I made a really simple panel for myself and got some hits from my mates but it ends up getting lots of repeated sessions into my database and some of them getting logged out automatically, I really see no problem in my codes so I'll be really grateful if someone on here can find out what's the problem. Here's my function used for generating and re-generating of sessions: private function generateSession() { global $core; $time = time(); $query = mysql_query( "SELECT * FROM sessions WHERE session_id = '{$this->sessionID}'" ); $num = mysql_num_rows( $query ); if( isset( $_COOKIE["user"] ) and isset( $_COOKIE["pass"] ) ) { // This is for my "remember me" feature $query2 = mysql_query( "SELECT * FROM users WHERE `username` = '{$_COOKIE["user"]}'" ); $result = mysql_fetch_assoc( $query2 ); if( $result['password'] == $_COOKIE["pass"] ) { $query3 = mysql_query( "SELECT * FROM sessions WHERE `user_id` = '{$result['id']}'" ); $num2 = mysql_num_rows( $query3 ); if( $num2 ) { session_regenerate_id(); $newID = $core->encrypt( session_id() ); mysql_query( "UPDATE sessions SET session_id = '{$newID}', stamp = '{$time}' WHERE user_id = '{$result['id']}'" ); $this->sessionID = $newID; } else { mysql_query( "INSERT INTO sessions VALUES ( NULL, '{$this->sessionID}', '{$result['id']}', '{$time}' );" ); } } else { mysql_query( "INSERT INTO sessions VALUES ( NULL, '{$this->sessionID}', '0', '{$time}' );" ); } } elseif( !$num ) { mysql_query( "INSERT INTO sessions VALUES ( NULL, '{$this->sessionID}', '0', '{$time}' );" ); } else { $oldID = $this->sessionID; session_regenerate_id(); $newID = $core->encrypt( session_id() ); mysql_query( "UPDATE sessions SET session_id = '{$newID}', stamp = '{$time}' WHERE session_id = '{$oldID}'" ); $this->sessionID = $newID; } } PHP: I know basic procedural PHP and most of those codes above are taken from php.net, could you tell what's wrong with that pile of codes?
just have it check the DB to see if the session is already started and if anything update the session time. if no session exists then place a new session key in teh DB
Kindly share table structure for session. Queries seems ok, but may have impact if table does not have constraint of unique session / user id.
The structure is: id (int - 255) session_id (varchar - 255) user_id (int - 255) lastactivity (int - 255)
when viewing the structure make sure that session_id is marked as unique, and id is auto incremental which im assuming is how you are wanting it to be?
I can't log in if someone's in my account, is there any way to loop around that? Thanks for the helpful reply.