Authentification and session question
Posted: Fri Feb 07, 2003 2:12 pm
I wrote a authentification script that seems to work pretty good however this script should work for people that don't accept cookies. Can anyone look at this and give me some ideas as to why my sessions don't work when I set my browser (IE 6.0) to Block all Cookies. Everything should work except the ability to remember me after the session is over.
Thanks,
Ducky
Thanks,
Ducky
Code: Select all
<?php
$db = mysql_connect("localhost", "XXXXXXXXXXXXXXXXXXX", "XXXXXXXXXXXXXXXXX");
function querySQL($sql) {
global $result;
global $db;
mysql_select_db("pcn",$db);
$result = mysql_query($sql);
if (!$result) {
echo mysql_error();
exit;
}
}
if (!$sess_member_id || !$sess_guest_id) {
if ($memberLogin) {
$sql = "SELECT * FROM members WHERE member_id = '$memberLogin'";
querySQL($sql);
$myrow = mysql_fetch_array($result);
session_start();
session_register('sess_member_id', 'sess_title', 'sess_first', 'sess_last', 'sess_email', 'sess_suffix');
$sess_member_id = $myrowї"member_id"];
$sess_title = $myrowї"title"];
$sess_first = $myrowї"first"];
$sess_last = $myrowї"last"];
$sess_email = $myrowї"email"];
$sess_suffix = $myrowї"suffix"];
} else if ($guestLogin) {
$sql = "SELECT * FROM guests WHERE guest_id = '$guestLogin'";
querySQL($sql);
$myrow = mysql_fetch_array($result);
session_start();
session_register('sess_member_id', 'sess_title', 'sess_first', 'sess_last', 'sess_email', 'sess_suffix');
$sess_guest_id = $myrowї"guest_id"];
$sess_title = $myrowї"title"];
$sess_first = $myrowї"first"];
$sess_last = $myrowї"last"];
$sess_email = $myrowї"email"];
$sess_suffix = $myrowї"suffix"];
$sess_guest = "true";
} else {
if ($guest == "true") {
session_start();
session_register('sess_guest_id', 'sess_title', 'sess_first', 'sess_last', 'sess_email', 'sess_suffix');
} else {
session_start();
session_register('sess_member_id', 'sess_title', 'sess_first', 'sess_last', 'sess_email', 'sess_suffix', 'sess_guest');
}
}
}
if ($logOut) {
if ($guestLogin) {
setcookie("guestLogin", "");
}
if ($memberLogin) {
setcookie("memberLogin", "");
}
session_unset();
session_destroy();
}
if ($email_signin) {
if ($guest == "true") {
$sql = "SELECT * FROM guests WHERE email = '$email_signin' and BINARY password = '$password_signin'";
querySQL($sql);
$myrow = mysql_fetch_array($result);
$num = mysql_numrows($result);
} else {
$sql = "SELECT * FROM members WHERE email = '$email_signin' and BINARY password = '$password_signin'";
querySQL($sql);
$myrow = mysql_fetch_array($result);
$num = mysql_numrows($result);
}
if ($num != "0") {
if ($guest == "true") {
session_start();
session_register('sess_guest_id', 'sess_title', 'sess_first', 'sess_last', 'sess_email', 'sess_suffix', 'sess_guest');
$sess_guest_id = $myrowї"guest_id"];
$sess_title = $myrowї"title"];
$sess_first = $myrowї"first"];
$sess_last = $myrowї"last"];
$sess_email = $myrowї"email"];
$sess_suffix = $myrowї"suffix"];
$sess_guest = "true";
if ($remberMe == "1") {
setcookie("guestLogin", "$myrowїguest_id]", time()+31536000);
}
} else {
session_start();
session_register('sess_member_id', 'sess_title', 'sess_first', 'sess_last', 'sess_email', 'sess_suffix');
$sess_member_id = $myrowї"member_id"];
$sess_title = $myrowї"title"];
$sess_first = $myrowї"first"];
$sess_last = $myrowї"last"];
$sess_email = $myrowї"email"];
$sess_suffix = $myrowї"suffix"];
if ($remberMe == "1") {
setcookie("memberLogin", "$myrowїmember_id]", time()+31536000);
}
}
} else {
if ($guest == "true") {
$errorMsg = "<font color=red><b>Your user name or password was incorrect. Have you <a href=guest_registration.php>registered</a> yet or did you <a href=guest_password_request.php>forget your password</a>?</b></font><Br><br>\n";
} else {
$errorMsg = "<font color=red><b>Your user name or password was incorrect. Have you <a href=signUp.php>registered</a> yet or did you <a href=passwordRequest.php>forget your password</a>?</b></font><Br><br>\n";
}
$errorMsg = urlencode($errorMsg);
}
}
?>