Page 1 of 1
cant update session id after success login
Posted: Tue Apr 05, 2011 11:02 am
by liyun88
hi,i face some problem that after success login to the page but the seesion id not update at all..isnt my coding is wrong??
can anyone help me??thanks in advance..
Code: Select all
<?php
session_start();
include 'application.php';
$id = $_REQUEST['id'];
$username = $_REQUEST["username"];
$password = $_REQUEST["password"];
$query = 'SELECT * FROM register WHERE username = "'. mysql_real_escape_string($username) . '"';
$result = mysql_query($query);
if ($data = mysql_fetch_object($result))
{
$_SESSION['dbhash'] = $data->password;
$_SESSION['checkhash'] = md5($password);
if(md5($password) == $data->password)
{
$_SESSION["login"] = true;
$_SESSION["username"] = $data->username;
$_SESSION["id"] = $data->id;
if(mysql_num_rows($result) == 1){
$user = mysql_fetch_assoc($result);
$query_update = 'UPDATE register SET session_id = "' . session_id() . '" WHERE id = "' . $user['id'] . '" LIMIT 1';
mysql_query($query_update);
}
}
}
redirect('home.php');
?>
Re: cant update session id after success login
Posted: Tue Apr 05, 2011 11:48 am
by social_experiment
Code: Select all
$_SESSION["login"] = true;
$_SESSION["username"] = $data->username;
What about these session variables, are they set?
Re: cant update session id after success login
Posted: Tue Apr 05, 2011 12:43 pm
by liyun88
social_experiment wrote:Code: Select all
$_SESSION["login"] = true;
$_SESSION["username"] = $data->username;
What about these session variables, are they set?
i think is they set..these session is used to access other page after login..
Re: cant update session id after success login
Posted: Tue Apr 05, 2011 4:22 pm
by social_experiment
What is displayed if you echo $_SESSION['id']?
Re: cant update session id after success login
Posted: Tue Apr 05, 2011 7:59 pm
by liyun88
social_experiment wrote:What is displayed if you echo $_SESSION['id']?
it displayed the id retrieval from database..
but the session_id is not updated at all...
how to solve it??
Re: cant update session id after success login
Posted: Wed Apr 06, 2011 10:50 am
by social_experiment
Code: Select all
$query = 'SELECT * FROM register WHERE username = "'. mysql_real_escape_string($username) . '"';
//
$_SESSION["login"] = true;
$_SESSION["username"] = $data->username;
What fields are inside the 'register' table? Since other session variables are set it's not a session problem, it's also not a problem with the condition (md5($password) == $data->password) or the other values wouldn't be set either, trying to help you here

Re: cant update session id after success login
Posted: Wed Apr 06, 2011 11:17 am
by liyun88
social_experiment wrote:Code: Select all
$query = 'SELECT * FROM register WHERE username = "'. mysql_real_escape_string($username) . '"';
//
$_SESSION["login"] = true;
$_SESSION["username"] = $data->username;
What fields are inside the 'register' table? Since other session variables are set it's not a session problem, it's also not a problem with the condition (md5($password) == $data->password) or the other values wouldn't be set either, trying to help you here

my register table gt id,name,username,gender,phone,password,email,address,session_id,date_registered..
i try many different way still cant update the session_id..
thanks for ur help..
Code: Select all
<?php
session_start();
include 'application.php';
$id = $_REQUEST['id'];
$username = $_REQUEST["username"];
$password = $_REQUEST["password"];
$query = 'SELECT * FROM register WHERE username = "'. mysql_real_escape_string($username) . '"';
$result = mysql_query($query);
if ($data = mysql_fetch_object($result))
{
$_SESSION['dbhash'] = $data->password;
$_SESSION['checkhash'] = md5($password);
if(md5($password) == $data->password)
{
$_SESSION["login"] = true;
$_SESSION["username"] = $data->username;
$_SESSION["id"] = $data->id;
if(mysql_num_rows($result) == 1){
$user = mysql_fetch_assoc($result);
$query_update = 'UPDATE register SET session_id = "' . session_id() . '" WHERE id = "' . $user['id'] . '" LIMIT 1';
mysql_query($query_update);
}
}
}
redirect('home.php');
?>
Re: cant update session id after success login
Posted: Wed Apr 06, 2011 11:36 am
by danwguy
try this, I think you are saying that your update sql statement isn't updating the database with the new session id. I think this will solve your problem...
Code: Select all
$query_update = 'UPDATE register SET session_id = "' . $_SESSION['id'] . '" WHERE id = "' . $user['id'] . '" LIMIT 1';
Re: cant update session id after success login
Posted: Wed Apr 06, 2011 11:46 am
by liyun88
danwguy wrote:try this, I think you are saying that your update sql statement isn't updating the database with the new session id. I think this will solve your problem...
Code: Select all
$query_update = 'UPDATE register SET session_id = "' . $_SESSION['id'] . '" WHERE id = "' . $user['id'] . '" LIMIT 1';
i just try ur suggestion..but still the same problem..
not update at all..
how can solve them??
Re: cant update session id after success login
Posted: Wed Apr 06, 2011 11:53 am
by danwguy
Are you trying to update the session id in the $_SESSION['id'] or are you trying to update it in mysql? when you echo $_SESSION['id'] do you get it displayed?
Re: cant update session id after success login
Posted: Wed Apr 06, 2011 12:19 pm
by liyun88
danwguy wrote:Are you trying to update the session id in the $_SESSION['id'] or are you trying to update it in mysql? when you echo $_SESSION['id'] do you get it displayed?
actually i wanna update the session_id in my sql..
Code: Select all
<?php
session_start();
include 'application.php';
$id = $_REQUEST['id'];
$username = $_REQUEST["username"];
$password = $_REQUEST["password"];
$query = 'SELECT * FROM register WHERE username = "'. mysql_real_escape_string($username) . '"';
$result = mysql_query($query);
if ($data = mysql_fetch_object($result))
{
$_SESSION['dbhash'] = $data->password;
$_SESSION['checkhash'] = md5($password);
if(md5($password) == $data->password)
{
$_SESSION["login"] = true;
$_SESSION["username"] = $data->username;
$_SESSION["id"] = $data->id;
if(mysql_num_rows($result) == 1){
$user = mysql_fetch_assoc($result);
$query_update = 'UPDATE register SET session_id = "' . session_id() . '" WHERE id = "' . $user['id'] . '" LIMIT 1';
mysql_query($query_update);
}
}
}
redirect('home.php');
?>
Re: cant update session id after success login
Posted: Wed Apr 06, 2011 2:32 pm
by danwguy
Do this and tell me what you get...
Code: Select all
<?php
session_start();
include 'application.php';
$id = $_REQUEST['id'];
$username = $_REQUEST["username"];
$password = $_REQUEST["password"];
$query = 'SELECT * FROM register WHERE username = "'. mysql_real_escape_string($username) . '"';
$result = mysql_query($query);
if ($data = mysql_fetch_object($result))
{
$_SESSION['dbhash'] = $data->password;
$_SESSION['checkhash'] = md5($password);
if(md5($password) == $data->password)
{
$_SESSION["login"] = true;
$_SESSION["username"] = $data->username;
$_SESSION["id"] = $data->id;
}
}
echo $_SESSION['id'];
Re: cant update session id after success login
Posted: Wed Apr 06, 2011 8:55 pm
by liyun88
danwguy wrote:Do this and tell me what you get...
Code: Select all
<?php
session_start();
include 'application.php';
$id = $_REQUEST['id'];
$username = $_REQUEST["username"];
$password = $_REQUEST["password"];
$query = 'SELECT * FROM register WHERE username = "'. mysql_real_escape_string($username) . '"';
$result = mysql_query($query);
if ($data = mysql_fetch_object($result))
{
$_SESSION['dbhash'] = $data->password;
$_SESSION['checkhash'] = md5($password);
if(md5($password) == $data->password)
{
$_SESSION["login"] = true;
$_SESSION["username"] = $data->username;
$_SESSION["id"] = $data->id;
}
}
echo $_SESSION['id'];
after i try these code,i get the result is id from the register table...