Session dropping variables inconsistently

bunner_bob

This one's a hair puller...

On the page in question, the user enters some info into a form and submits it. The form passes itself to the same page, where it processes the input data.

Here's a thumbnail sketch of the processing part:

<?php
session_start();

if (isset($_SESSION['employee_id']))
{

// user must be authenticated

if (isset($_POST['submit']))
{

// inserting project time entry

// copy employee_id to post array

	$_POST['employee_id'] = $_SESSION['employee_id'];

// copy each posted variable into a query string (grossly simplified - all fields are validated and only relevant fields get in)

	foreach ($_POST as $k => $v)
	{
		$fields .= "$k='$v',";
	}

	$fields = rtrim($query, ',');

	$query = "INSERT INTO table SET ($fields)";
	mysql_query($query);	
}

// now read back all entries for this date

$query2 = "SELECT FROM table WHERE employee_id=" . $_SESSION['employee_id'] . " AND date=1234567890";
mysql_query($query2);
}
else
{
    // not logged in - redirect to login screen
}
?>

SOME of the time, I get a fatal error on the second query and it tells me my query was:

SELECT FROM table WHERE employee_id= AND date=1234567890

This tells me that it's losing the $_SESSION['employee_id'] variable. Except it can't be, because that variable is required in order to execute the queries in the first place. Furthermore, if the variable really was dead, then the next time the user loaded any screen they'd find themselves logged out, and have to log back in again.

This happens very inconsistently. It seems to happen more when submitting entries for certain projects, which makes no sense at all. The full array of submitted values is:

project_id (4-digit integer)
date (unix date)
activity_id (3 digit integer)
employee_id (2 digit integer)
hours (decimal)
rate (decimal)
notes (string - leaving blank or not doesn't seem to affect)

and there appears to be NO problem with the submit (the first query) - everything goes in as expected.

I don't even know where to start. If there was something that was setting $_SESSION['employee_id'] then I'd have it, but that variable is only set when the user logs in, on a different page.

Any ideas where to start poking around?