sessions authentication and redirection
Posted: Mon Dec 29, 2003 12:05 pm
Hello all! First post!
Trying to create a sessions.inc file
My authentication is mysql_connect, not a username password field in a table somewhere
I would like for this page to:
redirect to welcome.php if login to the database is successful
redirect to badpass.php if login fails
do nothing if a session for this user is already found
The code works fine if the user / pass is correct. If a bad login is passed, I get:
Here's the code that is not working:
Trying to create a sessions.inc file
My authentication is mysql_connect, not a username password field in a table somewhere
I would like for this page to:
redirect to welcome.php if login to the database is successful
redirect to badpass.php if login fails
do nothing if a session for this user is already found
The code works fine if the user / pass is correct. If a bad login is passed, I get:
Code: Select all
Warning: mysql_connect(): Access denied for user: 'morrow@localhost' (Using password: YES) in /var/www/localhost/htdocs/session.inc on line 12
Warning: Cannot modify header information - headers already sent by (output started at /var/www/localhost/htdocs/session.inc:12) in /var/www/localhost/htdocs/session.inc on line 21Code: Select all
<?php
// Needed if register globals are turned off
$post_username = $_POSTї"username"];
$post_password = $_POSTї"password"];
$post_close = $_POSTї"close"];
session_start();
header("Cache-control: private");
if (isset($post_username) && isset($post_password))
{
endSession();
$DB = mysql_connect("localhost", $post_username, $post_password);
if ($DB)
{
$_SESSIONї'session_username'] = $post_username;
$_SESSIONї'session_password'] = $post_password;
}
else
{
endSession();
header("Location: badpass.php");
exit();
}
}
else if (!isset($_SESSIONї'session_username']) && !isset($_SESSIONї'session_password']))
{
endSession();
header("Location: badpass.php");
exit();
}
$DB = mysql_pconnect("localhost", $_SESSIONї'session_username'], $_SESSIONї'session_password']);
mysql_select_db ($_SESSIONї'session_username']);
if (isset($post_close))
{
endSession();
header("Location: .");
exit();
}
function endSession()
{
unset($_SESSIONї'session_username']);
unset($_SESSIONї'session_password']);
}
?>