Page 1 of 1

Session behaviour bizarre to newbie

Posted: Sun Nov 28, 2004 3:07 am
by bradles
Hi All,

I have an image gallery working for my clients to login and view their portraits. I'm just testing it on my local server at the moment but I am getting some bizarre results with my little experience with sessions.

I have setup galleries for two clients that both contain an 'images' and 'thumbnails' folder. EG.,
clients/smith/images
clients/smith/thumbnails
clients/jones/images
clients/jones/thumbnails

The script retrieves the paths to the appropriate user depending on who logs in. Problem is that when I test it on my local machine and say login as 'smith', I can see some of 'jones' images. :lol: :? 8O
Do I have to set a unique session variable for each user or something?

I'm trying to do a little research/reading on sessions now with the manual but didn't know if this was a common problem that may be blindingly obvious to solve. Any ideas would be greatly appreciated.

Brad.

Posted: Sun Nov 28, 2004 3:27 am
by rehfeld
post the code

Posted: Sun Nov 28, 2004 3:52 am
by bradles
Ok...here goes - sorry for two large scripts. I included my login.php script and my previews.php script that shows a particular client's images.

Client one has 323 images in their folder. At 12 images per page on the preview page that translates to 27 pages of images.
Client two has 421 images that translates to 36 pages of images.

Using a Firefox browser I log into client ONE and see 27 pages available. I then open a new tab in firefox and log into client TWO and see only 27 pages available when there should be 36 pages.

In IE6 this doesn't happen because I have to open up a new window to log into client TWO after loggin in to client ONE. But when I use firefox, log into client ONE, open a new window and log into client TWO I have the problem above where client TWO should have 36 pages but only shows 27 pages.

Once again, sorry for the code.

my login script:

Code: Select all

<?
session_start();
include("../db.php");
include("common.php");

$msg = "";

if (isset($_POST['login']))
{
	
	$username = $_POST['username'];
	$password = md5($_POST['password']);
	
	$result = mysql_query("Select * From users where username='$username'",$link);
	
	if(mysql_num_rows($result)>0)
	{
		$row = mysql_fetch_array($result, MYSQL_BOTH);
		
		//Ensure password is correct.
		if($password == $row["password"]) 
		{
			//Ensure viewing date is still open.
			if (GetTimeStamp(date("Y-m-d")) <= GetTimeStamp($row['viewing_expiry'])) { 
				
				//Setup the session variables.
				$_SESSION['logged_in'] = true;
				$_SESSION['username'] = $username;
				$_SESSION['groom_name'] = $row['groom_name'];
				$_SESSION['bride_name'] = $row['bride_name'];
				$_SESSION['thumbpath'] = $row['thumbpath'];
				$_SESSION['imagepath'] = $row['imagepath'];
				$_SESSION['splashpic'] = $row['splashpic'];
				
				$_SESSION['viewing_expiry'] = GetTimeStamp($row['viewing_expiry']);
				$_SESSION['current_date'] = GetTimeStamp(date("Y-m-d"));
				header("Location: previews.php");
				
			} else {
				$msg = "Unfortunately your viewing session has expired.<br>
					Please contact the studio if you wish to apply for an extension."; 
			}
				
			

		}
		else
		{
			$msg = "Password incorrect";
		}
	}
	else
	{
		$msg = "Username incorrect";
    }

}
?>

<html>
<head>
<title>Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<p align="center"><strong>Client Login</strong></p>
<form name="form1" method="post" action="">
  <p align="center"><font size="1" face="Verdana, Arial, Helvetica, sans-serif">Please 
    enter your username and password to login</font></p>
  <table width="48%" border="1" align="center" cellpadding="1" cellspacing="1" bordercolor="#000000">
    <tr bgcolor="#CCCCCC"> 
      <td colspan="2"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong>Login 
        here</strong></font></td>
    </tr>
    <tr> 
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Username</font></td>
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
        <input name="username" type="text" id="username">
        </font></td>
    </tr>
    <tr> 
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Password</font></td>
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
        <input name="password" type="password" id="password">
        </font></td>
    </tr>
    <tr> 
      <td>&nbsp;</td>
      <td>
      	<input type="submit" name="login" value="Login">
      	
      </td>
    </tr>
  </table>
<p>&nbsp;</p></form>
<p style="text-align:center"> <?php if (isset($msg)) { echo $msg; } ?> </p>
</body>
</html>
preview.php script to show the particular client's images:

Code: Select all

<?
include("../db.php");
include("common.php");
include_once("pagination.inc.php");

//Ensure user is logged in.
checklogin();

// ################ VARIABLE SETUP ################
$thumbs_folder			= $_SESSION['thumbpath'];

$maxperpage				= '12'; // Maximum number of images to be displayed

$display_order			= 'ascending';	// ascending, descending

$thumbs 				= array(); 				//array for images in thumbnails folder
$extentions 			= array('jpg','jpeg','JPG', 'JPEG'); 	//valid file extensions

//Paths
$site_path = $_SERVER['HTTP_HOST'] == 'localhost' ? 'G:/ApacheServer/PHPTESTS' : $_SERVER['DOCUMENT_ROOT'];
$thumbnailpath = $site_path . "/" . $thumbs_folder . "/";
// ################ END VARIABLE SETUP ################


//Retrieve images into an array if not already done so.
if(!isset($_SESSION['thumbs']) || count($_SESSION['thumbs']) < 1){
	//Put the thumbnail images into an array
	$dh = opendir($thumbnailpath); 
	   while(($file = readdir($dh)) !== false) { 
		  // check if it's a file, and it has a valid extension 
		  if (is_file($thumbnailpath . $file) && in_array(substr($file, -3), $extentions)) { 
			 // add image to array 
			 $thumbs[] = $file; 
		  } 
	   } 
	closedir($dh);
	
	// Sort the $thumbs array in the order chosen from the user settings
	if (is_array($thumbs)) {
		if ($display_order == "ascending") {
			sort($thumbs);
		} else {
			rsort($thumbs);
		}
	}
	
	$_SESSION['thumbs'] = $thumbs; //put thumbs array into session.
	
} else { //if $_SESSION['thumbs'] is set.
	$thumbs = $_SESSION['thumbs'];
}

// Get page number. If it doesn't exist set page = 1
if(!isset($_GET['page'])){
	$page = 1;
} else { //If page is set
	$page = $_GET['page'];
}

//Create Pagination object
$pagination = new pagination( count($_SESSION['thumbs']), $maxperpage, $page, 10, $_SERVER['PHP_SELF'] );
?>

<html>
<link href="stylesheet2.css" rel="stylesheet" type="text/css">
<body>
<!-- Header -->
<? include 'previews_header.inc.php'; ?>

<!-- Navigation Links -->
<? include 'navigation.inc.php'; ?>

<!-- Start of Gallery -->
<!-- Pagination Links -->
<table class="gray" width="760" align="center" bordercolor="#666666" border="1" cellspacing="0" cellpadding="5" style="BORDER-COLLAPSE: collapse">
	<tr>
		<td colspan="3" align="left">
			<? $pagination->show_links(); ?>
		</td>
	</tr>
	
	<!-- Gallery -->
	<?
	$counter = $pagination->first;
	for ( $y = 0; $y <=3; $y++ ) {
		echo "<tr>\n";
		//Column Setup
		for ( $x = 0; $x <=2; $x++ ) {
			echo "<td align="center" width="33.3333333%">\n";
			echo "<div style="margin: 10px 0px 10px 0px; padding: 0px; height: 120px;">\n";
			//Image gets put here.
			if ( $counter < $pagination->last ) {
				//echo '<a href="details.php?image=' . $counter . '"><img src="' . $thumbs_folder . '/' . $thumbs[$counter] . '" style="border:1px solid #000"/></a>' . "\n";
				echo '<a href="details.php?image=' . $counter . '"><img src="getpic.php?type=thumb&pic=' . $thumbs[$counter] . '" style="border:1px solid #000"/></a>' . "\n";
				echo "</div>\n";
				echo "<b>$thumbs[$counter]</b><br>\n";
				echo "<span class="copyright">Copyright &copy; 2004 Printed Visions</span><br>\n";
				echo '<a class="navigation" href="details.php?image=' . $counter . '">View/Order</a>' . "\n";
			} else {
				echo "</div>\n";
			}

			echo "</td>\n";
			$counter++;
		}
	}
	?>
	<!-- END HERE -->
	
	<!-- Pagination Links -->
	<tr>
		<td colspan="3" align="left">
			<? $pagination->show_links(); ?>
		</td>
	</tr>
</table>

<? include 'previews_footer.inc.php'; ?>


<? 

echo '<pre>';
echo print_r($_SESSION); 
echo '</pre>';

?>
</body>
</html>

Posted: Sun Nov 28, 2004 3:57 am
by bradles
I think the session is being shared with both connections as I have client TWO's images on client ONE's preview page.