mikefrederick Posted February 19, 2008 Share Posted February 19, 2008 I have $_SESSION['mls'] set and working but somehow when i go to the following page it always gets altered. Let me know if you see any reason why: <?php session_start(); include("include/common.php"); include("$config[template_path]/user_top.html"); global $conn, $lang, $config, $HTTP_GET_VARS; $debug_GET = True; $guidestring = ""; $guidestring_with_sort = ""; // Save GET foreach ($_GET as $k => $v) { if ($v && $k != 'cur_page' && $k != 'PHPSESSID' && $k != 'sortby' && $k != 'sorttype' && $k != 'imagesOnly') { if (is_array($v)) { foreach ($v as $vitem) { $guidestring .= '&' . urlencode("$k") . '[]=' . urlencode("$vitem"); } } else { $guidestring .= '&' . urlencode("$k") . '=' . urlencode("$v"); } } } $sql = "drop table IF EXISTS " . $config[table_prefix] . "temp"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { log_error($sql); } $sql = "CREATE TABLE " . $config[table_prefix] . "temp SELECT " . $config[table_prefix] . "listingsDB.ID, " . $config[table_prefix] . "listingsDB.Title, " . $config[table_prefix] . "listingsDB.user_ID, " . $config[table_prefix] . "listingsDBElements.field_name, " . $config[table_prefix] . "listingsDBElements.field_value FROM " . $config[table_prefix] . "listingsDB, " . $config[table_prefix] . "listingsDBElements WHERE (" . $config[table_prefix] . "listingsDBElements.listing_id = " . $config[table_prefix] . "listingsDB.ID) AND "; if ($config[use_expiration] == "yes") { $sql .= "(" . $config[table_prefix] . "listingsDB.expiration > ".$conn->DBDate(time()).") AND "; } $sql .= "(" . $config[table_prefix] . "listingsDB.active = 'yes')"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { log_error($sql); } if ($config[manage_index_permissions] == 'Yes') { $sql = "create index idx_listingid on " . $config[table_prefix] . "temp (ID)"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { log_error($sql); } $sql = "create index idx_listingname on " . $config[table_prefix] . "temp (field_name(10))"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { log_error($sql); } } reset ($HTTP_GET_VARS); foreach ($_GET as $ElementIndexValue => $ElementContents) { if ($ElementIndexValue == "sortby") { $guidestring_with_sort = "$ElementIndexValue=$ElementContents"; } elseif ($ElementIndexValue == "sorttype") { $guidestring_with_sort = "$ElementIndexValue=$ElementContents&"; } elseif ($ElementIndexValue == "cur_page") { } elseif ($ElementIndexValue == "PHPSESSID") { } elseif ($ElementIndexValue == "user_ID") { $sql = "DELETE FROM " . $config[table_prefix] . "temp WHERE User_ID <> $ElementContents"; $recordSet = $conn->Execute($sql); } elseif ($ElementIndexValue == "imagesOnly") { $guidestring .= "$ElementIndexValue=$ElementContents&"; if ($ElementContents == "yes") { $whilecount = 0; $delete_string = "DELETE FROM " . $config[table_prefix] . "temp WHERE (1=1)"; $sql = "SELECT " . $config[table_prefix] . "temp.ID, COUNT(" . $config[table_prefix] . "listingsImages.file_name) AS imageCount FROM " . $config[table_prefix] . "listingsImages," . $config[table_prefix] . "temp WHERE (" . $config[table_prefix] . "listingsImages.listing_id = " . $config[table_prefix] . "temp.ID) GROUP BY " . $config[table_prefix] . "listingsImages.listing_id"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { log_error($sql); } while (!$recordSet->EOF) { $whilecount = $whilecount + 1; $listingID = $recordSet->fields[iD]; $imageCount = $recordSet->fields[imageCount]; $delete_string .= " AND "; $delete_string .= "(ID <> $listingID)"; $recordSet->MoveNext(); } // end while $recordSet = $conn->Execute($delete_string); if ($recordSet === false) { log_error($delete_string); } } } // end elseif ($ElementIndexValue == "imagesOnly") elseif (is_array($ElementContents)) { //echo $ElementIndexValue.': array found<br>'; //echo count($ElementContents).'Elements found in array<br>'; $skip = False; foreach($ElementContents as $a) { if (!$a) { $skip = True; } //echo '|'.$a.'|'; } if ($skip == True) { continue; } reset($ElementContents); echo '<br><br>'; $sql_ElementIndexValue = make_db_safe($ElementIndexValue); $r = $conn->getOne("select search_type from " . $config[table_prefix] . "listingsFormElements where field_name = ".$sql_ElementIndexValue); if (($r == 'optionlist') || ($r == 'fcheckbox')) { $recordSet = $conn->Execute($sql); $sql = "select count(t2.field_name) as cnt, t1.id as id from " . $config[table_prefix] . "temp t1 left join " . $config[table_prefix] . "listingsDBElements t2 on t1.id = t2.listing_id and t1.field_name = $sql_ElementIndexValue group by t1.id"; $res = $conn->Execute($sql); while (!$res->EOF) { if ($res->fields['cnt'] == 0) { $conn->execute("delete from " . $config[table_prefix] . "temp where id = " . $res->fields['id']); } else { $value = $conn->getOne("select field_value from " . $config[table_prefix] . "temp where id = " . $res->fields['id'] . " and field_name = $sql_ElementIndexValue"); $delete = 1; foreach ($ElementContents as $e) { if (!strstr($value, $e)) { $conn->execute("delete from " . $config[table_prefix] . "temp where id = " . $res->fields['id']); } } } $res->moveNext(); } } else { $whilecountTwo = 0; $select_statement = "SELECT ID FROM " . $config[table_prefix] . "temp WHERE ( (field_name=$sql_ElementIndexValue) AND "; while (list($featureValue, $feature_item) = each ($ElementContents)) { $whilecountTwo = $whilecountTwo + 1; if ($whilecountTwo > 1) { $select_statement .= " OR "; } $sql_feature_item = make_db_safe($feature_item); $select_statement .= "(field_value = $sql_feature_item)"; } $select_statement .= ")"; $recordSet = $conn->Execute($select_statement); if ($recordSet === false) { log_error($select_statement); } $save_array = array(); while (!$recordSet->EOF) { $save_ID = $recordSet->fields[iD]; $save_array[] = "$save_ID"; $recordSet->MoveNext(); } // end while $num_to_delete = $recordSet->RecordCount(); if ($num_to_delete > 0) { $delete_string = "DELETE FROM " . $config[table_prefix] . "temp WHERE "; while (list($IndexValue,$ElementContents) = each($save_array)) { if ($IndexValue > 0) { $delete_string .= " AND "; } $sql_ElementContents = make_db_safe($ElementContents); $delete_string .= "(ID <> $sql_ElementContents)"; } // end while $recordSet = $conn->Execute($delete_string); if ($recordSet === false) { log_error($delete_string); } } // ($num_to_delete > 0) elseif ($num_to_delete == 0) { $delete_string = "DELETE FROM " . $config[table_prefix] . "temp"; $recordSet = $conn->Execute($delete_string); if ($recordSet === false) { log_error($delete_string); } } // end elseif ($num_to_delete = 0) } // end optionlist check } // end elseif (is_array($ElementContents)) else { if (!$ElementContents) continue; $val = $ElementContents; $ElementContents = make_db_safe($ElementContents); $l3 = substr($ElementIndexValue, strlen($ElementIndexValue) - 3); if ($l3 == 'min' OR $l3 == 'max') { $col = strtok($ElementIndexValue, '-'); $sql = "select id, field_value as v from " . $config[table_prefix] . "temp where field_name = '$col'"; $rs = $conn->Execute($sql); $del_id = array(); while (!$rs->EOF) { if ($l3 == 'min' AND $val) { $min1=$val; if ($rs->fields['v'] < $val) { $del_id[] = $rs->fields['id']; } } if ($l3 == 'max' AND $val) { $max1=$val; if ($rs->fields['v'] > $val) { $del_id[] = $rs->fields['id']; } } $rs->MoveNext(); } $sql = "delete from " . $config[table_prefix] . "temp where id in (" . implode(',', $del_id) . ")"; if (sizeof($del_id)) { $conn->execute($sql); } continue; } $l7 = substr($ElementIndexValue, strlen($ElementIndexValue) - 7); if ($l7 == 'mindate' OR $l7 == 'maxdate') { if (($time = strtotime($val)) > 1) { $col = strtok($ElementIndexValue, '-'); $sql = "select id, field_value as v from " . $config[table_prefix] . "temp where field_name = '$col'"; $rs = $conn->Execute($sql); $del_id = array(); while (!$rs->EOF) { $db_time = strtotime($rs->fields['v']); if ($l7 == 'mindate' AND $val) { if ($db_time < $time) { $del_id[] = $rs->fields['id']; } } if ($l7 == 'maxdate' AND $val) { if ($db_time > $time) { $del_id[] = $rs->fields['id']; } } if ($db_time < 1 or !$val) { $del_id[] = $rs->fields['id']; } $rs->MoveNext(); } $sql = "delete from " . $config[table_prefix] . "temp where id in (" . implode(',', $del_id) . ")"; if (sizeof($del_id)) { $conn->execute($sql); } continue; } } if (!$ElementContents) continue; $ElementIndexValue = make_db_safe($ElementIndexValue); $select_statement = "SELECT ID FROM " . $config[table_prefix] . "temp WHERE ( (field_name = $ElementIndexValue) AND (field_value = $ElementContents) )"; $recordSet = $conn->Execute($select_statement); if ($recordSet === false) { log_error($select_statement); } $save_array = array(); while (!$recordSet->EOF) { $save_ID = $recordSet->fields[iD]; $save_array[] = "$save_ID"; $recordSet->MoveNext(); } // end while $num_to_delete = $recordSet->RecordCount(); if ($num_to_delete > 0) { $delete_string = "DELETE FROM " . $config[table_prefix] . "temp WHERE "; while (list($IndexValue,$ElementContents) = each($save_array)) { if ($IndexValue > 0) { $delete_string .= " AND "; } $delete_string .= "(ID <> $ElementContents)"; } $recordSet = $conn->Execute($delete_string); if ($recordSet === false) { log_error($delete_string); } } // end ($num_to_delete > 0) elseif ($num_to_delete == 0) { $delete_string = "DELETE FROM " . $config[table_prefix] . "temp"; $recordSet = $conn->Execute($delete_string); if ($recordSet === false) { log_error($delete_string); } } // end elseif ($num_to_delete = 0) } // end else } // end while $sortby="price"; if ($sortby == "") { $sort_text = ""; $order_text = "ORDER BY ID DESC"; } elseif ($sortby == "listingname") { $sort_text = ""; $order_text = "ORDER BY Title $sorttype"; } elseif ($sortby == "price") { $sortby = make_db_extra_safe($sortby); $sort_text = "WHERE (field_name = $sortby)"; $order_text = "ORDER BY field_value +0 $sorttype"; } else { $sortby = make_db_extra_safe($sortby); $sort_text = "WHERE (field_name = $sortby)"; $order_text = "ORDER BY field_value $sorttype"; } if (($sorttype == "") || ($sorttype == "ASC")) { $sorttype = "DESC"; } else { $sorttype = "ASC"; } $guidestring_with_sort = $guidestring_with_sort.$guidestring; $sql1="SELECT ID FROM " . $config[table_prefix] . "temp WHERE ((field_name = 'status') AND (field_value = 'Sold'))"; $rs=$conn->Execute($sql1); if ($rs === false) { log_error($sql1); } while (!$rs->EOF) { $id=$rs->fields[iD]; $sql2="DELETE FROM " . $config[table_prefix] . "temp WHERE ID=$id"; $rs2=$conn->Execute($sql2); $rs->MoveNext(); } $sql = "SELECT * from " . $config[table_prefix] . "temp $sort_text GROUP BY ID $order_text"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { log_error($sql); } $num_rows = $recordSet->RecordCount(); if ($num_rows > 0) { $limit_str = $cur_page * $config[listings_per_page]; $resultRecordSet = $conn->Execute($sql); if ($resultRecordSet === false) { log_error($sql); } $min2 = money_formats(international_num_format($min1)); $max2 = money_formats(international_num_format($max1)); if ($max2=="$0") { $max2="and up"; } ?> <!-- CONTENT --> <?php if ($city === 'Vancouver Island') { if ($type == '') { echo '<h1>Current Listings: ' . $city . '</h1>'; } else { echo '<h1>Current Listings: ' . $city . ' » ' . $type . '</h1>'; } } else { ?> <h1>Current Listings: <?PHP echo $city;?> <?PHP echo $type;?></h1> <?php } ?> <?php if ($city === 'Vancouver Island') { echo '<h2>Browse ' . $city . ' by property type: '; } else { ?> <h2>Browse <?PHP echo $city;?> listings by property type: Quote Link to comment https://forums.phpfreaks.com/topic/91833-session-getting-altered-somehow/ Share on other sites More sharing options...
Psycho Posted February 19, 2008 Share Posted February 19, 2008 I don't see where $_SESSION['mls'] is used in that code at all (or any session values for that matter). So, how would you know the value has been altered when you don't even use it? Quote Link to comment https://forums.phpfreaks.com/topic/91833-session-getting-altered-somehow/#findComment-470320 Share on other sites More sharing options...
mikefrederick Posted February 19, 2008 Author Share Posted February 19, 2008 Yeah thats the weird thing, I have 3 pages and when I echo $_SESSION['mls'] on the other two and move back and forth between them it stays the same but then when i go to that page and go back to one of the other two it has changed. Quote Link to comment https://forums.phpfreaks.com/topic/91833-session-getting-altered-somehow/#findComment-470322 Share on other sites More sharing options...
mikefrederick Posted February 19, 2008 Author Share Posted February 19, 2008 and if I echo $_SESSION['mls'] at the top of that page it is correct and then echo it again at the bottom it is incorrect. There is a little more code but I am having trouble posting it in the forum, none of it contains any session info. Quote Link to comment https://forums.phpfreaks.com/topic/91833-session-getting-altered-somehow/#findComment-470324 Share on other sites More sharing options...
PFMaBiSmAd Posted February 19, 2008 Share Posted February 19, 2008 If the code on that page is not directly setting $_SESSION['mls'], then it is likely that register globals are on and there is a program/post/get/cookie variable with the same name - mls. If the above is true, turn register globals off or use unique names for all variables so that there is no overlap due to register globals. Quote Link to comment https://forums.phpfreaks.com/topic/91833-session-getting-altered-somehow/#findComment-470327 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.