a problem i cant seem to get around

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

might help if you show us the code that you have now updated

Mark
malcolmboston
DevNet Resident
Posts: 1826
Joined: Tue Nov 18, 2003 1:09 pm
Location: Middlesbrough, UK

Post by malcolmboston »

ive just written this up now so if theres any typos, dont worry my script @ home is perfect (debugged in Zend, no problems with code)

Code: Select all

<?php 
// *** Start the session 
session_start(); 
// *** Validate request to log in to this site. 
$FF_LoginAction = $_server['PHP_SELF']; 
if (isset($_server['QUERY_STRING']) && $_server['QUERY_STRING']!="") $FF_LoginAction .= "?".htmlentities($_server['QUERY_STRING']); 
if (isset($_post['username'])) { 
  $FF_valUsername=$_post['username']; 
  $FF_valPassword=$_post['password']; 
  $FF_fldUserAuthorization=""; 
  $FF_redirectLoginSuccess="/content/template.htm"; 
  $FF_redirectLoginFailed="/content/tractor_series/the_range/6140_6185/6140_6185_1.htm"; 
  $FF_rsUser_Source="SELECT id, password "; 
  if ($FF_fldUserAuthorization != "") $FF_rsUser_Source .= "," . $FF_fldUserAuthorization; 
  $FF_rsUser_Source .= " FROM ibf_members WHERE id='" . $FF_valUsername . "' AND password='" . $FF_valPassword . "'"; 
  mysql_select_db($database_LaptopDB, $LaptopDB); 
  $FF_rsUser=mysql_query($FF_rsUser_Source, $LaptopDB) or die(mysql_error()); 
  $row_FF_rsUser = mysql_fetch_assoc($FF_rsUser); 
  if(mysql_num_rows($FF_rsUser) > 0) { 
    // username and password match - this is a valid user 
    $MM_Username=$FF_valUsername; 
    $_session("MM_Username"); 
    if ($FF_fldUserAuthorization != "") { 
      $MM_UserAuthorization=$row_FF_rsUser[$FF_fldUserAuthorization]; 
    } else { 
      $MM_UserAuthorization=""; 
    } 
    $_session("MM_UserAuthorization"); 
    if (isset($accessdenied) && false) { 
      $FF_redirectLoginSuccess = $accessdenied; 
    } 
    mysql_free_result($FF_rsUser); 
    $_session("FF_login_failed"); 
   $FF_login_failed = false; 
    header ("Location: $FF_redirectLoginSuccess"); 
    exit; 
  } 
  mysql_free_result($FF_rsUser); 
  $_session("FF_login_failed"); 
  $FF_login_failed = true; 
  header ("Location: $FF_redirectLoginFailed"); 
  exit; 
} 
?>

Code: Select all

&lt;html&gt; 
&lt;head&gt; 
&lt;title&gt;Untitled Document&lt;/title&gt; 
&lt;meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"&gt; 
&lt;/head&gt; 

&lt;body&gt; 
&lt;form name="form1" method="POST" action="&lt;?php echo $FF_LoginAction?&gt;"&gt; 
&lt;input name="username" type="text"&gt; 
&lt;input name="password" type="text"&gt; 
&lt;/form&gt; 
&lt;/body&gt; 
&lt;/html&gt;
now for some reason i cant pass a variable i even tried adding

Code: Select all

print $_post['username'];
after the main login routine now i know why this is happening but basically dont know how to fix it

the reason it is happening is because of the form action, if i change it to a particular page (logged_in/index.php) it works perfectly unfortunately the login script will not work anymore, so you can understand my predicament

any ideas mate?
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

for a start, you need uperscase on variables such as $_SERVER and $_POST and $_GET

unless you have them like that in your other script

Mark
malcolmboston
DevNet Resident
Posts: 1826
Joined: Tue Nov 18, 2003 1:09 pm
Location: Middlesbrough, UK

Post by malcolmboston »

i do, i used zend studio to edit it all and it works fine all them vars are upper class

the problem is:
<form name="form1" method="POST" action="<?php echo $FF_LoginAction">
the vars wont pass (seems a little linear to me :roll: ) because of the action is taken up, like i said i have had it working several times but with different methods
1) cookies to set username <-- massive security risk
2)globals on <-- dont want to do this if possible
3) replaced form action with a page, vars passed but login system didnt work

anyway i can sort this out?[/quote]
malcolmboston
DevNet Resident
Posts: 1826
Joined: Tue Nov 18, 2003 1:09 pm
Location: Middlesbrough, UK

Post by malcolmboston »

no-one know a workaround?
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

the code you posted for the form is wrong

Code: Select all

<form name="form1" method="POST" action="<?php echo $FF_LoginAction">
shoudl be

Code: Select all

<form name="form1" method="POST" action="<?php echo $FF_LoginAction; ?>">
there is nothing wrong with the line

This just make the page form submit to the current page.
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

if all else fails, i may be able to help you with a remote admin sesison if you want.

Mark
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

also, what version of PHP you using?
User avatar
aquila125
Forum Commoner
Posts: 96
Joined: Tue Dec 09, 2003 10:39 am
Location: Belgium

Post by aquila125 »

can you gives us a copy of the generated page?
malcolmboston
DevNet Resident
Posts: 1826
Joined: Tue Nov 18, 2003 1:09 pm
Location: Middlesbrough, UK

Post by malcolmboston »

if you still require it, tomorrow i will post the full page

fyi i use foxserv 3.0
it installs latest versions of apache, PHP and MySQL
all work perfectly

last night i thought of a work around but i think i have some syntax problems, i had an idea to register a session with variable data and extract it for later use
IT WORKED!! (in a sense anyway)

here is what i had

Code: Select all

session_start();
$_SESSION['username'] = $_POST['username'];
now when extracting from the next page i used this command

Code: Select all

print $username
it came back as hello $username <-- actually on the page, so it seems as though the variable hadnt been set :roll:

any ideas?
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

if there variable hadn't been set, it would have printed nothing.

Your variable hasn't been parsed.

Mark
malcolmboston
DevNet Resident
Posts: 1826
Joined: Tue Nov 18, 2003 1:09 pm
Location: Middlesbrough, UK

Post by malcolmboston »

lol without meaning too sound dumb

why the <span style='color:blue' title='I&#39;m naughty, are you naughty?'>smurf</span> not?
malcolmboston
DevNet Resident
Posts: 1826
Joined: Tue Nov 18, 2003 1:09 pm
Location: Middlesbrough, UK

Post by malcolmboston »

possible typo?
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

yeah, probably a typo i would think
malcolmboston
DevNet Resident
Posts: 1826
Joined: Tue Nov 18, 2003 1:09 pm
Location: Middlesbrough, UK

Post by malcolmboston »

ok, but technically if ive written that code, and its actually returned a value, then it should return a var right?
Post Reply