Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    New to the CF scene
    Join Date
    Jul 2008
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Website randomly choosing logged in user in status bar.

    Hi There,

    I worked on a site a while back as part of a college project. It was a great success and worked well on my development and home server for demonstration purposes.

    I've since moved it to my main host to be part of my portfolio. This host seems to be using a different (newer) version of php which threw header already sent errors. I fixed these but now I'm having a weird issue where if you log into the site and browse to the member list "People". If you choose to view a users profile page then it will take you there but the navbar will tell you that you are logged in as somebody else. If you continue to navigate around the site this currently logged in user will randomly change to other registered users.

    There seems to be some order to the randomness of the users being selected but I can't put my hand on it.

    The faulty site is:here
    The working site is:here

    You can log in as user***->guest:guest (both sites)

    I should probably post some code but to be honest i'm not really sure where to start.

    I have a navbar section that determines which user is logged in so I suppose i'll start there.

    Header.php from conorhackett.com:
    Please note: The code here is quite nasty looking as this was our first big project. I also feel the need to say I didn't code this navbar. If I did then I would have used only one block of dynamic html.
    Code:
    <?php
    	session_start();
    ?>
    // Some html import declarations here.
    <?php
    	//not logged in navbar
    	if (empty($_SESSION['username'])){
    		echo'
    			<div id="navigation_container">
    				<div id="picture_roll_out"></div>
    				<div id="logo_area">
    					<a href="index.php"></a>
    				</div>
    				<div id="low_nav">
    					<div class="logged_details"><a href="login.php">Login</a> | <a href="registration.php">Register</a></div>
    				</div>
    			</div>         
    		';
    	}
    	
    
    	else if(isset($_SESSION['administrator']) && $_SESSION['administrator'] == 1)
    	{
    		//administration navbar
    		echo'
    			<div id="navigation_container">
    				<div id="edit">
    				<a href="admin.php">Administration</a>			
    				</div>
    				<div id="picture_roll"></div>
    				<div id="logo_area">
    					<a href="index.php"></a>	
    				</div>
    				<div id="low_nav">
    					<div class="logged_details">You are signed in as '.$_SESSION['username'].' | <a href="logout.php">Logout</a></div>
    					<div id="low_nav_links">
    						<a href="home.php">Home</a> | <a href="profile.php?userId='.$_SESSION['userId'].'">Profile</a> | 
    						<a href="user_albums.php?userId='. $_SESSION['userId'] .'">Albums</a> | 
    						<a href="upload.php">Upload a Photo</a> | 
    						<a href="edit_account.php">Account</a> | 
    						<a href="user_list.php">People</a>
    					</div>
    				</div>
    			</div>         
    		';
    	
    	}
    	
    	
    	//normal user navbar
    	else{
    		echo'
    			<div id="navigation_container">
    				<div id="edit">	
    				</div>
    				<div id="picture_roll_out"></div>
    				<div id="logo_area">
    					<a href="index.php"></a>	
    				</div>
    				<div id="low_nav">
    					<div class="logged_details">You are signed in as '.$_SESSION['username'].' | <a href="logout.php">Logout</a></div>
    					<div id="low_nav_links">
    						<a href="home.php">Home</a> | <a href="profile.php?userId='.$_SESSION['userId'].'">Profile</a> | 
    						<a href="user_albums.php?userId='. $_SESSION['userId'] .'">Albums</a> | 
    						<a href="upload.php">Upload a Photo</a> | 
    						<a href="edit_account.php">Account</a> | 
    						<a href="user_list.php">People</a>
    					</div>
    				</div>
    			</div>         
    		';
    	}
    ?>
    Any advice greatly appreciated as I need to have this site in a fully working state for my portfolio, thanks..
    Last edited by makko; 10-19-2009 at 10:30 PM.

  • #2
    met
    met is offline
    Regular Coder
    Join Date
    Oct 2009
    Location
    United Kingdom
    Posts
    728
    Thanks
    4
    Thanked 119 Times in 119 Posts
    that code isn't what you need to provide ^-^

    please post any code where you actually set $_SESSION['username'];

    but I agree it's a strange bug.

  • #3
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,500
    Thanks
    8
    Thanked 1,089 Times in 1,080 Posts
    It's gotta be related to the SESSION path on the particular server ... some PHP setting.

    Probably a good idea to save the script below as "phpinfo.php" and upload to
    your website and run it. Print it out and run it on your other server and compare.

    save this is "phpinfo.php" or "test.php" and run it on your webhost:
    PHP Code:
    <?php
    phpinfo
    ();
    ?>

  • #4
    New to the CF scene
    Join Date
    Jul 2008
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Hi guys, thanks for the input and speedy replies!!

    You can get the server php info at:www.conorhackett.com/info.php i'm sure there session section will be a lot more meaningful to you guys..

    Here is the code where I set $_SESSION['username']. The only area is in a script called login.php

    From the code you will be able to see where I patched the problem with the session headers already sent error.
    I used:
    Code:
    echo "<script type=\"text/javascript\">window.location = \"home.php\"</script>";
    instead of something like:
    Code:
    header("LOCATION: home.php")
    I don't think that change would have any negative effect though.

    Code:
    		// Check to see if account has been suspended
    		if($result['suspend'] == 1)
    		{
    			echo '<p class="error">Your account has been suspended, please contact the support team to rectify this.</p>';
    		}
    		else if($result['administrator'] == 0) // If user is not an admin
    		{
    			// DB Disconnect
    			dbDisconnect($connection);			
    			
    			// Login by setting session variables
    			$_SESSION['username'] = $_POST['username'];
    			$_SESSION['userId'] = $result['user_id'];
    			$_SESSION['administrator'] = $result['administrator'];
    			// Send user to home.php
    			echo "<script type=\"text/javascript\">window.location = \"home.php\"</script>";
    		}
    		else // User is admin
    		{
    			// DB Disconnect
    			dbDisconnect($connection);
    			
    			// Login by setting session variables
    			$_SESSION['username'] = $_POST['username'];
    			$_SESSION['userId'] = $result['user_id'];
    			$_SESSION['administrator'] = $result['administrator'];
    			// Send user to home.php
    			echo "<script type=\"text/javascript\">window.location = \"admin.php\"</script>";
    		}


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •