Thanks for the help, I changed to using the $_SESSIONS super global but it still doesn't work.
Code: Select all
<?php
// Start Session
session_start();
// *** Constants & Variables ***
// -----------------------------
// URLs
define("FILE_NAME", 'users.xml');
define("REMOTE_URL", 'some url' . FILE_NAME);
define("LOCAL_URL", some url' . FILE_NAME);
// Formatting
define("N_LINE", "\n");
// CMS Specific
define("PATH_NAME", 'roman');
define("FULL_NAME", 'Roman Krall');
define("WWW_NAME", 'www.romankrall.de');
define("CMS_NAME", 'CMS');
define("DISPLAY_NAME", FULL_NAME . " - " . CMS_NAME);
define("RESULT1", "username_error");
define("RESULT2", "password_error");
define("RESULT3", "username_password_error");
define("RESULT4", "username_and_password_do_not_match_error");
define("RESULT5", "login_successful");
$self = $_SERVER['PHP_SELF'];
$action = undefined;
$_SESSION['useNam'] = undefined;
$_SESSION['pasWor'] = undefined;
// XML
$userCount = 0;
$userData = array();
$currentTag = '';
$xmlElementValues = '';
$unFound = -1;
$pwFound = -1;
$action = RESULT0;
$xmlParser = NULL;
$userFile = NULL;
// *** Arrays
$xmlElements = array();
$xmlElements[0] = 'username';
$xmlElements[1] = 'password';
// User Name and Password
if (empty($_POST['username']))
{
$_SESSION['useNam'] = "no_un";
}
else
{
$_SESSION['useNam'] = $_POST['username'];
}
if (empty($_POST['password']))
{
$_SESSION['pasWor'] = "no_pw";
}
else
{
$_SESSION['pasWor'] = $_POST['password'];
}
// *** Pre-Function Code ***
// -------------------------
// Check if un and pw have already been submitted
if ($_SESSION['useNam'] != "no_un" && $_SESSION['pasWor'] != "no_pw")
{
$action = "check_user";
}
else
{
$action = undefined;
}
// *** Functions ***
// -----------------
// HTML
function htmlStart()
{
echo "<html>" . N_LINE;
}
function headStartEnd($title)
{
echo " <head>" . N_LINE;
echo " <title>$title</title>" . N_LINE;
echo " " . N_LINE;
echo " <meta http-equiv='content-type' content='text/html; charset=utf-8'>" . N_LINE;
echo " <meta http-equiv='imagetoolbar' content='false'>" . N_LINE;
echo " <meta name='MSSmartTagsPreventParsing' content='true'>" . N_LINE;
echo " " . N_LINE;
echo " <link href='../css/cms_" . PATH_NAME . ".css' rel='stylesheet' type='text/css'>" . N_LINE;
echo " " . N_LINE;
echo " <script language='javascript' src='../javascript/cms_" . PATH_NAME . "_login.js'></script>" . N_LINE;
echo " </head>" . N_LINE;
echo " " . N_LINE;
}
function bodyStart($jsReq)
{
if ($jsReq == undefined)
{
echo " <body onload=\"setVars()\">" . N_LINE;
}
else
{
echo " <body>" . N_LINE;
}
}
function bodyTitle()
{
echo " <h1>" . DISPLAY_NAME . " Login</h1>" . N_LINE;
}
function bodyError($errMsg)
{
echo " <p class='centre'><span class='textProblem'>$errMsg</span></p>" . N_LINE;
}
function loginForm($actionValue, $webUrl)
{
echo " <form name='loginForm' method='post' action='" . $actionValue . '' . "' onsubmit='return login()' onreset='clearLogin()'>" . N_LINE;
echo <<< formEnds
<table class="noBorder" border="0" align="center" cellpadding="4" cellspacing="2">
<tbody>
<tr align="left" valign="top" class="rowColourLogin">
<td align="center" valign="middle">
<br><a href="http://${webUrl}/"><img alt="$webUrl" title="$webUrl" border="0" class="border" src="../images/brand.png" width="110" height="110"></a>
<br><br><br></td>
</tr>
<tr align="left" valign="top">
<td align="center">
<table border="0" align="center" cellpadding="4" cellspacing="0" class="noBorder">
<tbody>
<tr align="center" valign="top">
<td><span class="label"><span class="textNormal" id="usernameNoProblem">Benutzername:</span><span class="textHidden" id="usernameProblem">Benutzername erforderlich:</span></span><br>
<input value="test" maxlength="20" class="styled" name="username" type="text" id="username" size="20" onblur="resetClassName(this)"></td></tr>
<tr align="center" valign="top">
<td><span class="label"><span class="textNormal" id="passwordNoProblem">Kennwort:</span><span class="textHidden" id="passwordProblem">Kennwort erforderlich:</span></span><br>
<input value="test" maxlength="20" class="styled" name="password" type="password" id="password" size="20" onblur="resetClassName(this)"></td></tr>
</tbody>
</table>
<p>
<input name="submit" value="Einloggen" type="submit" id="submitButton">
<input name="reset" value="Zurücksetzen" type="reset" id="clearButton">
</p>
</td>
</tr>
</tbody>
</table>
</form>
formEnds;
}
function loginPicture($webUrl)
{
echo <<< tableEnds
<table class="noBorder" border="0" align="center" cellpadding="4" cellspacing="2">
<tbody>
<tr align="left" valign="top" class="rowColourLogin">
<td align="center" valign="middle">
<br><a href="http://${webUrl}/"><img alt="$webUrl" title="$webUrl" border="0" class="border" src="../images/brand.png" width="110" height="110"></a>
<br><br><br></td>
</tr>
</tbody>
</table>
tableEnds;
}
function bodyEnd()
{
echo N_LINE . " <br><br><br><br>" . N_LINE . " <p class='credit'>CMS System wurde gestaltet von <a href='http://www.bungert.co.uk/'>bungert.co.uk</a></p>" . N_LINE;
echo " </body>" . N_LINE;
}
function htmlEnd()
{
echo '</html>';
}
// Look for a matching $_SESSION['useNam'] and $_SESSION['pasWor'] in the users file
function checkForValidCredentials($userCount, $userData, $unFound, $pwFound, $action, $xmlElements)
{
for ($index = 0; $index < $userCount; $index ++)
{
if ($userData[$index][$xmlElements[0]] == $_SESSION['useNam'])
{
$unFound = $index;
break;
}
else
{
// Keep looking...
}
}
for ($index = 0; $index < $userCount; $index ++)
{
if ($userData[$index][$xmlElements[1]] == $_SESSION['pasWor'])
{
$pwFound = $index;
break;
}
else
{
// Keep looking...
}
}
if ($unFound < 0 && $pwFound >= 0 && $_SESSION['useNam'] != 'no_un' && $_SESSION['pasWor'] != 'no_pw') // $_SESSION['useNam'] error
{
$action = RESULT1;
}
else if ($pwFound < 0 && $unFound >= 0 && $_SESSION['useNam'] != 'no_un' && $_SESSION['pasWor'] != 'no_pw') // $_SESSION['pasWor'] error
{
$action = RESULT2;
}
else if ($unFound < 0 && $pwFound < 0 && $_SESSION['useNam'] != 'no_un' && $_SESSION['pasWor'] != 'no_pw') // $_SESSION['useNam'] and $_SESSION['pasWor'] error
{
$action = RESULT3;
}
else if ($unFound == $pwFound && $_SESSION['useNam'] != 'no_un' && $_SESSION['pasWor'] != 'no_pw') // Login ok
{
$action = RESULT5;
}
else if ($unFound != $pwFound && $_SESSION['useNam'] != 'no_un' && $_SESSION['pasWor'] != 'no_pw') // $_SESSION['useNam'] and $_SESSION['pasWor'] are found but don't match
{
$action = RESULT4;
}
else // Bypassed login page
{
$action = undefined;
}
return $action;
}
// *** XML Parsing
// *** Callback functions
function startElementHandler($parser, $elementName)
{
global $currentTag;
$currentTag = $elementName;
}
function endElementHandler($parser, $elementName)
{
global $currentTag;
global $userCount;
$currentTag = '';
if ($elementName == "USER")
{
$userCount++;
}
}
function userDataHandler($parser, $data)
{
global $userCount;
global $userData;
global $currentTag;
global $xmlElements;
// Return if $currentTag is empty
if ($currentTag == '')
{
return;
}
// Otherwise put data in the array for later use
if ($currentTag == "USERNAME")
{
$userData[$userCount][$xmlElements[0]] = $data;
}
if ($currentTag == "PASSWORD")
{
$userData[$userCount][$xmlElements[1]] = $data;
}
}
// Create XML parser
function openParser()
{
global $xmlParser;
$xmlParser = xml_parser_create();
if (!$xmlParser)
{
die ("Error: Couldn't create XML Parser.");
}
}
// Open the user file
function openXmlFile()
{
global $userFile;
$userFile = fopen(LOCAL_URL, FILEMODE);
if (!$userFile)
{
die ("Error: Couldn't open the Users file - '" . FILE_NAME . "'doesn't exist in:" . LOCAL_URL);
}
}
// Read the Termine file
function parseXmlFile()
{
global $xmlParser;
global $userFile;
xml_set_element_handler($xmlParser, "startElementHandler", "endElementHandler");
xml_set_character_data_handler($xmlParser, "userDataHandler");
while ($data = fread($userFile, 4096))
{
if (!xml_parse($xmlParser, $data, feof($userFile)))
{
break; // Get out of while loop when finished with the file
}
}
}
// Free the parser
function closeParser()
{
global $xmlParser;
xml_parser_free($xmlParser);
}
// Close the opened file
function closeXmlFile()
{
global $userFile;
fclose($userFile);
}
// *** Post-Function Code ***
// --------------------------
// Open and parse the Users file
openXmlFile();
openParser();
parseXmlFile();
closeParser();
closeXmlFile();
htmlStart();
headStartEnd(DISPLAY_NAME . " Login");
bodyStart($action);
bodyTitle();
if ($action == "check_user")
{
$action = checkForValidCredentials($userCount, $userData, $unFound, $pwFound, $action, $xmlElements);
}
if ($action == RESULT1) // Username Error, Password was OK
{
loginForm($self, WWW_NAME);
bodyError("The Username you submitted was incorrect. Please try again.");
}
else if ($action == RESULT2) // Password Error, Username was OK
{
loginForm($self, WWW_NAME);
bodyError("The Password you submitted was incorrect. Please try again.");
}
else if ($action == RESULT3) // Username & Password Error, both were wrong
{
loginForm($self, WWW_NAME);
bodyError("The Username and Password you submitted were incorrect. Please try again.");
}
else if ($action == RESULT4) // Username and Password do not match Error
{
// Same message as above. The username and password exist but they don't match,
// they are from different users. This could be explained in a seperate message
loginForm($self, WWW_NAME);
bodyError("The Username and Password you submitted were incorrect. Please try again.");
}
else if ($action == RESULT5) // Logged in OK
{
loginPicture(WWW_NAME);
echo "<p class='centre'>You have logged in successfully as <b>" . $_SESSION['useNam'] . ".</b><br><a href=\"http://localhost/roman/updater/php/termine.php\">Please wait...</a></p>";
echo "<script language=\"javascript\" type=\"text/javascript\">";
echo " var timer = setTimeout('redirectURL(\"http://localhost/roman/updater/php/termine.php\")',3000);";
echo "</script>";
}
else
{
loginForm($self, WWW_NAME);
}
bodyEnd();
htmlEnd();
?>
Above is my main page, and below is the test second page:
Code: Select all
<?php
session_start();
echo "Username is: " . $_SESSION['useNam'] . "<br>";
?>
The echo above doesn't show anything.
I must be doing something wrong but I don't know what.