PHP header affects a session variable

Question

thuogt 0 Newbie Poster

11 Years Ago

aving serious problems with headers and session variables. Read related posts but none helped me.

I'm using sessions to store some info about the user logged in e.g. name, user_id, etc.

To start with, let's say $_SESSION['user_id']=6;.

Then let's sat I want to view someone's profile. There is a dropdown list where you select the person whose profile you want to view, then click View. The processing page for this looks up for the user_id of the person you selected and redirects you to the person's profile.

The code is something like this:

<?php session_start();
$_SESSION['user_id']=1; //this is the user_id of the person logged in..
/*......many lines of code*/
?>
<select name="user_id">
<option value="4">George Thuo</option>
<!--other many options-->
</select>
<input type="submit" name="view" value="View">

Then this will direct you to the processing page which looks something like this:

$user_id=$_POST['user_id'];
header("Location: view.php?user_id=".$user_id);

See that before we used the header, $_SESSION['user_id']=1; But after the header is user, I don't know why but $_SESSION['user_id']=4;(the user_id passed via the $_POST method

Why is it changing?

php session

Edited 11 Years Ago by pritaeas because: Fixed markdown.

4 Contributors
4 Replies
282 Views
3 Days Discussion Span
Latest Post 11 Years Ago Latest Post by pixelsoul

IIM 163 Master Poster

11 Years Ago

I think so somewhere you are using something like this:-

$_SESSION['user_id'] = $_POST['user_id'];

As per what i am seeing as i have checked the program and it is working fine.
It is showing correct value.$_SESSION['user_id'] = 1 as we have initialised.

So problem might be in your view.php.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

thuogt 0 Newbie Poster · Answer 1 · 2013-03-05T09:32:25+00:00

I dont have anything like $_SESSION['user_id'] = $_POST['user_id'];. I guess I'll check it up..it's cracking my head!!

Wisestepp 0 Newbie Poster · Answer 2 · 2013-03-05T11:50:55+00:00

interesting post this is the advantage of php where we can create session and stopping sessions

pixelsoul 272 Red Pill Featured Poster · Answer 3 · 2013-03-05T16:36:04+00:00

It sounds like you could have register globals enabled. If it is then $_SESSION, $_GET, $_POST variables can all be referrered as just standard variable names. In other words, you will have naming conflicts if any standard variable named are declared with the same as the $_SESSION variable.

e.g. $_SESSION['item'] is the same as $item.

If register globals is enabled, it would be highly recommended that you to disable it. It has actually been deprecated in PHP 5.3.0 and is not available in PHP 5.4.0