StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POPHP+MySQL website (localhost) working with netbeans xdebug, but NOT ALONE
text
Body
copied!<p>Okay, this may sound off-topic, but I want to know if someone have had similar experience and if they found the problem/solution.</p> <p><em>Sorry this post has grown more like self try-and-error raportting, cause no one have answered. I have added status updates of problem solving in bottom of question.</em></p> <p><strong>For a moment the problem seems to be my database update query.</strong></p> <p>I'm developing PHP+MySQL website on netbeans 7.3. + XAMPP. Everything was working fine. No <strong>suddenly my log-in form</strong> (suppose to save some $_SESSION variables and redirect to page) <strong>is not working</strong>.</p> <p>Strange thing is that <strong>when I debug with Netbeans + Xdebug all goes fine</strong>. Session variables are set and page forwarded correctly.</p> <p><strong>Question: Does someone faced similar problem? Has anyone idea what could be going wrong?</strong></p> <p>I only can suppose something in system is set differently when I run xdebug. (But the exact(?) same log-in was working fine few days ago).</p> <p>I have tried lot of things (many many hours but most of them don't come to my mind now). I tried to move the page on remote server and same behavior continues.</p> <p>(If you want more info ask and I'll edit.)</p> <p>Hope someone has ideas!</p> <p>EDIT: I think has something to do with my php-session variables. I realized that while Xdebug the site starts with empty php-session variables, so it does use/get same ones it normally has (?)</p> <p>The code is creating sessions to database, but it does not get to the next step to set the php-session variables. (Check out the place in index.php marked as /* HERE IS THE PLACE */</p> <p>Okay. HERE IS STRIPPED CODE (working with netbeans+xdebug, not alone):</p> <p>index.php:</p> <pre><code><?php //Open PDO connection to MySQL server: $db_con $db_connection = $_SERVER['DOCUMENT_ROOT'] . '/test-login/db.php'; require $db_connection; session_start(); //****************************************************************************** //Helping functions function convert_time_to_utc_date ($UNIX_timestamp) { return gmdate("Y-m-d H:i:s", $UNIX_timestamp); } //****************************************************************************** // Function to authenticate user with username and password. returns FALSE if not authenticated and TRUE if successful authentication function authenticate_username_password($db_con, $usernm, $passwd) { try { $stmt = $db_con->prepare("SELECT id, hashed_pwd, COUNT(*) AS usercount FROM gui_users WHERE username=? AND not_in_use = 0 AND deleted = 0"); $stmt->execute(array($usernm)); if($row = $stmt->fetch(PDO::FETCH_ASSOC)) { if($row['usercount'] == 1){ if(crypt($passwd, $row['hashed_pwd']) == $row['hashed_pwd']){ $user_id = $row['id']; session_regenerate_id(true); $new_session_id = session_id(); $remote = true; $datenow = convert_time_to_utc_date(time()); $stmt = $db_con->prepare("INSERT INTO gui_sessions (session_id,user_id,starttime_UTC,lastused_UTC,remote) VALUES (?, ?, ?, ?, ?)"); $stmt->execute(array($new_session_id, $user_id, $datenow, $datenow, $remote)); return $user_id; } } } return FALSE; } catch (PDOException $e) { return FALSE; } } //****************************************************************************** //Function to get user roles function get_user_roles(PDO $db_con, $user_id) { try { $stmt = $db_con->prepare("SELECT role_id, role_last FROM gui_users WHERE id = ?"); $stmt->execute(array($user_id)); $row = $stmt->fetch(PDO::FETCH_ASSOC); return array('max_role_id' => $row['role_id'], 'last_role_id' => $row['role_last']); } catch (PDOException $e) { return FALSE; } } //****************************************************************************** // Function to handel sessions, log in and log out function authenticate(PDO $db_con) { //******************** // If action is LOG IN if (isset($_POST['action']) and $_POST['action'] == 'login') { if (!isset($_POST['username']) or $_POST['username'] == '' or !isset($_POST['passwd']) or $_POST['passwd'] == '') { $GLOBALS['loginError'] = 'Please fill in both fields'; return FALSE; } $user_id = authenticate_username_password($db_con, $_POST['username'], $_POST['passwd']); if ($user_id !== false && $user_id > 0) { $_SESSION['reloadcounter'] = 1; $_SESSION['username'] = $_POST['username']; $_SESSION['user_id'] = $user_id; $_SESSION['user_def_page'] = 1; //get_user_default_page($db_con, $user_id); $user_roles = get_user_roles($db_con, $user_id); $_SESSION['max_role_id'] = $user_roles['max_role_id']; $_SESSION['sel_role_id'] = $user_roles['last_role_id']; $goto = isset($_POST['goto']) ? $_POST['goto'] : HTTPS_SERVER; header('Location: ' . $goto); exit; } else { $GLOBALS['loginError'] = 'Wrong username or password!'; return FALSE; } } //********************* // If action is LOG OUT if (isset($_POST['action']) and $_POST['action'] == 'logout') { $user_ses_id = session_id(); try { $stmt = $db_con->prepare("DELETE FROM gui_sessions WHERE session_id=?"); $stmt->execute(array($user_ses_id)); } catch (PDOException $e) { log_error('PDO_CONN', $e->getCode(), $e->getMessage(), TRUE, $db_con); } session_regenerate_id(true); unset($_SESSION['reloadcounter']); unset($_SESSION['username']); unset($_SESSION['user_id']); unset($_SESSION['user_def_page']); unset($_SESSION['max_role_id']); unset($_SESSION['sel_role_id']); $goto = isset($_POST['goto']) ? $_POST['goto'] : HTTPS_SERVER; header('Location: ' . $goto); exit; } //************************************ // If no action see if user logged in $user_ses_id = session_id(); $datenow = convert_time_to_utc_date(time()); try { $stmt = $db_con->prepare("UPDATE gui_sessions SET lastused_UTC=? WHERE session_id=?"); $stmt->execute(array($datenow, $user_ses_id)); if ($stmt->rowCount() == 1) { return TRUE; } else { unset($_SESSION['reloadcounter']); unset($_SESSION['username']); unset($_SESSION['user_id']); unset($_SESSION['user_def_page']); unset($_SESSION['max_role_id']); unset($_SESSION['sel_role_id']); return FALSE; } } catch (PDOException $e) { log_error('PDO_CONN', $e->getCode(), $e->getMessage(), TRUE, $db_con); if (DEBUG_ON) { echo 'SESSION UPDATE FAILED<br>'; } return FALSE; } } //****************************************************************************** //SESSION CONTROL if (!authenticate($db_con)) { include 'login.html.php'; exit(); } include 'page.html.php'; ?> </code></pre> <p>login.html.php:</p> <pre><code><html> <head> <meta charset="utf-8"> </head> <body> <p class="login-error"><?php if(isset($loginError)) { echo $loginError; } else { echo '&nbsp;'; } ?></p> <form id="login" action="" method="POST" name="login"> <label for="username">Username:</label><br /> <input name="username" type="text" size="40" value="" tabindex="0" /><br /> <label for="passwd">Password:</label><br /> <input name="passwd" type="password" size="40" value="" tabindex="1" /><br /> <input type="hidden" name="goto" value="https://localhost/test-login/"/> <input type="hidden" name="action" value="login"/> <input type="submit" class="button login" value="Login" tabindex="2"/><br /> </form> <div><?php echo '<pre>' . var_dump($_SESSION) . '</pre>'; ?></div> </body> </html> </code></pre> <p>page.html.php:</p> <pre><code><html> <head> <title></title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> </head> <body> <div> <h1>Hello world!</h1> <?php echo '<pre>' . var_dump($_SESSION) . '</pre>'; ?> </div> </body> </html> </code></pre> <p>EDIT: I have track the error more and it seems that while Xdebuging the $_POST variables are okay, but standalone PHP interpreter is losing them some how.</p> <p>Strange is also that I create the session to database inside if(isset($_POST['action']) && $_POST['action'] == 'login') and the php does not seem to get in there but it is able to Insert the session in database inside that if clause.</p> <p>EDIT: Braking this till very peaces helped me to found one big mistake which still should not affect to the ACTUAL problem but made it much more harder to found.</p> <p>Cause I have forgot to add curly brackets to if-else in the end of authenticate, the function always unset the session variables. In the beginning I thought that the function is not able to set them but it's actually unsetting them after redirection to "$_SERVER['PHP_SELF']". Anyway this should not happen if the UPDATE gui_session statement would work. But it made it much harder to see where is the problem. Here is the correction for index.php:</p> <pre><code>//************************************ // If no action see if user logged in $user_ses_id = session_id(); $datenow = convert_time_to_utc_date(time()); try { $stmt = $db_con->prepare("UPDATE gui_sessions SET lastused_UTC=? WHERE session_id=?"); $stmt->execute(array($datenow, $user_ses_id)); if ($stmt->rowCount() == 1) { return TRUE; } else { unset($_SESSION['reloadcounter']); unset($_SESSION['username']); unset($_SESSION['user_id']); unset($_SESSION['user_def_page']); unset($_SESSION['max_role_id']); unset($_SESSION['sel_role_id']); return FALSE; } } catch (PDOException $e) { log_error('PDO_CONN', $e->getCode(), $e->getMessage(), TRUE, $db_con); if (DEBUG_ON) { echo 'SESSION UPDATE FAILED<br>'; } return FALSE; } </code></pre> <p>The problem is that this update fails. But i have no idea why.</p> <pre><code>$stmt = $db_con->prepare("UPDATE gui_sessions SET lastused_UTC=? WHERE session_id=?"); $stmt->execute(array($datenow, $user_ses_id)); if ($stmt->rowCount() == 1) { return TRUE; } </code></pre> <p>If I try in php myadmin:</p> <pre><code>UPDATE gui_sessions SET lastused_UTC='2013-08-04 12:00:00' WHERE session_id='03dfgpiu1jl8idcjf191hqv4m2' </code></pre> <p>It affects 0 row, but if i do:</p> <pre><code>SELECT * FROM gui_sessions WHERE session_id='03dfgpiu1jl8idcjf191hqv4m2' </code></pre> <p>It returns 1 row</p>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload