the data for sgsfg. And my "Welcome: " turns to sgsfg even though that data is pulled from a different SELECT statement.

$queryaccess = "SELECT * FROM users WHERE userName = '$_SESSION[userName]'";
$resultaccess = mysql_query($queryaccess) or die ("Error in query: $queryaccess. " . mssql_error());
$rowaccess= mysql_fetch_array($resultaccess);
extract($rowaccess);

 

 

 

Link to comment
Share on other sites
redarrow Advanced Member

redarrow

Posted
Posted

becouse your using a session for the whole web site in

the header off you php script and adding it to

all your pages i think your killing the current session.......

 

you shouldnt use session_start(); in the header session start should be

on all pages no matter what...

 

now your query added assoc ok.....

 

$queryusers = "SELECT * FROM users WHERE userID='$userID' ";

$usersresult = mysql_query($queryusers) or die ("Error in query: $queryusers. " . mysql_error());

$usersrow= mysql_fetch_assoc($usersresult);

extract($usersrow);

 

try the session start problam first ok mate sorry but session can be a funny old chap

Link to comment
Share on other sites
CincoPistolero Member

CincoPistolero

Posted
  • Author
Posted

Ok, I'm not as worried about the session stuff as I am as to why I choose something with a certain ID and the next page only returns info from the last user listed in my array. Even if I come to the listusers.php page and it shows me as the current user, if i refresh that page with F5 or if i click again on the listusers.php tab, it refreshes to the lastuser listed in the array. What the heck gives. And my listusers tab does not even have a userID associated with it.

Link to comment
Share on other sites
trq Prolific Member

trq

Posted
Posted

Where do you set $_SESSION[userName]? And if it is set, why do you need...

 

$queryaccess = "SELECT * FROM users WHERE userName = '$_SESSION[userName]'";
$resultaccess = mysql_query($queryaccess) or die ("Error in query: $queryaccess. " . mssql_error());
$rowaccess= mysql_fetch_array($resultaccess);
extract($rowaccess);

 

in the header.php page which is included in every page?

 

If your users are logged in via sessions (going by your code, I doupt they are) all you would need is...

 

Welcome: <b><?php echo $_SESSION["userName"]; ?></b>

 

Why query the database for information that is allready contained within the $_SESSION array?

Link to comment
Share on other sites
CincoPistolero Member

CincoPistolero

Posted
  • Author
Posted

the listusers array has nothing to do with my Session, although I don't doubt that I haven't set my session correctly. my queryaccess SELECT statement is to check and see if the user has access to the users page, as I only want Administrators to access this page. This works with passing userID from page to page.

 

My big problem is when I access the Users pages, whenever I select someone, it changes the userID so then I loose access to the page. I need to be able to login as administrator with an accessLvl and make adjustments on my user pages without the users pages thinking I've become someone else.

 

Currently, no matter who I click on in my list it thinks I'm the last user listed in the array.

Link to comment
Share on other sites
trq Prolific Member

trq

Posted
Posted

Im sorry but your code and approuch make little sense to me. I have no doupt however that your extensisive use of the extract function is overiding variables somewhere along the line. Explicitly define your variables instead of using extract and your problems are likely to disapear.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.