SitePoint Sponsor

User Tag List

Results 1 to 8 of 8
  1. #1
    SitePoint Member
    Join Date
    Apr 2014
    Posts
    4
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Can't insert open session id into MySQL Database

    I'm trying to insert the session_id along with other values into a database table when the user signs up, however the session_id field always ends up blank in the database, which is very weird, because I'm starting the session correctly with session_start(), I've even used var_dump at the session_id and the string that I'm using to execute the query in order to see if the session id is in there, and it is. Another funny thing is that when I place any other string instead of the result generated from session_id() it is registered in the database, unless the string I'm trying to use is the result taken from the var_dump() on session_id(), which is very strange, because if I go to another browser and generate a different session id, copy and paste it there, it works, also if I use the same SQL statement directly into SQL command prompt or phpMyAdmin using the session_id() that I can't insert with PHP, it works perfectly. I don't know why but it's not allowing me to insert the id of the current session via mysql_query. My code is the following:

    Code:
    $email = mysql_real_escape_string($_POST['signup_email']);
     $password = md5(mysql_real_escape_string($_POST['signup_password']));
     $origPassword = mysql_real_escape_string($_POST['signup_password']);
     $first_name = mysql_real_escape_string($_POST['first_name']);
     $last_name = mysql_real_escape_string($_POST['last_name']);
     $mobile_phone = mysql_real_escape_string($_POST['mobile_phone']);
     $sessionID = session_id();
     $fullName = mysql_real_escape_string($first_name." ".$last_name);
     var_dump($sessionID);
    
     //Inserting user info
     $q_user = "INSERT INTO
                    minders (
    
                                name,
                                phone,
                                ssid,
                                insert_datetime,
                                status,
                                email,
                                password,
                                is_minder,
                                login_allowed
                            )
                VALUES
                            (
    
                                '{$fullName}',
                                '{$mobile_phone}',
                                '{$sessionID}',
                                now(),
                                'deactivated',
                                '{$email}',
                                '{$password}',
                                0,
                                1
                            )";
    
     var_dump($q_user);
    
     $r_user = mysql_query($q_user) or die(mysql_error());
    I hope someone can help me with that. Thanks very much! Note: I know mysql_query is deprecated but isn't feasible for me to change it.

  2. #2
    SitePoint Evangelist
    Join Date
    Aug 2006
    Location
    Nantwich, Cheshire
    Posts
    412
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Obvious question I know, but how much space have you allowed in the database column for the session ID? I don't know if it would truncate or just fail to write if it overflowed, maybe that's a config setting. I understand the length varies depending on config as well.
    http://www.firenza.net - my homage to a car from the 1970s

  3. #3
    SitePoint Member
    Join Date
    Apr 2014
    Posts
    4
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    The field is a VARCHAR of length 120, and think that is enough.

  4. #4
    SitePoint Evangelist
    Join Date
    Aug 2006
    Location
    Nantwich, Cheshire
    Posts
    412
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Looking at some sample code around, do you need to call escape_string() on the sessionID? Other code seems to do that, but I cannot tell whether it needs to in the real world or whether it's just covering all bases.

    And yes, maximum session ID seems to be 40 characters, so your column is probably big enough.
    http://www.firenza.net - my homage to a car from the 1970s

  5. #5
    From space with love silver trophy
    SpacePhoenix's Avatar
    Join Date
    May 2007
    Location
    Poole, UK
    Posts
    5,029
    Mentioned
    103 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by housemydog View Post
    Note: I know mysql_query is deprecated but isn't feasible for me to change it.
    Not changing away from mysql_* functions is not really an option, as soon as your host upgrades the server to a version where the mysql_* functions have been removed, your site will be well and truly broken. Have a read of this SitePoint article which explains about migrating over to PDO.

    Double check that your using session_start() before this script is called
    Community Team Advisor
    Forum Guidelines: Posting FAQ Signatures FAQ Self Promotion FAQ
    Help the Mods: What's Fluff? Report Fluff/Spam to a Moderator

  6. #6
    SitePoint Wizard bronze trophy
    Join Date
    Jul 2006
    Location
    Augusta, Georgia, United States
    Posts
    4,151
    Mentioned
    16 Post(s)
    Tagged
    3 Thread(s)
    Quote Originally Posted by SpacePhoenix
    Not changing away from mysql_* functions is not really an option, as soon as your host upgrades the server to a version where the mysql_* functions have been removed, your site will be well and truly broken. Have a read of this SitePoint article which explains about migrating over to PDO.
    Well if the site is not owned or maintained by the op than it is the clients problem not the developers.
    The only code I hate more than my own is everyone else's.

  7. #7
    SitePoint Member
    Join Date
    Apr 2014
    Posts
    4
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by droopsnoot View Post
    Looking at some sample code around, do you need to call escape_string() on the sessionID? Other code seems to do that, but I cannot tell whether it needs to in the real world or whether it's just covering all bases.

    And yes, maximum session ID seems to be 40 characters, so your column is probably big enough.
    I've already tried to call escape_string(), I don't think it is really needed, but I tried for safeness, but the problem remained.

  8. #8
    SitePoint Member
    Join Date
    Apr 2014
    Posts
    4
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks, I'll take a look at the article.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •