User confuser

ridouts2

OK. I am writing this system for my school where students can log on and it delivers a story or a scenario to them at timed intervals. They have to decide what to do and they can get help from a panel of experts who they send a private message to (and receive answers) in real time. The experts are logged on elsewhere.

Anyway, it all works fine when one person logs on (i.e. me testing it) but when I got 20 people to log on at the same time it logged them as the wrong person (most of them being the same user).

My login writes the userid to a cookie and enters the userid (and other details) into a new row in the table. It then uses that cookie throughout the process for delivering and receiving messages.

Any suggestions (or people who have had the same thing!)

benbox

I don't think it's possible to know what the problem is without seeing some code, it must be a little glitch somewhere..

ridouts2

The table containing the users is correct and it is registering each user individually in the table. The problem is on their individual machines.

Here is the login

$cteam_id = $_POST['team_id'];
$cscenario_id = $_POST['scenario_id'];
$cteam_name = $_POST['team_name'];
$cteam_hall = $_POST['team_hall'];
$cteam_tg = $_POST['team_tg'];

$sql = "INSERT INTO team (team_id, scenario_id, team_name, team_hall, team_tg) VALUES ('".$cteam_id."', ".$cscenario_id.", '".$cteam_name."', '".$cteam_hall."', '".$cteam_tg."')";

$result = @mysql_query($sql, $connection) or die (mysql_error());

$cookie_name = "cookieteam_id";
$cookie_value = $cteam_id;
$cookie_expire = time()+6000;
setcookie($cookie_name, $cookie_value, $cookie_expire);

$cookie_name = "cookiescenario_id";
$cookie_value = $cscenario_id;
$cookie_expire = time()+6000;
setcookie($cookie_name, $cookie_value, $cookie_expire);

$cookie_name = "cookieteam_name";
$cookie_value = $cteam_name;
$cookie_expire = time()+6000;
setcookie($cookie_name, $cookie_value, $cookie_expire);

header("Location: start.php");
exit;

This displays a welcome message containing the name. This does not work and it displays other team names

<?
$team_name = $_COOKIE[cookieteam_name];
echo "Welcome $team_name";
?>

As for sending messages (where the system muddles up the originator). This is done by

<?

include("functions.php");
include("variables.php");
$team_id = $_COOKIE['cookieteam_id'];
$scenario_id = $_COOKIE['cookiescenario_id'];

?>

<form id="sendpm" name="sendpm" method="post" action="dosend.php">
  <p align="right">
    <textarea name="pm_text" cols="40" rows="5" id="pm_text"></textarea>
</p>
  <p align="right">
    <input name="pm_group" type="hidden" id="pm_group" value="0" />
	<input name="team_id" type="hidden" id="team_id" value="<? echo "$team_id" ?>" />
	<input name="pm_status" type="hidden" id="pm_status" value="Unanswered" />
	<input name="pm_id" type="hidden" id="pm_id" value="X" />
	<input name="scenario_id" type="hidden" id="scenario_id" value="<? echo "$scenario_id" ?>" />	
	<input name="pm_type" type="hidden" id="pm_type" value="Q" />
    <input type="submit" name="Submit" value="Send Message" />
</p>
</form>

which goes to

<?

include("functions.php");
include("variables.php");
$team_id = $_POST['team_id'];
$scenario_id = $_POST['scenario_id'];
$pm_text = $_POST['pm_text'];
$pm_group = $_POST['pm_group'];
$pm_type = $_POST['pm_type'];
$user_id = $_COOKIE['cookieuser_id'];
$pm_status = $_POST['pm_status'];
$pm_id = $_POST['pm_id'];

addmsg($team_id, $scenario_id, $pm_text, $pm_group, $user_id, $pm_type);

if ($pm_id !='X') {
changepmstatus($pm_id, $pm_status);
}

?>

The addmsg function is

function addmsg($team_id, $scenario_id, $pm_text, $pm_group, $user_id, $pm_type) {

$sql = "INSERT into pm (team_id, scenario_id, pm_text, pm_group, user_id, pm_type)values('$team_id', $scenario_id, '$pm_text', $pm_group, '$user_id', '$pm_type')";

$result = @mysql_query($sql, $connection) or die (mysql_error());

}

ridouts2

I should also mention that I had a look at the cookie on one of the machines and it had the correct team_id in it.

benbox

I think you might need the quotes in here, but I wouldn't have thought it would work at all with how you have now... strange it's showing other results!

<? 
$team_name = $_COOKIE['cookieteam_name']; 
echo "Welcome $team_name"; 
?>

ridouts2

That is strange! I have corrected that error. But that has nothing to do with the main problem. I just can't work it out !

benbox

Maybe it's because if the cookies are stored on the machine, they're not stored as user cookies, but just on that computer for everyone.. conflicting with older cookeis?

But then again they'd expire etc.. hmm

ridouts2

This happened on machines which had never used the application in the past and therefore had no previous cookies. The cookies do expire and have done so in tests.

ridouts2

Shameless bump! I cannot find a solution to this and am at the end of my tether. Has anybody got any suggestions?