PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
$query_member_details=mysql_query("SELECT * FROM members WHERE member_email_id='$member_email_id' AND member_password='$member_password' AND member_flag=1 AND confirm_flag='YES'");
if(mysql_num_rows($query_member_details) > 0)
{
$fetch_member_details=mysql_fetch_array($query_member_details);
$member_id=$fetch_member_details['member_id'];
session_start();
$_SESSION['member_id']=$member_id;
header("Location:".SITE_URL);
}
else
{
$message='Invalid Login';
}
<?php
require_once('general/require_once.php');
session_start();
$member_id=$_SESSION['member_id'];
//rest of the code
If i login as 'member_a' (assume member exists) and echo the id, i am getting the correct id of member_a. If i do not signout and go to admin and delete member_a and if i refresh member_a's page the first member's id is displayed. How to solve this.
$query_member_details=mysql_query("SELECT * FROM members WHERE member_email_id='$member_email_id' AND member_password='$member_password' AND member_flag=1 AND confirm_flag='YES'");
SELECT * FROM members WHERE member_email_id='shivam0101@gmail.com' AND member_password='shivam' AND member_flag=1 AND confirm_flag='YES'
The problem is in other pages. Once i login and go to a page, then delete the user by either opening another window or manually in the database and then i refresh the page i am getting the first members id (i can understand since i deleted i wont be able to see my id, but why i am seeing other member id in session?)
For example:
1. member_a id is 10
2. member_a logs in - he is able to see his id - 10.
3. Opens another window and login as admin and delete member_a OR delete member_a directly by opening DB
4. Refresh member_a's home page or any other page - the member id is some other person's member_id (first member's)
$query_member_details=mysql_query("SELECT * FROM members WHERE member_email_id='$member_email_id' AND member_password='$member_password' AND member_flag=1 AND confirm_flag='YES'") or die(MySQL_error());