Session variable problem

**Vince Morgan** · Apr 25 '07, 02:25 PM

Re: Session variable problem

"Jonno" <jonattree@gnos is-consultancy.co. ukwrote in message
news:1177501291 .323146.24910@s 33g2000prh.goog legroups.com...

Hi
>
I am having a problem with session vars being propagated between pages
on this site:
=========== logout.php =============
<?php
session_start() ;
// store to test if they *were* logged in
$old_user = $_SESSION['loggedinuserna me'];
unset($_SESSION['loggedinuserna me']);
session_destroy ();

This may not actualy destroy everything in the session. The example of
killing a session that uses cookies below is from

PHP: session_destroy - Manual

http://au.php.net/session_destroy

Destroys all data registered to a session

// Unset all of the session variables.
$_SESSION = array();

// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (isset($_COOKIE[session_name()])) {
setcookie(sessi on_name(), '', time()-42000, '/');
}

// Finally, destroy the session.
session_destroy ();

I don't think it's the answer to your prob though. I'll be very interested
to here what others have to say. There was a previous post a few days ago
about a similar problem.
Vince

**Vince Morgan** · Apr 25 '07, 02:45 PM

Re: Session variable problem

"Vince Morgan" <vinhar@REMOVEo ptusnet.com.auw rote in message
news:462f62eb$0 $9772$afc38c87@ news.optusnet.c om.au...

session_destroy ();
>
I don't think it's the answer to your prob though. I'll be very

interested

to here what others have to say. There was a previous post a few days ago
about a similar problem.
Vince
>
>

After doing as you say, going back and forth through the few pages, logging
out and refreshing etc, I *do* beleive that your not destroying the session
and cookie correctly is the source of your problem.
Vince

**Vince Morgan** · Apr 25 '07, 03:05 PM

Re: Session variable problem

"Jonno" <jonattree@gnos is-consultancy.co. ukwrote in message
news:1177501291 .323146.24910@s 33g2000prh.goog legroups.com...

Hi
>
I am having a problem with session vars being propagated between pages

Ouch,, I have logged in with two different user names, on two occasions.
Having left the form a while to time-out on one, I refreshed and went back
and forth to find that my username changed from the current one to the
previous one in front of my eyes. Though I didn't actualy log out this
time.
Nasty.

**Vince Morgan** · Apr 25 '07, 03:15 PM

Re: Session variable problem

"Jonno" <jonattree@gnos is-consultancy.co. ukwrote in message
news:1177501291 .323146.24910@s 33g2000prh.goog legroups.com...

Hi
>
I am having a problem with session vars being propagated between pages
on this site:

http://www.meettheancestors.com/sessiontest/index.php

If you enter any user id and password and click Log In (no actual
validation is performed), and then move around the other pages and/or
keep refreshing the pages it will eventually display something that is
incorrect i.e. saying your logged in when you aren't or vice versa.
The exact same code here http://ccgi.gnosis.free-online.co.uk/index.php
works fine implying a problem with the first PHP installation.
Here is the code for the 3 files:
=========== index.php =============

Well, I've been able to reproduce exactly what you have described on my
machine. Clearing the cookies etc made no difference. One site
(meettheancesto rs)works as it should, and one seems to be getting the
session vars confused on the server. From one moment to the other I get
either previously entered username/s or the current one. There appears to
be no actual patern that I can discerne, its virtualy randomly returning
info from another instance of the seesion var.
I can't see how it can't be something to do with the server. It's certainly
nothing to do with the browser, as I'm using (IE6) exclusively.
This is a genuine problem you got here!

**Jerry Stuckle** · Apr 25 '07, 07:35 PM

Re: Session variable problem

Vince Morgan wrote:

"Jonno" <jonattree@gnos is-consultancy.co. ukwrote in message
news:1177501291 .323146.24910@s 33g2000prh.goog legroups.com...

>Hi
>>
>I am having a problem with session vars being propagated between pages

Ouch,, I have logged in with two different user names, on two occasions.
Having left the form a while to time-out on one, I refreshed and went back
and forth to find that my username changed from the current one to the
previous one in front of my eyes. Though I didn't actualy log out this
time.
Nasty.
>
>

Vince,

That's normal if you open two windows in the same browser. Cookies are
site-dependent, not window dependent. Both windows will share the same
cookies, and therefore the same session.

--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attgl obal.net
=============== ===

**Rik** · Apr 25 '07, 07:45 PM

Re: Session variable problem

Jerry Stuckle wrote:

Vince Morgan wrote:

>"Jonno" <jonattree@gnos is-consultancy.co. ukwrote in message
>news:117750129 1.323146.24910@ s33g2000prh.goo glegroups.com.. .

>>I am having a problem with session vars being propagated between pages

>Ouch,, I have logged in with two different user names, on two occasions.
>Having left the form a while to time-out on one, I refreshed and went
>back
>and forth to find that my username changed from the current one to the
>previous one in front of my eyes. Though I didn't actualy log out this
>time.

>
That's normal if you open two windows in the same browser. Cookies are
site-dependent, not window dependent. Both windows will share the same
cookies, and therefore the same session.

Well, browser (actually cookiejar) dependent... No problem having
different session in entirely different browsers having seperate cookie
storage systems/locations.

But that's not what's happening here offcourse...
--
Rik Wasmus

Estimated date being able to walk again: 01-05-2007.
Less then a week, hurray!

**Jerry Stuckle** · Apr 25 '07, 10:15 PM

Re: Session variable problem

Rik wrote:

Jerry Stuckle wrote:

>Vince Morgan wrote:

>>"Jonno" <jonattree@gnos is-consultancy.co. ukwrote in message
>>news:11775012 91.323146.24910 @s33g2000prh.go oglegroups.com. ..
>>>I am having a problem with session vars being propagated between pages
>>Ouch,, I have logged in with two different user names, on two occasions.
>>Having left the form a while to time-out on one, I refreshed and went
>>back
>>and forth to find that my username changed from the current one to the
>>previous one in front of my eyes. Though I didn't actualy log out this
>>time.

>>
>That's normal if you open two windows in the same browser. Cookies
>are site-dependent, not window dependent. Both windows will share the
>same cookies, and therefore the same session.

>
>
Well, browser (actually cookiejar) dependent... No problem having
different session in entirely different browsers having seperate cookie
storage systems/locations.
>
But that's not what's happening here offcourse...

Rik,

I did qualify it as "two windows in the same browser" :-)

--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attgl obal.net
=============== ===

**Rik** · Apr 25 '07, 10:25 PM

Re: Session variable problem

Jerry Stuckle wrote:

Rik wrote:

>Jerry Stuckle wrote:

>>Vince Morgan wrote:
>>>"Jonno" <jonattree@gnos is-consultancy.co. ukwrote in message
>>>news:1177501 291.323146.2491 0@s33g2000prh.g ooglegroups.com ...
>>>>I am having a problem with session vars being propagated between pages
>>>Ouch,, I have logged in with two different user names, on two
>>>occasions.
>>>Having left the form a while to time-out on one, I refreshed and
>>>went back
>>>and forth to find that my username changed from the current one to the
>>>previous one in front of my eyes. Though I didn't actualy log out this
>>>time.
>>>
>>That's normal if you open two windows in the same browser. Cookies
>>are site-dependent, not window dependent. Both windows will share
>>the same cookies, and therefore the same session.

>>
>>
>Well, browser (actually cookiejar) dependent... No problem having
>different session in entirely different browsers having seperate
>cookie storage systems/locations.
>>
>But that's not what's happening here offcourse...

>
Rik,
>
I did qualify it as "two windows in the same browser" :-)
>

Yeah, and followed up by 'Cookies are site-dependent'. I won't be the
one claiming cookies are not site-dependent (setting them from anything
other then a 'site' is quite cumbersome...), 't was just to clarify.

Oh, and now I'm online again & rolling (literally), I have make up for
all the weeks without posting though, so expect some hardly related
side-comments in threads the next few days :P.
--
Rik Wasmus

Estimated date being able to walk again: 01-05-2007.
Less then a week, hurray!

**Rik** · Apr 25 '07, 10:25 PM

Re: Session variable problem

Rik wrote:

I have make up for
all the weeks without posting though,

Hmmmz, I seem to be overly fond of that word 'though', here it's totally
misplaced...... .. though.

And whop, another post :P.
--
Rik Wasmus

Estimated date being able to walk again: 01-05-2007.
Less then a week, hurray!

**Vince Morgan** · Apr 26 '07, 12:55 AM

Re: Session variable problem

"Jerry Stuckle" <jstucklex@attg lobal.netwrote in message
news:WuadnTkzO9 M9NrLbnZ2dnUVZ_ gidnZ2d@comcast .com...

Vince Morgan wrote:

"Jonno" <jonattree@gnos is-consultancy.co. ukwrote in message
news:1177501291 .323146.24910@s 33g2000prh.goog legroups.com...

Hi

I never had more than one browser open at any time Jerry.

**Vince Morgan** · Apr 26 '07, 01:35 AM

Re: Session variable problem

"Jonno" <jonattree@gnos is-consultancy.co. ukwrote in message
news:1177501291 .323146.24910@s 33g2000prh.goog legroups.com...

Hi
>
I am having a problem with session vars being propagated between pages
on this site:

http://www.meettheancestors.com/sessiontest/index.php

If you enter any user id and password and click Log In (no actual
validation is performed), and then move around the other pages and/or
keep refreshing the pages it will eventually display something that is
incorrect i.e. saying your logged in when you aren't or vice versa.
The exact same code here http://ccgi.gnosis.free-online.co.uk/index.php
works fine implying a problem with the first PHP installation.
Here is the code for the 3 files:
=========== index.php =============

I only used *one* browser, and only one browser instance, .
I'll describe exactly what I did for the sake of the OP's cred. I open IE6
by clicking the first link. I enter a user name of "vincent" and some
gobblygook password containing non numeric chars. After clicking the
"Login" button a page opens with "Homepage" at the top, which shows as being
the same url, and "You are now logged in" on the line below. Below that
there is a link "Back to main page" which I then click. I get the login
page again, and a line below "Homepage" says "You are not logged in". I
then click the "Login" button again without entering anything into the
inputs. I now get the "Homepage" and the line below reads, "You are logged
in as: vincent". I then click the "Members area" link at the bottom and the
page and [http://www.meettheancestors.com/sess...bers_only.php]
opens with "Members only" at the top, and "You are logged in as vincent"
below that.
Now it gets more interesting. I click the back button and get "You are
logged in as ". I click back and forth between pages and it shows me as
either a blank user name, or "vincent". Clicking the links at the bottom of
the page and thereby going back and forth beween pages, seems to randomly
cycle me through both user names.
If I click the "Logout" button, I get another page
[http://www.meettheancestors.com/sessiontest/logout.php] "You were not
logged in, and so have not been logged out." appears. If I click back
buttons, or the links themselves, whatever, it cycles me through either
username, and when I log out it doesn't always actualy log out some times.
Hitting the members area link after logging out sometimes takes me to that
page with either of the two usernames, and sometimes not.
H o w e v e r, the second link the OP gives does not do #any# of this weird
stuff. It just works as one would expect it to. The pages look identical,
and according to the OP they are the same code.
This looks very similar to what a previous poster described on 18/04/07 in
this forum.
There is quite apparently a serious issue here IMHO.

Vince Morgan

**Jerry Stuckle** · Apr 26 '07, 03:15 AM

Re: Session variable problem

Rik wrote:

Jerry Stuckle wrote:

>Rik wrote:

>>Jerry Stuckle wrote:
>>>Vince Morgan wrote:
>>>>"Jonno" <jonattree@gnos is-consultancy.co. ukwrote in message
>>>>news:117750 1291.323146.249 10@s33g2000prh. googlegroups.co m...
>>>>>I am having a problem with session vars being propagated between
>>>>>pages
>>>>Ouch,, I have logged in with two different user names, on two
>>>>occasions .
>>>>Having left the form a while to time-out on one, I refreshed and
>>>>went back
>>>>and forth to find that my username changed from the current one to the
>>>>previous one in front of my eyes. Though I didn't actualy log out
>>>>this
>>>>time.
>>>>
>>>That's normal if you open two windows in the same browser. Cookies
>>>are site-dependent, not window dependent. Both windows will share
>>>the same cookies, and therefore the same session.
>>>
>>>
>>Well, browser (actually cookiejar) dependent... No problem having
>>different session in entirely different browsers having seperate
>>cookie storage systems/locations.
>>>
>>But that's not what's happening here offcourse...

>>
>Rik,
>>
>I did qualify it as "two windows in the same browser" :-)
>>

>
Yeah, and followed up by 'Cookies are site-dependent'. I won't be the
one claiming cookies are not site-dependent (setting them from anything
other then a 'site' is quite cumbersome...), 't was just to clarify.
>
Oh, and now I'm online again & rolling (literally), I have make up for
all the weeks without posting though, so expect some hardly related
side-comments in threads the next few days :P.

Oh, you got your skateboard back from the shop? :-)

--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attgl obal.net
=============== ===

**Jerry Stuckle** · Apr 26 '07, 03:25 AM

Re: Session variable problem

Vince Morgan wrote:

"Jerry Stuckle" <jstucklex@attg lobal.netwrote in message
news:WuadnTkzO9 M9NrLbnZ2dnUVZ_ gidnZ2d@comcast .com...

>Vince Morgan wrote:

>>"Jonno" <jonattree@gnos is-consultancy.co. ukwrote in message
>>news:11775012 91.323146.24910 @s33g2000prh.go oglegroups.com. ..
>>>Hi

I never had more than one browser open at any time Jerry.
>
>

Vince,

OK, two possibilities. You had two windows open from the same browser
(I never said you had two browser open) or you don't clear cookies when
you close your browser.

Either one will explain the symptoms you describe and is normal operation.

--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attgl obal.net
=============== ===

**Vince Morgan** · Apr 26 '07, 04:05 AM

Re: Session variable problem

"Jerry Stuckle" <jstucklex@attg lobal.netwrote in message
news:PJadnSkEWP CphK3bnZ2dnUVZ_ qvinZ2d@comcast .com...

Vince Morgan wrote:

"Jerry Stuckle" <jstucklex@attg lobal.netwrote in message
news:WuadnTkzO9 M9NrLbnZ2dnUVZ_ gidnZ2d@comcast .com...

Vince Morgan wrote:
>"Jonno" <jonattree@gnos is-consultancy.co. ukwrote in message
>news:117750129 1.323146.24910@ s33g2000prh.goo glegroups.com.. .
>>Hi

I never had more than one browser open at any time Jerry.

>
Vince,
>
OK, two possibilities. You had two windows open from the same browser
(I never said you had two browser open) or you don't clear cookies when
you close your browser.
>
Either one will explain the symptoms you describe and is normal operation.
>

Hmm, well, only one browser, and only one window.
I did try a test on this last night after clearing cookies, but to be honest
can't remember how things went then as it was getting very late.
However, there is no doubt that the two different url's played the game
entirely differently. and if the OP is not telling fibs, the code is the
same on both.
I'll have another go, clearing cookies as I go ;)
Thanks for the reply,
Vince

Session variable problem

Session variable problem

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment