inexplicable problem

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
garry27
Forum Commoner
Posts: 90
Joined: Sat Oct 14, 2006 1:50 pm

inexplicable problem

Post by garry27 »

i've go this function which i add to all my pages which is meant to check if user is logged in and if they're not redirect them to a login page. It works in so far as blocking acess to all users- whether they're logged in or not.

it's also meant to show a link to the logout page but it doesn't - it shows the the text in link format but ther'e no link. i've echoed out the session variables assigned to the user name so you can see that the sesh vars are ok:

Code: Select all

function check_login() 
{  
  //add logout link if user logged in
  if (isset($_SESSION['valid_pa_mbr']) || isset($_SESSION['valid_ba_mbr']) ) {
   echo "<a href='logout.php' id='logout-msg' >Log out</a>";
  }
  
  if ( $_SERVER['PHP_SELF'] == '/~unn_p921847/t1/index.php' ) {
   return;
  } 
  echo 'tgtgttg ' . $_SESSION['valid_pa_mbr'];
  echo 'kukukuk ' . $_SESSION['valid_ba_mbr'];
  

  //redirect to login page if no log in session	
  if (!isset($_SESSION['valid_pa_mbr']) || !isset($_SESSION['valid_ba_mbr']) ) {
    $url = "login.php";   
	header ("Location: $url");  
  }
you can see it in action here (sign in with 'personal' for email 'account' for password):
http://www.nl-webspace.co.uk/~unn_p921847/t2/login.php

now here's the same example with the condition swithched so that if the user is logged in it redirects and if he isn't logged in he can roam around only this way the damn thing works as it should:

Code: Select all

if (!isset($_SESSION['valid_pa_mbr']) || !isset($_SESSION['valid_ba_mbr']) ) {
changed to

Code: Select all

if (isset($_SESSION['valid_pa_mbr']) || isset($_SESSION['valid_ba_mbr']) ) {
http://www.nl-webspace.co.uk/~unn_p921847/t3/login.php


please somone explain before i go mad!
User avatar
superdezign
DevNet Master
Posts: 4135
Joined: Sat Jan 20, 2007 11:06 pm

Post by superdezign »

//redirect to login page if no log in session
if (!isset($_SESSION['valid_pa_mbr']) || !isset($_SESSION['valid_ba_mbr']))

You are using OR (||) instead of AND (&&).

I tried testing it, and it works fine with the && expression. With the ||, it would show me the logged out section as well as the logged in section at once. This is assuming that you only set one of the session variables when someone logs in, possibly to give them certain levels of power...?
garry27
Forum Commoner
Posts: 90
Joined: Sat Oct 14, 2006 1:50 pm

Post by garry27 »

when you log in with the password and username provided, it only registers the pa_mbr session variable. there's 2 types of members which you can log in as, ba_mbr is the other type. using && in this case wouldn't work.

i've just pinpinted the problem. i moved my php functions to the route directory where my web pages are and it seems to work now. it seems that my code doesn't run properly unless their on the same directory level on the server.

surely there must be some way to store files in separate directories without causing chaos?!?
Post Reply