Hello,
I have a file called header.php, which I include at the beginning of every file:
The variable $_SESSION['name'] is being set after a successful login via login.php:
Everything runs fine so far. However, I have recently written a script which allows the admin to "edit" the data and utilize the name variable again.
Interestingly, when the admin clicks on a row (op=edit&aid=$aid), the name of the agency is being pulled from the db with $name = $row[name]; and the weird thing happens. Go back to header.php, where $_SESSION['name'] is displayed, instead of my $_SESSION['name'] variable, the $name = $row[name] is displayed! Ah, and the $_SESSION['surname'] is not displayed either. So, something resets or overrides these $_SESSION variables.
Why could this happen? I thought session variables were immune to anything until I change them manually. Any ideas from the pros here?
I have a file called header.php, which I include at the beginning of every file:
PHP Code:
<?php
session_start();
?>
<html>
<head>
<title>Welcome</title>
</head>
<body>
<?php
if ($_SESSION['logged_in'] == 1) {
echo 'Welcome <strong>'.$_SESSION['name'].' '.$_SESSION['surname'].'</strong> | ';
echo '<a href="logout.php" onClick="return AskLogOut()">Logout</a> ';
} else {
echo '<a href="login.php">Login</a> ';
}
?>
Rest of file...
PHP Code:
<?php
$username = $_POST['username'];
$password = $_POST['password'];
include ("db.php");
$sql = mysql_query("SELECT * FROM members WHERE username='$username' AND password='$password'");
$login_check = mysql_num_rows($sql);
if($login_check == 1) {
while($row = mysql_fetch_array($sql)) {
foreach ($row AS $key => $val) {
$$key = stripslashes($val);
}
}
// session baslat
session_start();
// session degiskenleri
$_SESSION['logged_in'] = 1;
$_SESSION['id'] = $ID;
$_SESSION['username'] = $_POST['username'];
$_SESSION['email'] = $email;
$_SESSION['password'] = $_POST['password'];
$_SESSION['name'] = $name;
$_SESSION['surname'] = $surname;
} else {
echo "Login not successful. Go back and try again";
}
?>
PHP Code:
<?php
// part of the script
if($op == "edit") {
$aid = $_REQUEST['aid'];
include ("../db.php");
$result = mysql_query("SELECT name,date,lastupdate,active FROM agencies WHERE ID=$aid") or die(mysql_error());
$row = mysql_fetch_array($result);
$name = $row[name];
$active = $row[active];
$date = $row[date];
$lastupdate = $row[lastupdate];
include("header.php");
DisplayEditAgencyForm();
include("footer.php");
exit();
}
?>
Why could this happen? I thought session variables were immune to anything until I change them manually. Any ideas from the pros here?
Comment