Validate user before starting a session
Posted: Fri Dec 11, 2009 1:38 pm
I have the following code stored as "validate.php" (It is passed two $_POST variables from a basic log-in form: $_POST['name'] and $_POST['password']):
Home.php is here:
When I use the log-in form with a correct name and password combination I get:
..in my web browser. I know home.php isn't at fault because it works fine when $xsl__set('content') is something non-superglobal.
validate.php is doing something right because it is forwarding me to home.php (rather than back to index.php where the login form resides). I'd be grateful if someone could point out where I've gone wrong.
Thanks in advance for any help/tips/pointers
Code: Select all
session_start();
mysql_connect('localhost', 'user', 'password');
mysql_select_db('mydatabase');
$query = mysql_query("SELECT * FROM user");
$user = mysql_fetch_array($query);
// Check if $_POST['name'] exists in the `user` table:
if ($user['name'] == $_POST['name']) {
// If it does, select that row:
$query = mysql_query('SELECT * FROM user WHERE name='.$_POST['name']);
// ... and add it to an array:
$user = mysql_fetch_array($query);
// Now check if the password matches:
if ($user['password'] == $_POST['password']) {
// If it does, forward to correct page with session data:
$_SESSION['name'] = $_POST['name'];
$_SESSION['password'] = $_POST['password'];
header('Location: http://localhost.localdomain/home.php');
}
// If the password doesn't match, return to login form to try again:
else {
header('Location: http://localhost.localdomain/index.php');
}
}
// If the name doesn't exist in `user` table, return to login form to try again:
else {
header('Location: http://localhost.localdomain/index.php');
}Code: Select all
<?php
// Require the class file
require('classes.php');
// Instantiate the required objects
$load_xml = new DomDocument;
$load_xsl = new DomDocument;
$xslt = new XsltProcessor();
$xml = new xml();
$xsl = new xsl();
// Modify XSL
$xsl->__set('content', 'Name = '.$_SESSION['name'].'. Password = '.$_SESSION['password']);
// Transform to HTML
$load_xml->loadXML($xml->output());
$load_xsl->loadXML($xsl->output());
$xslt->importStylesheet($load_xsl);
echo $xslt->transformToXML($load_xml);Code: Select all
Notice: Undefined variable: _SESSION in /var/www/html/home.php on line 13
Notice: Undefined variable: _SESSION in /var/www/html/home.php on line 13validate.php is doing something right because it is forwarding me to home.php (rather than back to index.php where the login form resides). I'd be grateful if someone could point out where I've gone wrong.
Thanks in advance for any help/tips/pointers