a problem i cant seem to get around
Moderator: General Moderators
-
malcolmboston
- DevNet Resident
- Posts: 1826
- Joined: Tue Nov 18, 2003 1:09 pm
- Location: Middlesbrough, UK
ive just written this up now so if theres any typos, dont worry my script @ home is perfect (debugged in Zend, no problems with code)
now for some reason i cant pass a variable i even tried adding
after the main login routine now i know why this is happening but basically dont know how to fix it
the reason it is happening is because of the form action, if i change it to a particular page (logged_in/index.php) it works perfectly unfortunately the login script will not work anymore, so you can understand my predicament
any ideas mate?
Code: Select all
<?php
// *** Start the session
session_start();
// *** Validate request to log in to this site.
$FF_LoginAction = $_server['PHP_SELF'];
if (isset($_server['QUERY_STRING']) && $_server['QUERY_STRING']!="") $FF_LoginAction .= "?".htmlentities($_server['QUERY_STRING']);
if (isset($_post['username'])) {
$FF_valUsername=$_post['username'];
$FF_valPassword=$_post['password'];
$FF_fldUserAuthorization="";
$FF_redirectLoginSuccess="/content/template.htm";
$FF_redirectLoginFailed="/content/tractor_series/the_range/6140_6185/6140_6185_1.htm";
$FF_rsUser_Source="SELECT id, password ";
if ($FF_fldUserAuthorization != "") $FF_rsUser_Source .= "," . $FF_fldUserAuthorization;
$FF_rsUser_Source .= " FROM ibf_members WHERE id='" . $FF_valUsername . "' AND password='" . $FF_valPassword . "'";
mysql_select_db($database_LaptopDB, $LaptopDB);
$FF_rsUser=mysql_query($FF_rsUser_Source, $LaptopDB) or die(mysql_error());
$row_FF_rsUser = mysql_fetch_assoc($FF_rsUser);
if(mysql_num_rows($FF_rsUser) > 0) {
// username and password match - this is a valid user
$MM_Username=$FF_valUsername;
$_session("MM_Username");
if ($FF_fldUserAuthorization != "") {
$MM_UserAuthorization=$row_FF_rsUser[$FF_fldUserAuthorization];
} else {
$MM_UserAuthorization="";
}
$_session("MM_UserAuthorization");
if (isset($accessdenied) && false) {
$FF_redirectLoginSuccess = $accessdenied;
}
mysql_free_result($FF_rsUser);
$_session("FF_login_failed");
$FF_login_failed = false;
header ("Location: $FF_redirectLoginSuccess");
exit;
}
mysql_free_result($FF_rsUser);
$_session("FF_login_failed");
$FF_login_failed = true;
header ("Location: $FF_redirectLoginFailed");
exit;
}
?>Code: Select all
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<form name="form1" method="POST" action="<?php echo $FF_LoginAction?>">
<input name="username" type="text">
<input name="password" type="text">
</form>
</body>
</html>Code: Select all
print $_post['username'];the reason it is happening is because of the form action, if i change it to a particular page (logged_in/index.php) it works perfectly unfortunately the login script will not work anymore, so you can understand my predicament
any ideas mate?
-
malcolmboston
- DevNet Resident
- Posts: 1826
- Joined: Tue Nov 18, 2003 1:09 pm
- Location: Middlesbrough, UK
i do, i used zend studio to edit it all and it works fine all them vars are upper class
the problem is:
) because of the action is taken up, like i said i have had it working several times but with different methods
1) cookies to set username <-- massive security risk
2)globals on <-- dont want to do this if possible
3) replaced form action with a page, vars passed but login system didnt work
anyway i can sort this out?[/quote]
the problem is:
the vars wont pass (seems a little linear to me<form name="form1" method="POST" action="<?php echo $FF_LoginAction">
1) cookies to set username <-- massive security risk
2)globals on <-- dont want to do this if possible
3) replaced form action with a page, vars passed but login system didnt work
anyway i can sort this out?[/quote]
-
malcolmboston
- DevNet Resident
- Posts: 1826
- Joined: Tue Nov 18, 2003 1:09 pm
- Location: Middlesbrough, UK
the code you posted for the form is wrong
shoudl be
there is nothing wrong with the line
This just make the page form submit to the current page.
Code: Select all
<form name="form1" method="POST" action="<?php echo $FF_LoginAction">Code: Select all
<form name="form1" method="POST" action="<?php echo $FF_LoginAction; ?>">This just make the page form submit to the current page.
-
malcolmboston
- DevNet Resident
- Posts: 1826
- Joined: Tue Nov 18, 2003 1:09 pm
- Location: Middlesbrough, UK
if you still require it, tomorrow i will post the full page
fyi i use foxserv 3.0
it installs latest versions of apache, PHP and MySQL
all work perfectly
last night i thought of a work around but i think i have some syntax problems, i had an idea to register a session with variable data and extract it for later use
IT WORKED!! (in a sense anyway)
here is what i had
now when extracting from the next page i used this command
it came back as hello $username <-- actually on the page, so it seems as though the variable hadnt been set
any ideas?
fyi i use foxserv 3.0
it installs latest versions of apache, PHP and MySQL
all work perfectly
last night i thought of a work around but i think i have some syntax problems, i had an idea to register a session with variable data and extract it for later use
IT WORKED!! (in a sense anyway)
here is what i had
Code: Select all
session_start();
$_SESSION['username'] = $_POST['username'];Code: Select all
print $usernameany ideas?
-
malcolmboston
- DevNet Resident
- Posts: 1826
- Joined: Tue Nov 18, 2003 1:09 pm
- Location: Middlesbrough, UK
-
malcolmboston
- DevNet Resident
- Posts: 1826
- Joined: Tue Nov 18, 2003 1:09 pm
- Location: Middlesbrough, UK
-
malcolmboston
- DevNet Resident
- Posts: 1826
- Joined: Tue Nov 18, 2003 1:09 pm
- Location: Middlesbrough, UK