Posted by ralphNOSPAM on 10/20/37 11:29

I need some help understanding PHP sessions. I am using sessions
(using session_start()) and have a variable called $php_user_session.
When someone logs into my web site this var is populated with their
database (MySQL) username so they can read and write to the DB:

SELECT * FROM Accounts WHERE user = '$php_user_session'

The problem that is happening once in a while is that some of my
record data is changing and I don't know how or what is causing this.

For example, I create a record for monitoring airports via their
staion name such as KLAX for Los Angeles International airport. After
I create the record (with KLAX in it) the next day or two later, I
noticed KLAX was replaced with a different airport identifier!!

I suspect that somehow my session var $php_user_session is being
'seen'or otherwise used when someone else logs onto the web site to
make their own changes to the DB and that somehow they created or
edited one of their own records but my session user name somehow got
used when they wrote to the database. It upated my record with their
data.

Any idea's on how I can help prevent this from happening would be
appreciated or if you think something else could be causing this
please advise.

[Back to original message]