Some session trouble

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
krept
Forum Newbie
Posts: 7
Joined: Mon Mar 03, 2008 11:53 am

Some session trouble

Post by krept »

Hi there, I'm grateful for discovering this forum, and I hope you guys can help me solve a few problems here.
I've got a script on my website http://www.criticaldepth.net where users can upload their original music, through the site, it automatically renames the filename and adds it to a mysql database which an embedded flash mp3 player will play the songs. I've also created a delete music option where the members can delete certain songs they want to. My problem is, the page they visit to delete the songs lists all of there songs as a link with "Delete" at the end of the link.
This works fine when you login and visit the page, but say i was to visit another person's profile. These profiles are in the format of http://www.criticaldepth.net/index.php? ... ile&uid=25
Somehow this seems to be setting the userid to 25 or whatever you click on. Which means, when someone is logged in on their own user account and want to delete a song, it displays the songs from userid 25. This is not acceptable, as they're accessing other people's music.

The delete music code can be found here:

Code: Select all

<?php include ('../includes/DBConnect.php'); 
$userid = $_SESSION['userid'];
 
echo ("<strong>");
echo $_SESSION['artist_name'];
echo (" Delete tracks: <br /><br /></strong>");
if(!isset($cmd)) 
{
 
   $result = mysql_query("select * from tracks where userid='$userid' order by title"); 
 
   while($r=mysql_fetch_array($result)) 
   { 
 
      $title=$r["title"];
      $trackid=$r["trackid"];
     
 
      echo "<a href='editmusic.php?cmd=delete&trackid=$trackid'>$title - Delete</a>";
      echo "<br>";
    }
}
 
?>
<?
if($_GET["cmd"]=="delete")
{
 
$creator = mysql_result(mysql_query("Select creator from tracks where trackid = $trackid;"),'creator');
$title = mysql_result(mysql_query("Select title from tracks where trackid = $trackid;"),'title');
$filepath = "audio/uploads";
$buffer = $filepath."/".$creator."-".$title.".mp3";
$buffer = str_replace(" ", "", $buffer );
 
chmod($buffer,0777);
if(is_writable($buffer)){ unlink($buffer); } else { echo 'cannot delete file'; }
 
$sql = "DELETE FROM tracks WHERE trackid=$trackid";
$result = mysql_query($sql);
 
echo "Song Deleted!";
} ?>
 

I also have a profile page which seems to be setting the global userid variable which can be found here:

Code: Select all

$userid = $_GET['uid'];
 
 
include ('../includes/DBConnect.php'); 
 
$userprofile = mysql_fetch_array(mysql_query("Select * from users where userid='$userid'"));
 
if (!$userid) { header( 'Location: http://www.criticaldepth.net/music.php' ) ;}
And then the music page:

Code: Select all

<?
include ('../includes/DBConnect.php'); 
$usernames = mysql_query("Select userid,username,artist_name from users where user_level > 1 Order by username");
if ($username = mysql_fetch_array($usernames))
{
do
{
$usernameURL=str_replace(' ','_',str_replace("'",'',str_replace('&','and',$username['username'])));
echo '<a href="http://www.criticaldepth.net/index.php?page=profile&uid='.$username['userid'].'">'.$username['artist_name'].'</a><br />';
} while ($username = mysql_fetch_array($usernames));
}
?>
I can explain in much more detail and give more examples if need be, please help me out as this site is taking a long time to complete and I'm very close to finishing. Thanks for the help!
Kevin
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: Some session trouble

Post by Christopher »

You need to have called session_start() before you can use $_SESSION.
(#10850)
krept
Forum Newbie
Posts: 7
Joined: Mon Mar 03, 2008 11:53 am

Re: Some session trouble

Post by krept »

yes, session_start(); is called in my index page
kryles
Forum Contributor
Posts: 114
Joined: Fri Feb 01, 2008 7:52 am

Re: Some session trouble

Post by kryles »

It has to be used in every page you want sessions to be used.
krept
Forum Newbie
Posts: 7
Joined: Mon Mar 03, 2008 11:53 am

Re: Some session trouble

Post by krept »

when i put session_start(); on this page i get a white page.
krept
Forum Newbie
Posts: 7
Joined: Mon Mar 03, 2008 11:53 am

Re: Some session trouble

Post by krept »

ok i take that back, had a different error causing that, but it still won't display the correct titles when session_start(); is included.
kryles
Forum Contributor
Posts: 114
Joined: Fri Feb 01, 2008 7:52 am

Re: Some session trouble

Post by kryles »

I know other people may not like the idea but can you post the complete page with the html/php? I'm curious :D
krept
Forum Newbie
Posts: 7
Joined: Mon Mar 03, 2008 11:53 am

Re: Some session trouble

Post by krept »

Code: Select all

<?php
$title = 'edit music'; ?>
<?php
 session_start(); 
 
$nav = '<div id="navigation" style="margin-left: 10px;"><br /><ul id="navigation">
 
    <li id="home"><a href="index.php?page=home"><span>home</span></a></li>
 
    <li id="about"><a href="index.php?page=about"><span>about</span></a></li>
 
    <li id="music"><a href="index.php?page=music" class="on"><span>music</span></a></li>
 
    <li id="press"><a href="index.php?page=press"><span>press</span></a></li>
 
    <li id="links"><a href="index.php?page=links"><span>links</span></a></li>
 
    <li id="contact"><a href="index.php?page=contact"><span>contact</span></a></li>
 
</ul></div>'; ?>
 
<?php
session_start();
include ('header.php'); 
?>
</div>
 
<div class="musicid"><img src="images/music.png" alt="home" height="66" /></div>
<div class="content" id="content"><div class="contrest" id="contrest"><br />
<strong>Edit Music</strong><br/>
<?php include ('../includes/DBConnect.php'); 
$userid = $_SESSION['userid'];
 
echo ("<strong>");
echo $_SESSION['artist_name'];
echo (" Delete tracks: <br /><br /></strong>");
if(!isset($cmd)) 
{
 
   $result = mysql_query("select * from tracks where userid=".intval($_SESSION['userid'])." order by title");
 
   while($r=mysql_fetch_array($result)) 
   { 
 
      $title=$r["title"];
      $trackid=$r["trackid"];
     
 
      echo "<a href='editmusic.php?cmd=delete&trackid=$trackid'>$title - Delete</a>";
      echo "<br>";
    }
}
 
?>
<?
if($_GET["cmd"]=="delete")
{
 
$creator = mysql_result(mysql_query("Select creator from tracks where trackid = $trackid;"),'creator');
$title = mysql_result(mysql_query("Select title from tracks where trackid = $trackid;"),'title');
$filepath = "audio/uploads";
$buffer = $filepath."/".$creator."-".$title.".mp3";
$buffer = str_replace(" ", "", $buffer );
 
chmod($buffer,0777);
if(is_writable($buffer)){ unlink($buffer); } else { echo 'cannot delete file'; }
 
$sql = "DELETE FROM tracks WHERE trackid=$trackid";
$result = mysql_query($sql);
 
echo "Song Deleted!";
}
?>
            </div>
<br><br>
</div></div>
 
<?php
include ('footer.php');
?>
 
there it is :)
User avatar
SpecialK
Forum Commoner
Posts: 96
Joined: Mon Sep 18, 2006 3:49 pm

Re: Some session trouble

Post by SpecialK »

I can't outright see any problem, but the fact that you are using $userid as both a session login and a uid may be some of the area of problem.

On another note "editmusic.php?cmd=delete&trackid=$trackid'" doesn't look to be stopped if someone was to just put in a number. It won't output the list of files to delete, but then if the cmd is set, like it is to delete, then it appears to delete the file outside of the validation of the user session. I think that needs to be protected as a querystring change could delete someone elses file without that validation.
krept
Forum Newbie
Posts: 7
Joined: Mon Mar 03, 2008 11:53 am

Re: Some session trouble

Post by krept »

i agree, i'm not exactly the most knowledgeable programmer, i'm just a musician trying to hack up a site :( any help would be greatly appreciated
User avatar
Zoxive
Forum Regular
Posts: 974
Joined: Fri Apr 01, 2005 4:37 pm
Location: Bay City, Michigan

Re: Some session trouble

Post by Zoxive »

Code: Select all

<?php
$title = 'edit music'; ?>
<?php
session_start();
Why do you close php, then open it up again? This could be causing white space to be sent before sesison_start is called, and sesison_start needs to be called before anything is output to the browser.

Code: Select all

<?php
$title = 'edit music';
 
session_start();

Error Reporting Is your Friend.

Code: Select all

ini_set('display_errors',true);
error_reporting(E_ALL);
 
krept
Forum Newbie
Posts: 7
Joined: Mon Mar 03, 2008 11:53 am

Re: Some session trouble

Post by krept »

i've narrowed the problem down to just being the userid set by clicking on that link
even now when i
echo $_SESSION['userid'];

it doesn't show the userid logged in the session, it shows the userid of whatever profile you just clicked on.
Post Reply