When browsing page receives unexpected value from $ _SESSION

-1

I have a page with Dynamic Menu accessing the user permissions page, it works fine except that the value of SESSION regardless of which user it is, always passes the field contents of the last record read and not the page actually to be accessed.

Example:

PAGE MENU - (Logging In)

session_start();
if((!isset ($_SESSION['login']) == true) and (!isset ($_SESSION['senha']) == true) and (!isset ($_SESSION['nome']) == true))
{
    unset($_SESSION['login']);
    unset($_SESSION['senha']);
    unset($_SESSION['nome']);  
    header('location:index.php');
    }   

    $login    = $_SESSION['login'];
    $senha    = $_SESSION['senha'];
    $nome     = $_SESSION['nome'];
    $operacao = $_SESSION['per_operacao'];    

Still in the page MENU (Mounting the menu from a table, accessing the referred Page (User) and passing the data (operations).

   <li><a href="MenuPrincipal.php"><?php echo $lSub['mod_descricao'];?></a>   
                <ul class="submenu-2">   
           <?php   
                $seleciona_rotina = pg_query("SELECT * FROM Menu_rotina WHERE id_modulo = '$idmod'"); 

            if(pg_num_rows($seleciona_rotina) == 0) { 
                } else {   
                while($sSub = pg_fetch_array($seleciona_rotina)){
                  $_SESSION['per_operacao']=$sSub['per_operacao'];
                   echo($_SESSION['per_operacao']);     // ( conteúdo: 1.2.3.4.5 )
            ?> 
            <li>   <a href="<?php echo $sSub['per_pagina']?>"><?php echo $sSub['gpo_descricao'];?></a>    
                   <?php }?>
    </li>
   <?php }?>
</ul>
   <?php }?>
   </li> 

So far so good, it points to the menu chosen with its permissions (Routines that the user would have access), and the field per_operações = 1.2.3.4.5. , (so far is great).

USER PAGE: (Accessing the page and logging in)

<?php

     session_start(); // sempre que usarmos as sessions devemos chamar esse codigo sempre no inicio do script
     if(isset($_SESSION['per_operacao'])){// verifica se existe a varavel session
     $operacao['per_operacao']=$_SESSION['per_operacao']; // passa o valor da variavel session para outra variavel so que uma variavel dentro do mesmo arquivo
     $operacao=$_SESSION['per_operacao']; // passa o valor da variavel session par a outra variavel so que uma variavel dentro do mesmo arquivo
     echo($_SESSION['per_operacao']);   //  ( conteúdo: 0.0.1.0.1 )
     }else{
     echo("vc não passou pelo arquivo anterior" );
}

 ?>

The following occurs: here it should show me the contents of the per_operação field equal to the one passed by the "main menu" page, and I have already detected that regardless of how many records it has in the permissao table, Menuprinciapl.PHP , but is always passing the contents of the last record to Usuario.php .

I hope to have been clear, because of the little understanding I have, but my thanks go now for the attention given by everyone, and congratulations for the help that has been given to many colleagues and me too.

    
asked by anonymous 22.03.2015 / 23:20

1 answer

0

To better understand what's happening, you need to understand how sessions work in php.

In short, when a user accesses your site, it gains a unique identifier (the session id) that is saved in a cookie. When you call the session_start function, php tries to open a file (using the session id as identifier) containing the variables to fill the array $_SESSION and if it does not find any files, it creates a new one. At the end of the script, php saves all variables from the $_SESSION array in this file.

As cookies are shared between tabs, the user will only have one session id, ie, php will use the same session file for the user, regardless of which tab it is on. This is where your problem arises because php will overwrite all the information that is in the session file with the new ones.

One solution to your problem would be to use identifiers per page, for example:

$_SESSION['permissoes']['home'] = ...;
$_SESSION['permissoes']['usuario'] = ...;

But beware of the amount of information you store. Many online users at the same time containing each one a giant session is not a good idea.

    
23.03.2015 / 18:40