code was working but not anymore?!?!

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
khuti
Forum Newbie
Posts: 13
Joined: Mon Mar 06, 2006 12:29 am

code was working but not anymore?!?!

Post by khuti »

hi, ive built a content managements system for somebody and it all worked fine but when i uploaded it to their server where their web space is it doesnt work. well it kinda does.. the stuff that viewers can view is viewable so database is working. but when it comes to login into the content management, nothing happens!

i have an include file at the top of the page code to validate if the login is correct on submit. but its as if its totally missing this out because if it was me login in wrong it should show an error but i dont even get that. the page just reloads itself.

any ideas as to what would be causing this?.. ive double checked my spelling of the file incase i changed it by accident but thats all fine.
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Post by Benjamin »

Sounds like one of the functions you are using isn't available on the version of PHP installed on the server. Might want to post some code as well. That would help us help you.
khuti
Forum Newbie
Posts: 13
Joined: Mon Mar 06, 2006 12:29 am

Post by khuti »

feyd | Please use

Code: Select all

and

Code: Select all

tags where appropriate when posting code. Read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]


right well this is the login page.. its not the includes thats causing the prob coz i tried it without them and just put the code in and it still didnt work.

Code: Select all

<?php
include("db_connect.inc");
include("validate.inc");
}
?>
<HTML>
  <HEAD>
	<title>Falcon Hotel - Content Management</title>
<LINK REL="stylesheet" HREF="css.css" TYPE="text/css">
  </HEAD>
<BODY>
<center>
<h3>Falcon Hotel Login</h3>
<hr WIDTH="100%" size="1"></hr>
<FORM METHOD="post" action="<?=$PHP_SELF?>">
<TABLE CELLPADDING="10" CELLSPACING="2">
  <TR>
	<TD class="output2"><p class="grey"><b>username:</b></p></TD>
	<TD class="output"><INPUT TYPE="text" name="username" CLASS="size"></TD>
  </TR>
  <TR>
	<TD class="output2"><p class="grey"><b>password:</b></p></TD>
	<TD class="output"><INPUT TYPE="password" name="password" CLASS="size"></TD>
  </TR>
  <TR>
	<TD></TD>
	<TD class="output2"><INPUT TYPE="submit" name="submit" value="submit"></TD>
  </TR>
</TABLE>
</FORM>
</BODY>
</HTML>
inside the validate it looks like this..

Code: Select all

<?php

  if ($submit) {

$username=$_REQUEST['username'];//get username from form
$password=$_REQUEST['password'];//get password from form

session_start();
$result = mysql_query("SELECT * FROM login_sys WHERE pass='$password' AND login='$username'");

if ($row = mysql_fetch_array($result)) {
    //--set session variable--//
    $_SESSION['loggedin'] = TRUE;
    header("Location: http://server.name/~username/cms/admin.php");
}
else {
    //--dont set a session, give an error message--//
    echo "Login failure";
}

}
?>

feyd | Please use

Code: Select all

and

Code: Select all

tags where appropriate when posting code. Read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

looks like your code assumes register_globals is on.

Run the following in a new file on both servers and tell us the results please.

Code: Select all

<?php

$ve = phpversion();
$os = PHP_OS;
$er = intval(error_reporting());
$rg = (in_array(strtolower(ini_get('register_globals')), array(0, false, '', null, 'off')) ? 'Off' : 'On');
$de = (in_array(strtolower(ini_get('display_errors')), array(0, false, '', null, 'off')) ? 'Off' : 'On');
$eol = (isset($_SERVER['HTTP_HOST']) ? "<br />\n" : "\n");

$ec = array(
'E_STRICT' => 2048,
'E_ALL' => 2047,
'E_USER_NOTICE' => 1024,
'E_USER_WARNING' => 512,
'E_USER_ERROR' => 256,
'E_COMPILE_WARNING' => 128,
'E_COMPILE_ERROR' => 64,
'E_CORE_WARNING' => 32,
'E_CORE_ERROR' => 16,
'E_NOTICE' => 8,
'E_PARSE' => 4,
'E_WARNING' => 2,
'E_ERROR' => 1,
);

$e = array();
$t = $er;
foreach ($ec as $n => $v)
{
if (($t & $v) == $v)
{
$e[] = $n;
$t ^= $v;
}
}
$er = $er . ' (' . implode(' | ', $e) . ')';

echo 'PHP Version: ' . $ve . $eol;
echo 'PHP OS: ' . $os . $eol;
echo 'Error Reporting: ' . $er . $eol;
echo 'Register Globals: ' . $rg . $eol;
echo 'Display Errors: ' . $de . $eol;

?>
khuti
Forum Newbie
Posts: 13
Joined: Mon Mar 06, 2006 12:29 am

Post by khuti »

hi,sorry bout not showing the code properly..

anyway on the server im using now it showed..

PHP Version: 4.4.1
PHP OS: Linux
Error Reporting: 2039 (E_USER_NOTICE | E_USER_WARNING | E_USER_ERROR | E_COMPILE_WARNING | E_COMPILE_ERROR | E_CORE_WARNING | E_CORE_ERROR | E_PARSE | E_WARNING | E_ERROR)
Register Globals: Off
Display Errors: On

so is the prob because globals is off?

if so what should i do? im not really sure what its meaning.

also i cant do it on the other server at the moment seems to be down :?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

you'll need to rewrite your code such that all data you think is input from url or submissions is done through the superglobals $_GET, $_POST, etc.

In this particular case,

Code: Select all

if($submit)
should at minimum change to

Code: Select all

if($_POST['submit'])
however, looking for the submission button is not the best idea. Instead look for $_SERVER['REQUEST_METHOD'] being "POST" or for a form element (or elements) that should always be apart of the submission.

Additionally, you have a security hole in your code involving SQL injection with $username and $password. Read through the security forum for more detail.
khuti
Forum Newbie
Posts: 13
Joined: Mon Mar 06, 2006 12:29 am

Post by khuti »

ok thanks alot for the help, and added tips :) ill get me reading goggles on!!

o also will i need to change

Code: Select all

$_REQUEST['stuff'];
into

Code: Select all

$_POST['stuff'];
???
Post Reply