0

Hi members.
I am working on a couple of pages that present me with the same problem.
I have set up a log in that puts member data into a session variable. Then the logged in member proceeds to alter some of their own data using a form, and the data is posted to a mySql database.
Then the member goes to a new page where there is a form that is set up using the session variables. The problem is that because the member has changed his own data, the existing session variables are out of date. If the member logs out and then logs back in, there is no problem, but this is hardly a solution.
Can anyone suggest a way of refreshing session variables without logging out.
Typical code follows for the member login (though more session variables are created than are shown here).

<?php
session_start();
if ($_POST['password']) {
//Connect to the database 
include_once "demo_conn.php";
$email = stripslashes($_POST['payer_email']);
$email = strip_tags($email);
$email = mysql_real_escape_string($email);
$password = preg_replace("/[^A-Za-z0-9]/", "", $_POST['password']); // filter everything but numbers and letters
$password = md5($password);
// Make query and then register relevant database data into SESSION variables.
$sql = mysql_query("SELECT * FROM members WHERE payer_email='$email' AND password='$password' AND signedup='1'"); 
$login_check = mysql_num_rows($sql);
if($login_check > 0){ 
    while($row = mysql_fetch_array($sql)){ 
        // Get member data into a session variable
        $id = $row["recid"];   
        session_register('recid'); 
        $_SESSION['recid'] = $id;
// etc,
?>

The member then goes to a page where he alters the names of some student groups.
This works fine.

<?php
session_start(); 
// Run a login check
if (!isset($_SESSION['recid'])) { ?>
<html>
<tr>
  <td>&nbsp;
    <p>&nbsp;
    <p>&nbsp;
    <p></td>
</tr>
<table align="center" border="1" width="400" height="200">
    <td align="center" valign="center">You need to <a href="login_edit_grp_info.php">log in</a> as an administrator to <br />
      access your account.</td>
</table>
</html>
   <?php exit(); 
}
$errorMsg1="";
//Connect to the database
include_once "demo_conn.php";
// Place Session variable 'recid' into local variable
	$recid 		 = $_SESSION['recid'];
	$username    = $_SESSION['name'];
	$school    = $_SESSION['college'];
if ($_POST['group1']) {
    $group1 = $_POST['group1'];
	$egroup1 = 'egroup1';
	$group1 = preg_replace("/[^A-Za-z0-9]/", "", $_POST['group1']); // filter everything but numbers and letters
	
if ($_POST['group2']){
	unset($group2);	
	$group2 = $_POST['group2'];
	$egroup2 = 'egroup2';
	$group2 = preg_replace("/[^A-Za-z0-9]/", "", $_POST['group2']); // filter everything but numbers and letters	
	} else {
		$sql_check = mysql_query("SELECT * FROM users WHERE egroup='egroup2' AND managerId='$recid'");
		$exist_check = mysql_num_rows($sql_check);
			if ($exist_check > 0) { 
			$result = mysql_query("SELECT COUNT(*) FROM users WHERE egroup='egroup2' AND managerId='$recid'"); 
			$row = mysql_fetch_array($result, MYSQL_NUM);			
			echo  "<u ><font color=\"#990000\">ERROR:</u><br />You have attempted to delete the second Group Name but it contains {$row[0]} student name/s. <br \>Are you sure that you want to delete this group?<br \>If so, please relocate the student/s into another group first. <br \><p>Alternatively, you can rename the group without relocating any students.</font>"; 
?>
			<p><FORM><INPUT TYPE="button" VALUE="GO BACK" onClick="history.go(-1);return true;"> </FORM>
<?php
			exit();
			}
			}
							
	
	$sql = mysql_query("UPDATE members SET group1='$group1', egroup1='$egroup1', group2='$group2', egroup2='$egroup2' WHERE recid='$recid'"); 
	        $sql = mysql_query("UPDATE users SET userGroup='$group1' WHERE managerId='$recid' AND egroup='egroup1'");
		    $sql = mysql_query("UPDATE users SET userGroup='$group2' WHERE managerId='$recid' AND egroup='egroup2'");

    echo 'Your group names have been updated.<br /><br />
To return to your editing page, <a href="member.php">click here</a>';
exit();
 }
}// close if post
?>
<?php
// Query member data from the database and ready it for display. Typical query here but longer than what follows
$sql = mysql_query("SELECT group1, egroup1, group2, egroup2 egroup6 FROM members WHERE recid='$recid' LIMIT 1");
while($row = mysql_fetch_array($sql)){
//more typical code follows than is displayed here
$group1 = $row['group1'];
$group2 = $row['group2'];
//more typical code follows than is displayed here
$egroup1 = $row['egroup1'];
$egroup2 = $row['egroup2'];

}
?>

Then the member goes to a page where he enters some student names against the new group names, but the problem here is that the new group names do not display unless the member logs out and then logs in again.
Hope someone can suggest a solution.
Sorry about all the code, but it's difficult to explain otherwise.

4
Contributors
5
Replies
11
Views
6 Years
Discussion Span
Last Post by vaibhav1983
0

Why don’t you change also the e-mail in session when user change it and you update db ?. If you don’t keep e-mail in session you could start keeping it or you could just re select users data from db in each page.

0

Its a very easy solution.

Suppose in your session variable you have set up like

$_SESSION=<value_from_db>

Now when you POST the new age in the form as 24

you want the $_SESSION to be updated as 24.
Then on the server side when you check for your $_POST being set you can straight away update the value of $_SESSION as

$_SESSION = $_POST

Please correct me if I have interpreted the problem differently...

0

Its a very easy solution.

Suppose in your session variable you have set up like

$_SESSION=<value_from_db>

Now when you POST the new age in the form as 24

you want the $_SESSION to be updated as 24.
Then on the server side when you check for your $_POST being set you can straight away update the value of $_SESSION as

$_SESSION = $_POST

Please correct me if I have interpreted the problem differently...

Many thanks. I ended up using the code $_SESSION = $age, but your solution was correct

0

I have a similar issue. I have a form that is prefilled with the user's current info but can be changed and updates the database. However, when returned to the page after the update, the prefilled text is not updated. It only updates if you relog back in. At this point I have only the username part of the form set up to update.

<div id="main_middle"> 
<h1>&nbsp;
</h1>
<h1>MANAGE YOUR ACCOUNT INFORMATION</h1>
<p>&nbsp;</p>
username :
<form method="post" action="update_check.php">
  <input type="text" name="username" value="<?php echo "".$_SESSION['username'].""; ?>" size="40" />
  <input name="update data" type="submit" id="update data2" value="save changes"/>
</form>
<br />
<p>&nbsp;</p>
email:<br />
<form method="post" action="update_check.php">
<input name="email" type="text" id="email" value="<?php echo "".$_SESSION['email'].""; ?>" size="40" />
<input name="update data" type="submit" id="update data" value="save changes"/>
<br />
<br />
<br />
<input name="reset" type="reset" id="reset" value="reset form"/>
</form>

</div>
<?php

include("db_config.php");

$tbl_name="usernames"; // Table name

// username and password sent from form 
$username=$_POST['username'];

$username = stripslashes($username);
$username = mysql_real_escape_string($username);

$username = $_POST['username'];
$checkformembers = mysql_query("SELECT * FROM email_confirm WHERE username = '$username'");
if(mysql_num_rows($checkformembers) != 0){
header("location:sign_up_usererror.php");
die();
}

$username = $_POST['username'];
$checkformembers = mysql_query("SELECT * FROM usernames WHERE username = '$username'");
if(mysql_num_rows($checkformembers) != 0){
header("location:sign_up_usererror.php");
die();
}

$result = mysql_query("UPDATE usernames SET username = '$username'");

if($result) {
$_SESSION['username'] = $_POST['username'];
header("location:account.php");
die();
}

?>

I have set up the username session variable to update if the database updates, however, it does not seem to be working correctly. Any suggestions?

0

I have a similar issue. I have a form that is prefilled with the user's current info but can be changed and updates the database. However, when returned to the page after the update, the prefilled text is not updated. It only updates if you relog back in. At this point I have only the username part of the form set up to update.

<div id="main_middle"> 
<h1>&nbsp;
</h1>
<h1>MANAGE YOUR ACCOUNT INFORMATION</h1>
<p>&nbsp;</p>
username :
<form method="post" action="update_check.php">
  <input type="text" name="username" value="<?php echo "".$_SESSION['username'].""; ?>" size="40" />
  <input name="update data" type="submit" id="update data2" value="save changes"/>
</form>
<br />
<p>&nbsp;</p>
email:<br />
<form method="post" action="update_check.php">
<input name="email" type="text" id="email" value="<?php echo "".$_SESSION['email'].""; ?>" size="40" />
<input name="update data" type="submit" id="update data" value="save changes"/>
<br />
<br />
<br />
<input name="reset" type="reset" id="reset" value="reset form"/>
</form>

</div>
<?php

include("db_config.php");

$tbl_name="usernames"; // Table name

// username and password sent from form 
$username=$_POST['username'];

$username = stripslashes($username);
$username = mysql_real_escape_string($username);

$username = $_POST['username'];
$checkformembers = mysql_query("SELECT * FROM email_confirm WHERE username = '$username'");
if(mysql_num_rows($checkformembers) != 0){
header("location:sign_up_usererror.php");
die();
}

$username = $_POST['username'];
$checkformembers = mysql_query("SELECT * FROM usernames WHERE username = '$username'");
if(mysql_num_rows($checkformembers) != 0){
header("location:sign_up_usererror.php");
die();
}

$result = mysql_query("UPDATE usernames SET username = '$username'");

if($result) {
$_SESSION['username'] = $_POST['username'];
header("location:account.php");
die();
}

?>

I have set up the username session variable to update if the database updates, however, it does not seem to be working correctly. Any suggestions?

You are missing a line
session_start();

Just include this line...What is happening is bcoz you are not including this line so the session variable is getting reset on a new page...the session is not getting registered.

Please include this in both the scripts as the first line...you should be good then.

Lemme know in case of any issue...

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.