Hello all!
This is my first time using these forums, so I'm not sure if this is the right place to post this. But I use a Mac, so at least it's a start.
My problem is this: I've been woking on building a blog for my website based on this tutorial for Dreamweaver. In the second part, it goes over user authentification and creating an admin section for editing and deleting entries and topics. Trouble is, after I finished part 2 and uploaded everything, I cant access any of the pages that contain the forms for updating and such. What happens is that when I click on a link, I'm asked (again) for my username and password, and then directed back to the admin index.php page instead of the update_art.php page.
The tutorial has all the finished pages available for download. I checked the PHP code that Dreamweaver generated when I was finished to the finished product available to download. They were identical.
Now I think it either must be faulty PHP code that Dreamweaver generated, or else I have something commented or uncommented that shouldn't be in Apache's config files (my website is hosted on my home computer - for fun!).
Unfortunately I'm at school right now, so I can't get at my files until tonight. However, this person had the same problem as me, and the code is posted.
Any help would be greatly appreciated! I'm very new to all of this - PHP, MySQL, Apache, etc. I'm thoroughly enjoying learning it, but dont know nearly enough to solve a problem like this.
- Wolf
PHP Blog trouble
Moderator: General Moderators
-
WolfpactVI
- Forum Newbie
- Posts: 2
- Joined: Mon Jan 24, 2005 10:32 am
- Location: Dún na nGall
-
WolfpactVI
- Forum Newbie
- Posts: 2
- Joined: Mon Jan 24, 2005 10:32 am
- Location: Dún na nGall
OK, here is the code from the admintemplate file, which controls the user authentification and redirects users to different pages. For some reason, it is stuck always redirecting to the admin index page, and will not let me into the other pages. The first bit is for a "logout user" feature, the second is supposed to be for authentication, and for storing the entered username and password.
I forget where the Apache config file is, so if someone could give me the location again, so I can check through it, that would be great.
- Wolf
Code: Select all
<?php
//initialize the session
session_start();
// ** Logout the current user. **
$logoutAction = $_SERVERї'PHP_SELF']."?doLogout=true";
if ((isset($_SERVERї'QUERY_STRING'])) && ($_SERVERї'QUERY_STRING'] != "")){
$logoutAction .="&". htmlentities($_SERVERї'QUERY_STRING']);
}
if ((isset($_GETї'doLogout'])) &&($_GETї'doLogout']=="true")){
//to fully log out a visitor we need to clear the session varialbles
session_unregister('MM_Username');
session_unregister('MM_UserGroup');
$logoutGoTo = "/blog/index.php";
if ($logoutGoTo) {
header("Location: $logoutGoTo");
exit;
}
}
?>
<?php
session_start();
$MM_authorizedUsers = "admin";
$MM_donotCheckaccess = "false";
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;
// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if (($strUsers == "") && false) {
$isValid = true;
}
}
return $isValid;
}
$MM_restrictGoTo = "/admin/login.php";
if (!((isset($_SESSIONї'MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSIONї'MM_Username'], $_SESSIONї'MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVERї'PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
}
?>- Wolf