Session details gets clashed

ishakya

Hi all,
I think i'm always new to php because i got lots of things to learn.
So i have a problem.
I have two separate systems and different users logs in to this systems.When i opens those two systems and type different user names and passwords for those systems.
Site 1:user name-ABC
Site 2:user name-XYZ

After some times,I log off from the site 2,and when i checks the site 1,it's uesrname has changed in to XYZ.when i click on a page in site 1,site 1's session are expired and directs me to the index page.:mad:
i think that is a problem when we come to the real world.
So is there any way to prevent that???
Hope everyone got the idea...
Waiting for your quick reply.Thanks in advance

steamPunk

If the users have different unique ids on each site you could make a session variable using the user Id in the name like this :

<?php

  $usrId = "456789";

  $_SESSION[$usrId."_login"] = "myLoginName";

  echo $_SESSION[$usrId."_login"];

?>

ishakya

Ok but the thing is user id's can be the same.
This the login code

<?php 
if (!isset($_SESSION)) {
  session_start();
}
require_once('library/myconn.php');
require_once('library/functions.php');

// *** Validate request to login to this site.
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['uname'])) {
  $loginUsername=$_POST['uname'];
  $password=$_POST['pword'];

  /*$redirectLoginSuccess_sadmin = "user/sadmin_home.php";
  $redirectLoginSuccess_admin = "user/home.php";
  $redirectLoginSuccess_user = "user/user_home.php";
  $redirectLoginSuccess_client = "user/client_home.php";*/

  $redirectLoginSuccess_sadmin = "import/add_job.php";

  $redirectLoginFailed = "index.php";


$LoginRS__query=sprintf("SELECT * FROM tbl_com_user WHERE user_uname=%s AND user_pword=%s",GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 

$LoginRS = mysql_query($LoginRS__query, $myconn) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
//$rowent = mysql_fetch_array($LoginRS);
//$user_level=$rowent[8];

//Get the user level


if ($loginFoundUser) {
	$r=mysql_fetch_assoc($LoginRS);
  //declare session variables and assign them
   	$_SESSION['s_username'] = $r['user_uname'];
	$_SESSION['s_userpword'] = $r['user_pword'];
	$_SESSION['s_mytimezone'] = $r['user_timezone'];
	$_SESSION['s_user_id']= $r['user_id'];
	$_SESSION['s_my_com_id']= $r['my_com_id'];
	$_SESSION['s_user_email']= $r['user_email'];
	$_SESSION['s_user_level']= $r['user_level'];
	$_SESSION['s_user_tel']= $r['user_tel'];

  header("Location: ". $redirectLoginSuccess_sadmin);


/*if($_SESSION['s_user_level']=="sadmin"){
  header("Location: ". $redirectLoginSuccess_sadmin);
}
if($_SESSION['s_user_level']=="admin"){
  header("Location: ". $redirectLoginSuccess_admin);
}
if($_SESSION['s_user_level']=="user"){
  header("Location: ". $redirectLoginSuccess_user);
}
if($_SESSION['s_user_level']=="client"){
header("Location: ". $redirectLoginSuccess_client);
}*/


 }
 else {
 header("Location: ". $redirectLoginFailed );
	//header("Location: import/add_job.php");

 }
}
?>

This part is the functionality part.when i log off from the site1,site 2's sessions are get crashed.What will happen if we use separate company id to track the session??
I'm just asking....... 🙁
please help me to solve this up
Thanks in advance

traq

ishakya;10989923 wrote:
Ok but the thing is user id's can be the same...

the point of a user id is to identify a user, which is not possible if multiple users might have the same id.

Bonesnap

I've had this happen to me before. It's because you're using the same session variable names in the same browser in the same domain. Run one of your sites in one browser, and the other site in another browser and you'll find this doesn't happen.