|
|
Posted by Andy Hassall on 09/14/05 01:53
On Tue, 13 Sep 2005 23:32:40 +0200, "Johannes A. Brunner"
<johannesabrunner@t-link.de> wrote:
>Got a simple problem.
>I code some site and because Im a freak I made my own session-handling.
>When a user open up my site it will check if there is a ssid in the url
>if not generate one. this will be done by a function generate_ssid() and works fine.
>next step is to register the ssid in the table session
>this will be done by the following code:
>*************************************************************************
>function ssid_register($ssid,$login,$uid,$admin){
>
> $connect = mysql_connect( $GLOBALS["db_host"],
> $GLOBALS["db_user"],
> $GLOBALS["db_password"])
> or die($GLOBALS["db_error"]);
> mysql_select_db($GLOBALS["db_name"],$connect) or die($GLOBALS["db_error"].'<br>ErrorCode s.001-con');
> $result = mysql_query("INSERT INTO session SET ssid='$season',ip='$rip'",$connect);
> echo ($rs);
> return;
>}
>****************************************************
>I redesigned the INSERT INTO part into all possible syntax but everytime I look into the db
>there are two entries with two DIFFERENT ssids.
>The only way it works correct is to dont use a variable on the first place.
>Means if I use ssid='godhelpmetofindaworkingsolution' it works great but is not realy what I want.
>
>As told above a "INSERT INTO session (ssid) VALUES ($ssid)" also has the effect of two new db-entries.
The INSERT can't be doing that. The most common mistake in this sort of thing
is setting up a race condition, so two requests both start a new session and
overlap saving to the database.
How are you detecting there's no ssid?
What are you doing with the ssid afterwards?
--
Andy Hassall :: andy@andyh.co.uk :: http://www.andyh.co.uk
http://www.andyhsoftware.co.uk/space :: disk and FTP usage analysis tool
Navigation:
[Reply to this message]
|