|
|
Posted by Schraalhans Keukenmeester on 08/23/06 10:51
I am stomped with the following problem:
I have a script start.php and a second script proceed.php
Relevant (and working) sections of the code:
start.php
<?PHP
start_session();
// this string will later be used to check if
// proceed.php was invoked via the form below
$verif_str="abcdefg";
$name_str="hijklmn";
// Store these vars in the SESSION array.
$_SESSION['vstr']=$verif_str;
$_SESSION['nstr']=$name_str;
// output the form (in real case with correct html surrounding
// the form, doctype, header, body tags, all that)
echo"
<form action='proceed.php' method='POST'>
<input type='text' name='field_01' />
<input type='text' name='field_02' />
<input type='hidden' name='check' value='$verif_str' />
<input type='submit' />
</form>";
?>
proceed.php
<?PHP
start_session();
// read back session vars
$verif_str=$_SESSION['vstr'];
$name_str=$_SESSION['nstr'];
// read back hidden form var and regular fields
$check_str=$_POST['check'];
$field01=$_POST['field01'];
$field02=$_POST['field02'];
// are these strings equal ? If not, stop processing.
if ($verif_str != $check_str)
exit ('Verification code incorrect');
// Strings match, so open logfile, exit if this fails.
$fp = @fopen('transaction.log','a');
if ($fp===false)
exit ('Could not open file. Aborting.');
// write contents, for brevity additional error-checking is
// omitted here. This exists in the actual code.
fwrite($fp,"==============\n");
fwrite($fp,"Verification string:".$verif_str."\n");
fwrite($fp,"Name string:".$name_str."\n");
fwrite($fp,$field01."\n");
fwrite($fp,$field02."\n");
fclose($fp);
// rest of code, irrelevant to my issue
?>
The problem:
When I call the script start.php and submit the form data, 100 out of
100 'experiments' lead to a correct log entry being written. Both
strings $verif_str and $name_str contain the values assigned in start.php.
(For the record, I tried Konqueror, elinks and Firefox 1.5.0.5 for a
browser, on a Gentoo Linux machine. The acting server is a
Centos/Apache2.0.50/PHP4.3.4 combination)
However, if some/many of the OTHER users visiting the page fill out the
form, quite often, but not always, the session variables lose their
values in proceed.php. The form variables are properly transmitted though.
I have not been able to reproduce or explain this difference in
behaviour. yet I do believe I am making some mistake somewhere in my
code. I just fail to see it I guess.
(Please ignore the stupidity of what the code actually does and whether
that is good practice, the real case is somewhat more complicated and
makes more sense.)
Does anyone recognize this, see what's wrong and care to help me out?
Thanks a bunch in advance!!
Regards
Sh
Navigation:
[Reply to this message]
|