We are testing a multi-user quiz system with PHP session management.
Everything has been fine until we tested the system with about 12 users...
Each user gets an individual instantiation of some questions and they
type in some answers and submit them for marking. To remember the
question instantiations across script invocations we store them in a
$_SESSION variable (nb. I don't use session_register or similar, I just set
$_SESSION['var'] directly). Upon submission we log the questions, the correct
answers (all from the $_SESSION variable), and the user answers (from $_POST)
in a database for marking later. Everything seemed to work fine, except...
One user is absolutely sure that the question instantiations logged
in the database are NOT the ones he saw on his browser! I've reviewed
the code paths and I am also sure (!) that the questions cannot be
re-instantiated across script invocations. So that leaves me looking for
another reason. Could the session management in PHP have gotten confused and
he got someone elses SESSION variable??
Is this possible ? Or am I being naive and should look harder at my code?
Win2000 Professional 5.00 SP2
Internet Explorer 6.0.2600
Any tips gratefully received!
Ian Thurlbeck http://www.stams.strath.ac.uk/
Statistics and Modelling Science, University of Strathclyde
Livingstone Tower, 26 Richmond Street, Glasgow, UK, G1 1XH
Tel: +44 (0)141 548 3667 Fax: +44 (0)141 552 2079
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php