Session Help

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
bebensiganteng
Forum Newbie
Posts: 23
Joined: Wed Jan 03, 2007 6:03 am
Location: UAE

Session Help

Post by bebensiganteng »

feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


Hi Guys, please help me with session 

this the Login page code

Code: Select all

function handleSession($sName,$sEmail,$sPass){
	$getConfig = md5($sName.$sEmail.$sPass);
	$getDate = date("F j, Y, g:i a");
	session_register('getConfig');
	print("<p id='welcome'>Access granted to ".$sName." <a href='app.php'>click</a><br>(".$getDate.")");
};

if($_SERVER['REQUEST_METHOD'] == 'POST'){
	if(empty($name) || empty($email) || empty($pass)) {
		print("<p id='notification'>Please fill all fields</p>");
			
	} else if(ereg("^.+@.+\\..+$",$email)) {
		$loginAccount = md5($name.$email.$pass);
		if($loginAccount == $config){
			handleSession($name,$email,$pass);		
		} else {
			print("<p id='notification'>Invalid Login Account</p>");
		}
	} else {
		print("<p id='notification'>Your email is invalid</p>");
	}
}
This is the linked page ( app.php)

Code: Select all

if($getConfig == $config){
	apps();
} else {
	print("<p id='notification'>You need to <a href='index.php'>login</a> to view this page</a></p>");
}
On the linked page I want the 'if' statement detect my session variable, but it doesn't worked

Please help me guys
Thanks


feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
blackbeard
Forum Contributor
Posts: 123
Joined: Thu Aug 03, 2006 6:20 pm

Post by blackbeard »

On the linked page, do you have session_start(); ?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Looks like your code assumes register_globals is on and you're apparently using a pretty old version of PHP. Is this true?
bebensiganteng
Forum Newbie
Posts: 23
Joined: Wed Jan 03, 2007 6:03 am
Location: UAE

Post by bebensiganteng »

On the linked page, do you have session_start(); ?
Yes I have.. at the beginning of the page
Looks like your code assumes register_globals is on and you're apparently using a pretty old version of PHP. Is this true?
yes I think I have . could you please explain a little bit more detailed

PS: Sorry I'm still new at php
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Run the following in a new file and tell us the results please.

Code: Select all

<?php

$neg = array('off', 0, false, '', null);
$flags = array(
	'Register Globals' => 'register_globals',
	'Short Tags' => 'short_open_tag',
	'Display Errors' => 'display_errors',
	'Magic Quotes GPC' => 'magic_quotes_gpc',
	'Magic Quotes Runtime' => 'magic_quotes_runtime',
	'Magic Quotes Sybase' => 'magic_quotes_sybase',
);
$ve = phpversion();
$os = PHP_OS;
$er = intval(error_reporting());
foreach ($flags as $n => $v)
{
	$flags[$n] = (in_array(strtolower(ini_get($v)), $neg) ? 'Off' : 'On');
}
$flags['Config file'] = get_cfg_var('cfg_file_path');
if (empty($flags['Config file']))
{
	$flags['Config file'] = '-';
}
$cli = (php_sapi_name() == 'cli');
$eol = "\n";

$gle = get_loaded_extensions();
$rows = array();
$le = '';
$wide = 4;
$j = count($gle);
$pad = $wide - $j % $wide;
$len = max(array_map('strlen', $gle));
$func = create_function('$a', 'return str_pad($a, ' . intval($len) . ');');
$gle = array_map($func, $gle);
for($i = 0; $i < $j; $i += $wide)
{
	$le .= '   ' . implode('   ', array_slice($gle, $i, $wide)) . $eol;
}

$ec = array(
	'E_STRICT' => 2048, 'E_ALL' => 2047, 'E_USER_NOTICE' => 1024,
	'E_USER_WARNING' => 512, 'E_USER_ERROR' => 256, 'E_COMPILE_WARNING' => 128,
	'E_COMPILE_ERROR' => 64, 'E_CORE_WARNING' => 32, 'E_CORE_ERROR' => 16,
	'E_NOTICE' => 8, 'E_PARSE' => 4, 'E_WARNING' => 2, 'E_ERROR' => 1,
);

$e = array();
$t = $er;
foreach ($ec as $n => $v)
{
	if (($t & $v) == $v)
	{
		$e[] = $n;
		$t ^= $v;
	}
}
if (ceil(count($ec) / 2) + 1 < count($e))
{
	$e2 = array();
	foreach ($ec as $n => $v)
	{
		if (!in_array($n, $e) and $n != 'E_ALL')
		{
			$e2[] = $n;
		}
	}
	$er = $er . ' ((E_ALL | E_STRICT) ^ ' . implode(' ^ ', $e2) . '))';
}
else
{
	$er = $er . ' (' . implode(' | ', $e) . ')';
}

if (!$cli)
{
	echo '<html><head><title>quick info</title></head><body><pre>', $eol;
}

echo 'PHP Version: ', $ve, $eol;
echo 'PHP OS: ', $os, $eol;
echo 'Error Reporting: ', $er, $eol;
foreach ($flags as $n => $v)
{
	echo $n, ': ', $v, $eol;
}
echo 'Loaded Extensions:', $eol, $le, $eol;

if (!$cli)
{
	echo '</pre></body></html>', $eol;
}

?>
bebensiganteng
Forum Newbie
Posts: 23
Joined: Wed Jan 03, 2007 6:03 am
Location: UAE

Post by bebensiganteng »

Here you go

Code: Select all

PHP Version: 5.1.2
PHP OS: WINNT
Error Reporting: 2039 ((E_ALL | E_STRICT) ^ E_STRICT ^ E_NOTICE))
Register Globals: On
Short Tags: On
Display Errors: Off
Magic Quotes GPC: On
Magic Quotes Runtime: Off
Magic Quotes Sybase: Off
Config file: C:\WINDOWS\php.ini
Loaded Extensions:
   bcmath           calendar         com_dotnet       ctype         
   date             ftp              iconv            odbc          
   pcre             Reflection       session          libxml        
   standard         tokenizer        zlib             SimpleXML     
   dom              SPL              wddx             xml           
   xmlreader        xmlwriter        apache2handler   PDO           
   bz2              curl             dba              dbase         
   fdf              gd               gettext          mbstring      
   mcrypt           mhash            mime_magic       mysql         
   pgsql            sockets          xmlrpc           xsl           
   SQLite           Zend Optimizer
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Turn off register_globals and short_open_tag directives in your php.ini (found at C:\WINDOWS\php.ini). While you're in there, make error_reporting E_ALL. I'm going to guess this is your personal machine's configuration? If so, turn on display_errors too.

Now that we have that out of the way:
  • Don't use session_register(); use the $_SESSION array instead.
  • Rename $name, $email, $pass and any other fields being submitted to $_POST['name'], $_POST['email'], etc.
  • Your email address regex has flaws. Search the forum for "validateEmailFormat" for an RFC complaint function to validate the address.
bebensiganteng
Forum Newbie
Posts: 23
Joined: Wed Jan 03, 2007 6:03 am
Location: UAE

Post by bebensiganteng »

Hi feyd

Thank you very much, you guys are the masters.. I say if i really want to be like you guys where do I have to start?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

bebensiganteng wrote:Thank you very much, you guys are the masters.. I say if i really want to be like you guys where do I have to start?
I've always found that if one attempts to help others (directly or not) one learns a hell of a lot.
Post Reply