0

aving serious problems with headers and session variables. Read related posts but none helped me.

I'm using sessions to store some info about the user logged in e.g. name, user_id, etc.

To start with, let's say $_SESSION['user_id']=6;.

Then let's sat I want to view someone's profile. There is a dropdown list where you select the person whose profile you want to view, then click View. The processing page for this looks up for the user_id of the person you selected and redirects you to the person's profile.

The code is something like this:

<?php session_start();
$_SESSION['user_id']=1; //this is the user_id of the person logged in..
/*......many lines of code*/
?>
<select name="user_id">
<option value="4">George Thuo</option>
<!--other many options-->
</select>
<input type="submit" name="view" value="View">

Then this will direct you to the processing page which looks something like this:

$user_id=$_POST['user_id'];
header("Location: view.php?user_id=".$user_id);

See that before we used the header, $_SESSION['user_id']=1; But after the header is user, I don't know why but $_SESSION['user_id']=4;(the user_id passed via the $_POST method

Why is it changing?

Edited by pritaeas: Fixed markdown.

4
Contributors
4
Replies
24
Views
4 Years
Discussion Span
Last Post by pixelsoul
0

I think so somewhere you are using something like this:-

$_SESSION['user_id'] = $_POST['user_id'];

As per what i am seeing as i have checked the program and it is working fine.
It is showing correct value.$_SESSION['user_id'] = 1 as we have initialised.

So problem might be in your view.php.

0

I dont have anything like $_SESSION['user_id'] = $_POST['user_id'];. I guess I'll check it up..it's cracking my head!!

0

interesting post this is the advantage of php where we can create session and stopping sessions

0

It sounds like you could have register globals enabled. If it is then $_SESSION, $_GET, $_POST variables can all be referrered as just standard variable names. In other words, you will have naming conflicts if any standard variable named are declared with the same as the $_SESSION variable.

e.g. $_SESSION['item'] is the same as $item.

If register globals is enabled, it would be highly recommended that you to disable it. It has actually been deprecated in PHP 5.3.0 and is not available in PHP 5.4.0

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.