Page 1 of 1

sessions authentication and redirection

Posted: Mon Dec 29, 2003 12:05 pm
by Mallrats
Hello all! First post!
Trying to create a sessions.inc file
My authentication is mysql_connect, not a username password field in a table somewhere
I would like for this page to:
redirect to welcome.php if login to the database is successful
redirect to badpass.php if login fails
do nothing if a session for this user is already found

The code works fine if the user / pass is correct. If a bad login is passed, I get:

Code: Select all

Warning: mysql_connect(): Access denied for user: 'morrow@localhost' (Using password: YES) in /var/www/localhost/htdocs/session.inc on line 12

Warning: Cannot modify header information - headers already sent by (output started at /var/www/localhost/htdocs/session.inc:12) in /var/www/localhost/htdocs/session.inc on line 21
Here's the code that is not working:

Code: Select all

<?php
	// Needed if register globals are turned off
	$post_username = $_POST&#1111;"username"];
	$post_password = $_POST&#1111;"password"];
	$post_close = $_POST&#1111;"close"];
	session_start();
	header("Cache-control: private");
	if (isset($post_username) && isset($post_password))
	&#123;
		endSession();

		$DB = mysql_connect("localhost", $post_username, $post_password);
		if ($DB)
		&#123;
			$_SESSION&#1111;'session_username'] = $post_username;
			$_SESSION&#1111;'session_password'] = $post_password;
		&#125;
		else
		&#123;
			endSession();
			header("Location: badpass.php");
			exit();
		&#125;
	&#125;
	else if (!isset($_SESSION&#1111;'session_username']) && !isset($_SESSION&#1111;'session_password']))
	&#123;
		endSession();
		header("Location: badpass.php");
		exit();
	&#125;
	$DB = mysql_pconnect("localhost", $_SESSION&#1111;'session_username'], $_SESSION&#1111;'session_password']);
	mysql_select_db ($_SESSION&#1111;'session_username']);
	if (isset($post_close))
	&#123;
		endSession();
		header("Location: .");
		exit();
	&#125;

	function endSession()
	&#123;
		unset($_SESSION&#1111;'session_username']);
		unset($_SESSION&#1111;'session_password']);
	&#125;
?>

Posted: Mon Dec 29, 2003 12:15 pm
by Mallrats
I should learn to not be a moron
Output buffering worked

Here's the result working file

Code: Select all

<?php
	ob_start();
	function endSession()
	&#123;
		unset($_SESSION&#1111;'session_username']);
		unset($_SESSION&#1111;'session_password']);
	&#125;
	// Needed if register globals are turned off
	$post_username = $_POST&#1111;"username"];
	$post_password = $_POST&#1111;"password"];
	$post_close = $_POST&#1111;"close"];
	session_start();
	header("Cache-control: private");
	if (isset($post_username) && isset($post_password))
	&#123;
		endSession();
		$DB = mysql_connect("localhost", $post_username, $post_password);
		if ($DB)
		&#123;
			$_SESSION&#1111;'session_username'] = $post_username;
			$_SESSION&#1111;'session_password'] = $post_password;
		&#125;
		else
		&#123;
			endSession();
			header("Location: badpass.php");
			exit();
		&#125;
	&#125;
	else if (!isset($_SESSION&#1111;'session_username']) && !isset($_SESSION&#1111;'session_password']))
	&#123;
		endSession();
		header("Location: badpass.php");
		exit();
	&#125;
	$DB = mysql_pconnect("localhost", $_SESSION&#1111;'session_username'], $_SESSION&#1111;'session_password']);
	mysql_select_db ($_SESSION&#1111;'session_username']);
	if (isset($post_close))
	&#123;
		endSession();
		header("Location: .");
		exit();
	&#125;
	ob_end_flush();
?>