[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] PHP Session problems

To: list@xxxxxxxxxxxxx
Subject: Re: [LUG] PHP Session problems
From: Robin Cornelius <robin.cornelius@xxxxxxxxx>
Date: Thu, 10 May 2007 21:50:39 +0100

Neil Williams wrote:
>>
>> the usertype variable just vanishes after a couple of clicks around the site.
> 
> It may be counter-intuitive but by not reading usertype but only
> reading userid, you may be causing the loss of the usertype data. Can
> you not calculate usertype from userid?

Hi Neil,

Well the actual userid was just the pkey from the database or unset for
not logged in. Usertype was just another field in the database.

In fact i was testing both variables on all pages because the menu on
the left of the site is SSI and includes tests to display member only
and administrator options. I just also had the code I posted as the
first bit on the page so it could redirect the page before the headers
were sent if not authorised.

> 
>> On other other pages we have :-
>>
>>
>> session_start();
>>
>>   if(!isset($_SESSION['userid']))
>>   {
>>     header("Location:../login/index.php?error=2");
>>   }
> 
> Even if this page has no content relevant to the administrator, it
> still needs to check the variable so that it is in scope for the next
> operation using the cookie.
> 
>> which never fails to work and stays active until logout.
> 
> Because it's in every page that uses the cookie.
> 
> At least, that would be the first thing I would implement as a
> testcase. That and trying to calculate usertype from userid by some
> server-only method, maybe in the database.

Maybe the overall method I am using is still wrong. I have inherited
this site and I am attempting to cobble fixes together. At least the
"basic" layout is now CSS the menu is a SSI and the title, menu and main
text area are set by CSS and the fonts and styles are uniform through
the site now by a .css file. The main text contents is a mess because
others need to be able to edit it using contribute and that seems to
love producing tables and lots and lots of inline styles and messy html.

I have just made some changes and it has stopped misbehaving. It appears
that

$_SESSION['usertype'] and $usertype have way to much in common, by
removing all $usertypes from the code it has stopped messing around?? I
must have missed something here????

Thanks

-- 
Robin Cornelius
http://www.byteme.org.uk

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html

References:
- [LUG] PHP Session problems
  - From: Robin Cornelius
- Re: [LUG] PHP Session problems
  - From: Neil Williams

Prev by Date: Re: [LUG] Are we too technical for our own good ?
Next by Date: Re: [LUG] Are we too technical for our own good ?
Previous by thread: Re: [LUG] PHP Session problems
Next by thread: Re: [LUG] PHP Session problems
Index(es):
- Date
- Thread