sql update - PHP+MySQL website (localhost) working with netbeans xdebug, but NOT ALONE -
okay, may sound off-topic, want know if have had similar experience , if found problem/solution.
sorry post has grown more self try-and-error raportting, cause no 1 have answered. have added status updates of problem solving in bottom of question.
for moment problem seems database update query.
i'm developing php+mysql website on netbeans 7.3. + xampp. working fine. no suddenly log-in form (suppose save $_session variables , redirect page) is not working.
strange thing when debug netbeans + xdebug goes fine. session variables set , page forwarded correctly.
question: faced similar problem? has idea going wrong?
i can suppose in system set differently when run xdebug. (but exact(?) same log-in working fine few days ago).
i have tried lot of things (many many hours of them don't come mind now). tried move page on remote server , same behavior continues.
(if want more info ask , i'll edit.)
hope has ideas!
edit: think has php-session variables. realized while xdebug site starts empty php-session variables, use/get same ones has (?)
the code creating sessions database, not next step set php-session variables. (check out place in index.php marked /* here place */
okay. here stripped code (working netbeans+xdebug, not alone):
index.php:
<?php //open pdo connection mysql server: $db_con $db_connection = $_server['document_root'] . '/test-login/db.php'; require $db_connection; session_start(); //****************************************************************************** //helping functions function convert_time_to_utc_date ($unix_timestamp) { return gmdate("y-m-d h:i:s", $unix_timestamp); } //****************************************************************************** // function authenticate user username , password. returns false if not authenticated , true if successful authentication function authenticate_username_password($db_con, $usernm, $passwd) { try { $stmt = $db_con->prepare("select id, hashed_pwd, count(*) usercount gui_users username=? , not_in_use = 0 , deleted = 0"); $stmt->execute(array($usernm)); if($row = $stmt->fetch(pdo::fetch_assoc)) { if($row['usercount'] == 1){ if(crypt($passwd, $row['hashed_pwd']) == $row['hashed_pwd']){ $user_id = $row['id']; session_regenerate_id(true); $new_session_id = session_id(); $remote = true; $datenow = convert_time_to_utc_date(time()); $stmt = $db_con->prepare("insert gui_sessions (session_id,user_id,starttime_utc,lastused_utc,remote) values (?, ?, ?, ?, ?)"); $stmt->execute(array($new_session_id, $user_id, $datenow, $datenow, $remote)); return $user_id; } } } return false; } catch (pdoexception $e) { return false; } } //****************************************************************************** //function user roles function get_user_roles(pdo $db_con, $user_id) { try { $stmt = $db_con->prepare("select role_id, role_last gui_users id = ?"); $stmt->execute(array($user_id)); $row = $stmt->fetch(pdo::fetch_assoc); return array('max_role_id' => $row['role_id'], 'last_role_id' => $row['role_last']); } catch (pdoexception $e) { return false; } } //****************************************************************************** // function handel sessions, log in , log out function authenticate(pdo $db_con) { //******************** // if action log in if (isset($_post['action']) , $_post['action'] == 'login') { if (!isset($_post['username']) or $_post['username'] == '' or !isset($_post['passwd']) or $_post['passwd'] == '') { $globals['loginerror'] = 'please fill in both fields'; return false; } $user_id = authenticate_username_password($db_con, $_post['username'], $_post['passwd']); if ($user_id !== false && $user_id > 0) { $_session['reloadcounter'] = 1; $_session['username'] = $_post['username']; $_session['user_id'] = $user_id; $_session['user_def_page'] = 1; //get_user_default_page($db_con, $user_id); $user_roles = get_user_roles($db_con, $user_id); $_session['max_role_id'] = $user_roles['max_role_id']; $_session['sel_role_id'] = $user_roles['last_role_id']; $goto = isset($_post['goto']) ? $_post['goto'] : https_server; header('location: ' . $goto); exit; } else { $globals['loginerror'] = 'wrong username or password!'; return false; } } //********************* // if action log out if (isset($_post['action']) , $_post['action'] == 'logout') { $user_ses_id = session_id(); try { $stmt = $db_con->prepare("delete gui_sessions session_id=?"); $stmt->execute(array($user_ses_id)); } catch (pdoexception $e) { log_error('pdo_conn', $e->getcode(), $e->getmessage(), true, $db_con); } session_regenerate_id(true); unset($_session['reloadcounter']); unset($_session['username']); unset($_session['user_id']); unset($_session['user_def_page']); unset($_session['max_role_id']); unset($_session['sel_role_id']); $goto = isset($_post['goto']) ? $_post['goto'] : https_server; header('location: ' . $goto); exit; } //************************************ // if no action see if user logged in $user_ses_id = session_id(); $datenow = convert_time_to_utc_date(time()); try { $stmt = $db_con->prepare("update gui_sessions set lastused_utc=? session_id=?"); $stmt->execute(array($datenow, $user_ses_id)); if ($stmt->rowcount() == 1) { return true; } else { unset($_session['reloadcounter']); unset($_session['username']); unset($_session['user_id']); unset($_session['user_def_page']); unset($_session['max_role_id']); unset($_session['sel_role_id']); return false; } } catch (pdoexception $e) { log_error('pdo_conn', $e->getcode(), $e->getmessage(), true, $db_con); if (debug_on) { echo 'session update failed<br>'; } return false; } } //****************************************************************************** //session control if (!authenticate($db_con)) { include 'login.html.php'; exit(); } include 'page.html.php'; ?> login.html.php:
<html> <head> <meta charset="utf-8"> </head> <body> <p class="login-error"><?php if(isset($loginerror)) { echo $loginerror; } else { echo ' '; } ?></p> <form id="login" action="" method="post" name="login"> <label for="username">username:</label><br /> <input name="username" type="text" size="40" value="" tabindex="0" /><br /> <label for="passwd">password:</label><br /> <input name="passwd" type="password" size="40" value="" tabindex="1" /><br /> <input type="hidden" name="goto" value="https://localhost/test-login/"/> <input type="hidden" name="action" value="login"/> <input type="submit" class="button login" value="login" tabindex="2"/><br /> </form> <div><?php echo '<pre>' . var_dump($_session) . '</pre>'; ?></div> </body> </html> page.html.php:
<html> <head> <title></title> <meta http-equiv="content-type" content="text/html; charset=utf-8"> </head> <body> <div> <h1>hello world!</h1> <?php echo '<pre>' . var_dump($_session) . '</pre>'; ?> </div> </body> </html> edit: have track error more , seems while xdebuging $_post variables okay, standalone php interpreter losing them how.
strange create session database inside if(isset($_post['action']) && $_post['action'] == 'login') , php not seem in there able insert session in database inside if clause.
edit: braking till peaces helped me found 1 big mistake still should not affect actual problem made more harder found.
cause have forgot add curly brackets if-else in end of authenticate, function unset session variables. in beginning thought function not able set them it's unsetting them after redirection "$_server['php_self']". anyway should not happen if update gui_session statement work. made harder see problem. here correction index.php:
//************************************ // if no action see if user logged in $user_ses_id = session_id(); $datenow = convert_time_to_utc_date(time()); try { $stmt = $db_con->prepare("update gui_sessions set lastused_utc=? session_id=?"); $stmt->execute(array($datenow, $user_ses_id)); if ($stmt->rowcount() == 1) { return true; } else { unset($_session['reloadcounter']); unset($_session['username']); unset($_session['user_id']); unset($_session['user_def_page']); unset($_session['max_role_id']); unset($_session['sel_role_id']); return false; } } catch (pdoexception $e) { log_error('pdo_conn', $e->getcode(), $e->getmessage(), true, $db_con); if (debug_on) { echo 'session update failed<br>'; } return false; } the problem update fails. have no idea why.
$stmt = $db_con->prepare("update gui_sessions set lastused_utc=? session_id=?"); $stmt->execute(array($datenow, $user_ses_id)); if ($stmt->rowcount() == 1) { return true; } if try in php myadmin:
update gui_sessions set lastused_utc='2013-08-04 12:00:00' session_id='03dfgpiu1jl8idcjf191hqv4m2' it affects 0 row, if do:
select * gui_sessions session_id='03dfgpiu1jl8idcjf191hqv4m2' it returns 1 row
okay. problem solved. i'll leave answer here if somehow runs similar problem. still don't know xdebug did hide problem.
the problem was trying authenticate user updating last_used field in database session table. assumed if query able update field session must valid. check if sql update last_user rows affected equals 1, users php-session-id in session table. problem mysql returns 0 rows affected if field has value updated "reference". , in case that's of course true, cause session last_update field created in log in procedure.
but painful find problem cause xdebug doing strange there , after 0 rows affected update query jumped out of function without going else statement of if-clause check if number of affected rows equals 1.
comment if have idea why xdebug behaving way.
Comments
Post a Comment