Page 1 of 1

Session details gets clashed

Posted: Wed Oct 26, 2011 12:36 am
by ishakya
Hi all,
I think i'm always new to php because i got lots of things to learn.
So i have a problem.
I have two separate systems and different users logs in to this systems.When i opens those two systems and type different user names and passwords for those systems.
Site 1:user name-ABC
Site 2:user name-XYZ


After some times,I log off from the site 2,and when i checks the site 1,it's uesrname has changed in to XYZ.when i click on a page in site 1,site 1's session are expired and directs me to the index page. :banghead:
i think that is a problem when we come to the real world.
So is there any way to prevent that???
Hope everyone got the idea...
Waiting for your quick reply.Thanks in advance

Re: Session details gets clashed

Posted: Wed Oct 26, 2011 1:27 am
by Mordred
Do you mean that this happens on localhost? May be cookies overwriting each other, hard to tell without seeing your login code.

Re: Session details gets clashed

Posted: Wed Oct 26, 2011 6:29 am
by ishakya
No this happens in the server also.
This the login code

Code: Select all

<?php 
if (!isset($_SESSION)) {
  session_start();
}
require_once('library/myconn.php');
require_once('library/functions.php');

// *** Validate request to login to this site.
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['uname'])) {
  $loginUsername=$_POST['uname'];
  $password=$_POST['pword'];
  
  /*$redirectLoginSuccess_sadmin = "user/sadmin_home.php";
  $redirectLoginSuccess_admin = "user/home.php";
  $redirectLoginSuccess_user = "user/user_home.php";
  $redirectLoginSuccess_client = "user/client_home.php";*/
  
  $redirectLoginSuccess_sadmin = "import/add_job.php";
  
  $redirectLoginFailed = "index.php";
   
   
$LoginRS__query=sprintf("SELECT * FROM tbl_com_user WHERE user_uname=%s AND user_pword=%s",GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
$LoginRS = mysql_query($LoginRS__query, $myconn) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
//$rowent = mysql_fetch_array($LoginRS);
//$user_level=$rowent[8];

//Get the user level


if ($loginFoundUser) {
	$r=mysql_fetch_assoc($LoginRS);
  //declare session variables and assign them
   	$_SESSION['s_username'] = $r['user_uname'];
	$_SESSION['s_userpword'] = $r['user_pword'];
	$_SESSION['s_mytimezone'] = $r['user_timezone'];
	$_SESSION['s_user_id']= $r['user_id'];
	$_SESSION['s_my_com_id']= $r['my_com_id'];
	$_SESSION['s_user_email']= $r['user_email'];
	$_SESSION['s_user_level']= $r['user_level'];
	$_SESSION['s_user_tel']= $r['user_tel'];

  header("Location: ". $redirectLoginSuccess_sadmin);
	
	
	/*if($_SESSION['s_user_level']=="sadmin"){
	  header("Location: ". $redirectLoginSuccess_sadmin);
	}
	if($_SESSION['s_user_level']=="admin"){
	  header("Location: ". $redirectLoginSuccess_admin);
	}
	if($_SESSION['s_user_level']=="user"){
	  header("Location: ". $redirectLoginSuccess_user);
	}
	if($_SESSION['s_user_level']=="client"){
  	header("Location: ". $redirectLoginSuccess_client);
	}*/
	
	
 }
 else {
 header("Location: ". $redirectLoginFailed );
	//header("Location: import/add_job.php");
	
 }
}
?>
This part is the functionality part.when i log off from the site1,site 2's sessions are get crashed.What will happen if we use separate company id to track the session??
I'm just asking....... :(
please help me to solve this up
Thanks in advance

Re: Session details gets clashed

Posted: Wed Oct 26, 2011 8:20 am
by social_experiment
ishakya wrote:I have two separate systems and different users logs in to this systems.
This is on two seperate workstations as well?