DB Error: 1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 2

SELECT * FROM `user` the_table WHERE the_table.userid = DB Error: 1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 2

SELECT * FROM `user` the_table WHERE the_table.userid = how to randomize session id in php? - iTechForums
Login
Search
Welcome to the iTechForums.
If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.
To register now click here.
Latest Threads
Advertisements
Forum Statistics
Threads:
Posts: 2
Members:
Number of Users Online:
Welcome to our newest member,
iTechForums » Programming Languages » PHP »

how to randomize session id in php?

Reply
 
Thread Tools Display Modes
  #1  
Old 05-15-2008, 08:54 PM
patatasmonster patatasmonster is offline
Junior Member
  
Join Date: May 2008
Posts: 13
Default

how to randomize session id in php?
I want to secure the url path of my site.... i dont want the users to see the id through the url... how do i do that?

or other ways how to
block users to just type the id and go to pages
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2  
Old 05-15-2008, 08:55 PM
cyndilou99 cyndilou99 is offline
Junior Member
  
Join Date: May 2008
Posts: 3
Default
I just fixed this same problem on my site a few days ago. There are lots of different ways to generate a random id but the one I settled on was...

<?php
// Uses uniqid() function to generate a token
$token = sha1(uniqid(mt_rand()));
echo $token;
?>

Now when a record is created in the DB it auto increments the ID but the INSERT statement also creates an RDID which is the random number. You can now use the RDID for $_GET queries.

There's no need to mess with $_SESSIONS since the $_GET will have the RDID. If someone messes with the URL it will kick to a page with "No Records Found".
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ColdFusion and Tabbed Browsing - session being shared - HELP!? DJBoca Cold Fusion 0 05-06-2008 08:49 PM
ColdFusion, How do I end a session? sparky77275 Cold Fusion 1 05-06-2008 01:46 PM

Your Ad Here

All times are GMT. The time now is 10:48 AM.
Contact Us - Archive - Top