d22552000 Posted December 1, 2007 Share Posted December 1, 2007 I am making a music / social networking site. The profile pages seem to logout ANY user going to them, for no reason.. Here is my php: CODE THAT SETS SESSION IN LOGIN.PHP: session_regenerate_id(); $member=mysql_fetch_assoc($res); $_SESSION['i']=$member['uid']; $_SESSION['u']=$member['user']; session_write_close(); header("location: index.php?dologin=".rand()); //Dologin just shows the "welcome" thingy. exit(); PROFILE.PHP CODE: <?PHP include('inc.php'); if (isset($_GET['u'])) { $user = $_GET['u']; $sql = "SELECT * FROM `musix`.`userdetails` WHERE `usaer` = '".clean($user)."' LIMIT 1;"; $res = mysql_query($sql) or die(mysql_error()); $ret = "<h1>$user's Profile</h1>"; while($u = mysql_fetch_assoc($res)) { $ret.= " <table width='80%'><tr><td width='100%'> <table width='80%'> <tr><td>Occupation: </td><td>".$u['occupation']."</td></tr> <tr><td>Interests: </td><td>".$u['interests']."</td></tr> <tr><td>Location: </td><td>".$u['location']."</td></tr> <tr><td> </td><td> </td></tr> <tr><td>Favorite Movies: </td><td>".$u['movies']."</td></tr> <tr><td>Favorite Shows: </td><td>".$u['television']."</td></tr> </table></td><td align='right'> "; if (is_file('./pic/'.$user.'.jpg')) { $ret.= "<img src='./pic/$user.jpg' alt='User Picture' />\r\n"; } else if (is_file('./pic/'.$user.'.png')) { $ret.= "<img src='./pic/$user.png' alt='User Picture' />\r\n"; } else if (is_file('./pic/'.$user.'.gif')) { $ret.= "<img src='./pic/$user.gif' alt='User Picture' />\r\n"; } else if (is_file('./pic/'.$user.'.jpeg')) { $ret.= "<img src='./pic/$user.jpeg' alt='User Picture' />\r\n"; } else { $ret.= "<img src='./pic/nopic.jpg' alt='User Picture' />\r\n"; } $ret.= " </td></tr><tr><td colspan='2'><br/> <table width='100%' style='border-color: darkblue;'> <tr><th style='background-color:darkblue;'>About Me</th></tr> <tr><td style='border-color: darkblue;'>".$u['aboutme']."</td></tr> </table><br/> <table width='100%' style='border-color: darkblue;'> <tr><th style='background-color:darkblue;'>Biography</th></tr> <tr><td style='border-color: darkblue;'>".$u['biography']."</td></tr> </table><br/> <table width='100%' style='border-color: darkblue;'> <tr><th style='background-color:darkblue;'>My Favorite Songs</th></tr> <tr><td style='border-color: darkblue;'>"; $fav = str_split(';',$u['music']); foreach ($fav as $song) { $a = split(':',$song); echo "<a href='play.php?id='".$a[0]."'>".@$a[1]."</a> \r\n"; } $ret.= "</td></tr> </table> </td></tr></table> "; } html($user.'\'s Profile',$ret); } else if (!empty($_SESSION['u'])) { if (isset($_GET['edit'])) { mysql_query($sql) or die(mysql_error()); } $sql = "SELECT * FROM `musix`.`userdetails` WHERE `user` = '".$_SESSION['u']."' LIMIT 1;"; $res = mysql_query($sql) or die(mysql_error()); $ret.= "<h1>Edit Profile</h1>"; while($u = mysql_fetch_assoc($res)) { } html('Your Profile',$ret); } else { header('location: login.php'); } ?> INC.PHP: <?PHP session_set_cookie_params(3600*24*355); error_reporting(E_ALL); session_start(); mysql_connect('localhost','root','') or die(mysql_error()); mysql_select_db('musix') or die(mysql_error()); function lognm() { return gmdate('[m/d/Y H:i:s] ').$_SERVER['REMOTE_ADDR']; } function logme($str) { $str = lognm().$str; $log = fopen('`site.log','a+'); fwrite($log,$str."\r\n"); fclose($log); } function get_comments() {$id = @$_GET['id']; $comments = mysql_query('SELECT * FROM `comments` WHERE `pid`='.$id.' ORDER BY `cid` ASC'); $RET = 'Post a Comment: <form method="POST" action="comment.php"><table><tr><td>'; if (empty($_SESSION['u'])) { $RET.= 'Posting as: <input type="text" name="name" value="'.$_SERVER['REMOTE_ADDR'].'" />'; } else { $RET.= '<input type="hidden" name="name" value="'.$_SESSION['u'].'" /> Posting as: '.$_SESSION['u']; } $RET.= ' </td><td> <input type="submit" name="sub" value="Post Comment" /></td></tr> <td colspan="2"><input type="hidden" name="id" value="'.$id.'" /> <input type="hidden" name="dt" value="'.time().'" /> <textarea name="text" cols="50" rows="4"> Please enter your comment here...</textarea> </td></tr></table> </form> '; while ($row = @mysql_fetch_assoc($comments)) { $RET.= '<table width="50%" style="background-color:#191919;"><tr><th style="background-color:#595959;">'.$row['name'].'</th></tr> <tr><td style="background-color:#595959;"> '.$row['text'].'</td></tr></table>'."<br/>\r\n"; } return($RET); } function clean($str) { $str = @trim($str); if(version_compare(phpversion(),'4.3.0') >= 0) { if(get_magic_quotes_gpc()) { $str = stripslashes($str); } if(@mysql_ping()) { $str = mysql_real_escape_string($str); } else { $str = addslashes($str); } } else { if(!get_magic_quotes_gpc()) { $str = addslashes($str); } } return $str; } function html($TITLE,$RET,$HEAD = "",$down = false) { $RET = str_replace('{{BLOCK}--COMMENTS--(ID}}:',get_comments(),$RET); echo '<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>Musix :: '.$TITLE.'</title> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <base href="http://'.$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF'].'" /> <style type="text/css"> body,table,img,td,th { font-family: Geneva, Arial, Helvetica, sans-serif; background-color: #383838; text-align:center; font-size: 14px; color: #EEEEEE; border: 0px; } textarea,input,file { background-color: #222222; color: #00DDFF; } submit,button { background-color: #050505; color: #00DD00; } a:link,link,a { color: #FF0000; } </style> '.$HEAD.' </head> '; if ($down) { echo '<body onload="timedCount();">'; } else { echo '<body>'; } echo '<div align="center"> <table width="75%" border="1"> <tr> <th width="25%" align="left"> </th> <th width="50%" align="center"> <a href="http://'.$_SERVER['SERVER_NAME'].'/six/index.php"><img src="http://'.$_SERVER['SERVER_NAME'].'/six/header.gif" alt="Header Image for Musix" style="border:0px;" /></a> </th>'; if (!empty($_SESSION['u'])) { echo ' <th width="25%" align="left"> Welcome, '.$_SESSION['u'].'! </th>'; } else { echo ' <th width="25%" align="right"> <form method="POST" action="login.php"> User: <input type="text" name="user" size="15" /><br /> Pass: <input type="password" name="pass" size="15" /><br /> <a href="register.php">Register</a> | <input type="submit" value="Login" name="quicklogin" /> </form> </th>'; } echo ' </tr> <tr> <td colspan="3"><table width="100%"><tr> <td><h3><a href="search.php">Search</a></h3></td> <td><h3><a href="up.php">Upload</a> (<a href="qup.php">Quick</a>)</h3></td>'; echo ' </tr></table></td> </tr> <tr> <td colspan="3"><div align="center">'.$RET.'</div></td> </tr> <tr> <th colspan="3">Musix® Copyright© Damon Hosting 2007. All Rights Reserved.<br/></th> </tr> </table><br/> <!-- Begin: AdBrite --> <script type="text/javascript">'; echo " var AdBrite_Title_Color = 'ff3333'; var AdBrite_Text_Color = 'CCCCCC'; var AdBrite_Background_Color = '383838'; var AdBrite_Border_Color = '191919'; </script>"; echo ' <span style="white-space:nowrap;"><script src="http://ads.adbrite.com/mb/text_group.php?sid=495634&zs=3732385f3930" type="text/javascript"></script><!-- --><a target="_top" href="http://www.adbrite.com/mb/commerce/purchase_form.php?opid=495634&afsid=1"><img src="http://files.adbrite.com/mb/images/adbrite-your-ad-here-leaderboard-w.gif" style="background-color:#191919" alt="Your Ad Here" width="14" height="90" border="0" /></a></span> <!-- End: AdBrite --></div></body></html>'; exit(); } ?> I click profile links like "profile.php?u=admin" and it logs me out, and shows me admin's profile. The login box at the top shows up instead of saying "welcome admin"... It affectively unset's session. Please help me! EDIT by toplay: please don't use that abbreviation. Quote Link to comment Share on other sites More sharing options...
toplay Posted December 1, 2007 Share Posted December 1, 2007 I didn't look closely, but I don't see a session_start() before session_regenerate_id() is used in your first snippet of code. Quote Link to comment Share on other sites More sharing options...
MadTechie Posted December 1, 2007 Share Posted December 1, 2007 Sounds like you have Register Globals On.. try this change while($u = mysql_fetch_assoc($res)) { to while($us = mysql_fetch_assoc($res)) { of course change the code to suite ie $u['occupation'] to $us['occupation'] Quote Link to comment Share on other sites More sharing options...
d22552000 Posted December 1, 2007 Author Share Posted December 1, 2007 o.o I get it.. ok changing.. lets see if it works... It is funny, If I have register globals... I NEVER USE IT lol.. Quote Link to comment Share on other sites More sharing options...
MadTechie Posted December 1, 2007 Share Posted December 1, 2007 register globals = Evil.. if you can turn them off.. they are a security risk Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.