We have a new website using a custom php script and MySQL to manager user accounts. The script has a user session problem and we need someone to find it and correct it. Our PHP script accesses our MySQL DB to login users where we manage them in a user table. The problem is when a user is logged into their account on our site and they start to navigate the site, they end-up logged in to a different account called (testuser). Below is how to duplicate the problem on our site:
1. Go to [url removed, login to view]
2. Login to an account using Username:spennington and Password:sharon
3. You will notice the user logged in is currently (spennington)
4. Click "Account Manager" bullet on left.
5. Click "Classifieds" on top menu bar.
6. Click "Place Ad" on top menu bar (sometimes this will log you out for no reason).
7. Now look at the user logged into the accout (testuser).
8. Now when you click "Logout", (spennington) is now logged in.
9. This crossover occurs with all accounts, seem to always crossover to the (testuser) account.
Below are more test accounts to work with:
FYI, last week we had an issue where everyone had to login twice to get into their accounts and we mentioned this to our programmer and he said he corrected the problem. I'm not sure if his fix caused our current session problems or if the two are unrelated. We just wanted to give as much info as possible.
We need this fixed ASAP! Any expert at PHP should be able to identify and correct this issue very quickly.