mysql_affected_rows sometimes returns 0 instead of 1

Question

I have a strange problem with php scripts - mysql_affected_rows() sometimes returns "0" for no reason.

There is a similar question @stackoverflow and answer to this question is:

MySQL only actually updates a row if there would be a noticeable difference before and after the updat.

But this is not my case. For example, if value before update is 1320402744 and value after update is 1320402944 mysql_affected_rows() anyway return "0". Is this difference not enough noticable?

Below are 3 files. As you can see, all files include file "functions.inc.php" which calls function "online()".

File "login.php" is working fine. It inserts a new row in "session" table correctly.

File "content.php" is working fine - it displays content and correctly runs function "online() in "functions.inc.php".

Then I call file "test.php". It deletes "something from sometable" correctly. Then it refreshes itself (Header("Location: /test.php");). After refreshing I am logged off.

I added this to "online()" function:

echo "affected_rows";

It returns 0.

I added more code to "online() function:

$checkuser = mysql_query("SELECT userid FROM session WHERE userid = '" . $_SESSION['id'] . "'") or die('Error');
$found = mysql_num_rows($checkuser);

echo $found;

 $result = mysql_query("UPDATE session SET time='$ctime' WHERE userid='".$_SESSION['id']."'") or die('Error');
    $affected_rows = mysql_affected_rows();
    if ($affected_rows != 1) @session_destroy();

echo $affected_rows;

The result is 1 and 0.

I checked the database. "time" field in session table has been updated.

So, I can't understand how is it possible that the row exists, it updates correctly but mysql_affected_rows(); returns 0, and why this happends only if te same page has been refreshed.

functions.inc.php

<?php
@ob_start();@session_start();
@mysql_connect(C_HOST, C_USER, C_PASS) or die('Cant connect');
@mysql_select_db(C_BASE) or die('Cant select DB');

function online() {
$ctime = time()+1800;

if((isset($_SESSION['id']))&&(is_numeric($_SESSION['id']))) {

$query = mysql_query("UPDATE session SET time='$ctime2' WHERE userid='".$_SESSION['id']."'") or die('Error');
$affected_rows = mysql_affected_rows();
if ($affected_rows != 1) @session_destroy();
}
}

//many other functions go here

online();
?>

login.php

<?php
include_once 'configuration.inc.php';
include_once 'functions.inc.php';

//many things go here

$upd = mysql_query("INSERT INTO session VALUES ('" . $i['id'] . "','$ctime')") or die('Error2');
Header("Location: /content.php?justlogged=1");
die;
?>

content.php

<?php
include_once 'configuration.inc.php';
include_once 'functions.inc.php';
//many thing go here
echo "content";

?>

test.php

    <?php
    include_once 'configuration.inc.php';
    include_once 'functions.inc.php';

    if (isset($_GET['tid'])&&(is_numeric($_GET['tid']))){
    $result = mysql_query("delete from some_table where something = '" . $_GET['tid'] . "'") or die('Error123a');
Header("Location: /test.php");
    die;
    }

    //file content

    ?>

Answer 1

In your function.inc.php you call online() - session time is changed every second. But can it be that you're switching between pages (login, content, test) more faster than 1 second? In that case time would be the same and you'd get session destroy because of unaffected rows

Edit:

Yes. As I thought.

See how it comes:

you call login.php: after successful login it creates new session with time X. After this you're immediately redirected to content.php (time is still X) which calls online again. And of course, as you redirected immediately - time is the same.. so already at point of content.php session is already destroyed, because time wasn't changed.