Strange Session Behaviour

[namida]

HI.
I wonder if anyone has ever experienced this.
I am using PHP 4.3.x with Apache and MySQL database.

We have a forum in a community portal. In the forum ,people can create topics or reply. Simple.

The strange thing is that on two rare occasions, somehow a new topic was recorded to be posted by user Id 1 whereas the real poster was 11966 or something other. I retrieved the user Id from $_SESSION variable.

The user was confused so he replied after 3 minutes and this time, the poster Id was correct.

I have no idea how this could occur, is it possible for session to cross ? Or perhaps if the two users (1 and 11966) logs in at the same time via the same gateway with same IP could this happen?

Please assist.

Thanks beforehand.

Nami


Regards,

Namida

 

[sleipnir214]

Does your script generate the session IDs, or does your script let PHP do it?

Want the best answers? Ask the best questions!

TANSTAAFL!!

 

[namida]

Hi. Thx for the reply.
I don't manage my sessions manually so I just use it directly like $_SESSION["userId"] .
The user base is currently above 10 000 user Ids.


Regards,

Namida

 

[sleipnir214]

I don't know.

Is it always userid 1? Or have other userids also be improperly used?

I'm wondering if the problem is that the session has expired and your script just assumes to use userid 1.

Want the best answers? Ask the best questions!

TANSTAAFL!!

 

[namida]

Right now the one the two found occasions are always userId 1.

So I think you've got a point there.

I need to check all my includes and other scripts to find out if there's such assignment.

Thanks



Regards,

Namida

 

[jpadie]

could it also be that you're somehow assigning or using the value of isset($_SESSION['userid']) which would return 1/true if the element was set?