There's your answer.  With register_globals on $_SESSION['rights']
becomes $rights  and when you do extract($row) you are overwritting the
$_SESSION variable.  A safer way of  using your code would be:

while ($row = mysql_fetch_array($result1, MYSQL_ASSOC))


    <option value="<?=$row['user']?>"><?=$row['fname']?> <?=$row['lname']?> - 

Thank you,
Micah Gersten
onShore Networks
Internal Developer

Darron Butler wrote:
> Thanks for your thoughts. To answer your first question, I'm using extract()
> because this is a page where admins and super users can edit the permissions
> of others for the site. Therefore, I have to query the database to create a
> listing of all users, and then have the admin/super user select one to
> modify (I was planning to serve the 'rights' informatin from the selected
> user via POST to another page where changes could be made). sometimes the
> user and rights that I get "assigned" when I hit refresh are another user
> with super rights and sometimes one with less than super rights and then I
> get sent to the 'die' landing page. I'm a real newbie at PHP/MySQL, so if
> there is a better/easier/more efficient way of creating the select list, I'm
> just not aware of how to do it. I just tried removing the extract statement
> and the select list is now empty...
> I'm using a free PHP/MySQL host online so I don't have access to make
> register_global changes, but I did find in the documentation that they have
> it set to "on". On a similar note, the variable $_SESSION['rights'] does
> certainly exist, it exists for the admin/super user logged in and accessing
> the administration page.
> What's interesting about this whole thing is that I have changed the query
> to include non session variables I have set and everything works fine. For
> instance (to clarify) since I set $_SESSION['user'] and $_SESSION['rights']
> when the user logs in, if my query to create the selection list is based on
> any other table columns (for instance, fname and lname and NOT user or
> rights) then the "weird" behavior does not show up. Having gone thru
> that...somehow, someway, the query of all user info seems to change the
> session variables. I appreciate your brain power thinking thru this! Any new
> thoughts? drb
> On Sun, Aug 10, 2008 at 2:33 PM, Evert Lammerts <[EMAIL PROTECTED]>wrote:
>>> Why use extract()? Try commenting it out... apart from it being
>> If you use 'register globals' there's a good chance that a variable
>> $rights exists because it's a key in your $_SESSION array (don't shoot
>> me if I'm wrong, I've never worked with 'register globals'). By using
>> extract() without the $type parameter (so with EXTR_OVERWRITE set),
>> the $type variable is overwritten.
>> So do try commenting it out.

PHP Database Mailing List (
To unsubscribe, visit:

Reply via email to