Topic: Sessions unpredictable

[greygrey]

Hi. I'm using Apache 2.2.6, windows xp, php5.2.5. When opening a new browser window, my sessions values appear from the previous session. Also, they change value unpredictably during a session. I've checked my code over and over and have also checked php and apache error and access logs. They don't show anything out of the ordinary. Any ideas what's going on. Thanks in advance.

grey

[James Blond]

It would help if you post a code snippet.

[greygrey]

I doubt this will be of any help, but it will explain what I'm doing somewhat. The 'userOrderValues' variable is being used as a 'switch', indicating that the user has been to p.2 and has returned to p.1 to edit. If they are returning to edit, the other sessions variables (grabbed from POST first time thru) are assigned to letter variables then used as text box values and printed. If they are seeing p.1 for the first time (the switch isn't set), zeroes are printed in the text boxes instead. (Generally, this code is meant to reload the user's original values so they don't have to re-enter everything when editing.)

if ($_SESSION['userOrderValues'] == 1)
{
$a = $_SESSION['holidayCardQty'];
$c = $_SESSION['varietyPackQty'];
$e = $_SESSION['customMixBoxQty'];
$g = $_SESSION['uptownDowntimeQty'];
$h = $_SESSION['dulutsYoutsQty'];
$i = $_SESSION['teaLeavesQty'];
$j = $_SESSION['campingFeetQty'];
$k = $_SESSION['anthonyQty'];
$l = $_SESSION['foreignExchangeQty'];
$m = $_SESSION['incidentQty'];
$n = $_SESSION['inTheAirQty'];
$o = $_SESSION['onTheRocksQty'];
$p = $_SESSION['focusQty'];
}
else
{
$a = '0';
$c = '0';
$e = '0';
$g = '0';
$h = '0';
$i = '0';
$j = '0';
$k = '0';
$l = '0';
$m = '0';
$n = '0';
$o = '0';
$p = '0';
}

Another problem I'd like to ask about has to do with radio buttons. I can't seem to find a way to 're-click' the radio button when the user goes back to edit. Instead, I've just kept the value of the button in sessions. Is there a way that a radio button can be reclicked using php?

Sorry if this code doesn't demonstrate my original question well enough. It's odd to open a new browser window to find values in the text boxes from the previous session and to find that the switch is set to '1' when it hasn't been initialized. I was hoping this might be something you've come across before. I truly appreciate your input.

Thanks,
grey

[greygrey]

Never mind about sessions being weird. It magically healed overnight. Must've needed a restart or the php.ini 1440 seconds setting might have been a factor as I was debugging.

But, I still am trying to find a way, using php, to reload the values into radio buttons and dropdown boxes when a user goes back to edit. Any ideas would be welcomed.

Thanks,
grey

[James Blond]

How do you "logout" ?
Do you use a function that logs you out and ends the session?

I'll do it in someway like this

[greygrey]

Hi again.

I looked carefully on each of my pages to find a place to do just that, but I've given the user the opportunity to go back and edit on each page, so the only way I'd know if they were truly done with their order was when they linked to PayPal. Is there a php version of 'onclick'? Or maybe:

function logout ()
{
// Cookie kill on client
if (isset ($_COOKIE[session_name ()]))
{
setcookie (session_name (), '', time ()-42000, '/');
}
// Cookie kill on server
session_destroy ();
$_COOKIE = null;
$_SESSION = null;
$click = "submit";
}
.........

<form action= ... paypal ... blabla ...>
<input type=image src='paypal ... blabla' name='$click' ...>

if ($click)//I know that won't work, but something like that?
{
logout();
}

Btw, sessions is behaving irradically again, changing values of my switches and other sessions variables for no apparent reason. Believe me, I've checked and rechecked my code (but I imagine I've missed something).

I included a session_destroy() near the top of the first page temporarily, saved it, then opened the page in a new window. The old values were still there until I refreshed the page. Then I went back, removed the 'destroy', saved it again, and refreshed so I could go on to test other pages. Even then the sessions values did not behave predictably. I have var_dumps all over the place on each page trying to figure out exactly where it goes wrong, but it seems to change each time I test a different record. Weird.

Thank you, J.

[greygrey]

I should have put $click = "submit" outside the function and before <input>. Sorry. It probably won't work anyway.

[James Blond]

Use name without a $

[greygrey]

That should do it. Thank you very much.

grey

[greygrey]

Hi, JB.

First of all, I tried tieing the logout function to the PayPal submit as you suggested, but that submit is posted to the PayPal server, not mine. I'm guessing that's why it didn't work, so I tried another idea: to tie it to whether or not the user had been to the 'printer friendly' page (I figured they had done all the editing they were going to do by then).

It may be a bit confusing, but the payment page has the PayPal link on it; it also links to the printer friendly page. After the user goes beyond to the printer friendly page and prints, they return to the payment page to click the PayPal button before leaving my site.

I am getting a php warning, though, when the user returns to the payment page after printing:
"Warning: Cannot modify header information - headers already sent by (output started at /home3/kieferar/public_html/paymentPage.php:14) in /home3/kieferar/public_html/paymentPage.php on line 859"

(Line 859 refers to the setcookie part of the logout function.)


This is the relevant code on the payment page:

$_SESSION['logout'] = 0;//ESTABLISHES SWITCH TO CLEAR SESSIONS AND COOKIES IF USER HAS GONE TO 'printer_friendly' page.php' AND RETURNED HERE TO LINK TO PAYPAL

if ($_SESSION['viewPage'] == 2)//Which indicates that the user has been to the 'printer friendly' page
{
$con = mysql_connect("bla","bla","bla");
mysql_select_db("bla", $con);
$result = mysql_query("SELECT * FROM blabla");
while($row = mysql_fetch_array($result))
{
$fname = $row['FirstName'];
bla, bla, bla
$email = $row['Email'];
}//END WHILE
$deleteTemp = mysql_query("delete from blabla");
mysql_close($con);
//
//
/*THE CULPRIT: THIS SETS THE LOGOUT SWITCH WHICH WILL CALL THE LOGOUT FUNCTION AT THE END OF THE PAGE*/
$_SESSION['logout'] = 1;
}//END IF
else
bla, bla, bla .....



//THEN, AT THE END OF THIS PAGE, THE LOGOUT FUNCTION IS CALLED
<?php
function logout ()
{
// Cookie kill on client
if (isset ($_COOKIE[session_name ()]))
{
setcookie (session_name (), '', time ()-42000, '/');
}
// Cookie kill on server
session_destroy ();
$_COOKIE = null;
$_SESSION = null;
}
if ($_SESSION['logout'] == 1)
{
logout();
}
?>

I'm sorry to have to revisit this, JB, but I am truly stuck on this one. I'm new to php and know nothing about headers yet. My php book doesn't explain it; neither do all of the online tutorials I have downloaded.

Thanks again for helping.

grey

[James Blond]

Warning: Cannot modify header information

Do you use the header function for something? If you use header there is no output allowed included whitespace.

What does your script do? You submit something to paypal and get something back and than you wanna kill the paypal cookie or your own cookie?
Would be great if you write down the scenario as short as possible than I hope I get it.

[greygrey]

I don't know anything about headers, so, no, I didn't use the header function.

I'm trying to kill my own cookie and sessions so it's clear for the next user. The PayPal link is used in the normal way: after the user is done entering their order on my site, they print it, then click paypal to pay and that's the end of it. The only thing being submitted to paypal is the total amount of the order. After the order is processed at paypal, they send me back an email acknowledging payment (nothing is passed back to my script from paypal).

[James Blond]

If it is not a security issue, can you post the whole script at http://pastebin.com/ ? Else I guess only what happens.

[greygrey]

Thank you.

[Clarck]

Hi,

Thanks for this useful information. I'm a new one in this forum. I must appreciate the tools provided by you. Please keep updating me in this regard.

CSK

search engine optimization