PHP Admin Login Issue

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Addulous
Forum Newbie
Posts: 2
Joined: Thu Apr 19, 2007 11:33 am

PHP Admin Login Issue

Post by Addulous »

Hello all,

I have hit a wall :( . Now let me start off by saying i DO NOT know php. I have the ability to understand patterns and manipulate but i just haven't had the experience yet to really know what i'm doing. I have a program i found and have manipulated that is basically a 'help desk' ticketing application, that will allow me to better manage things at work in my department. I currently have this hosted through a computer with XP using the Apache Web Suite Developer.

The Problem:
When i go to the 'admin login' and try to login, it doesn't work. I get a thing saying "Your session has expired, please login using the form below." (that is just from the language file). Because i really don't know what to do, i've included the part i THINK of the code that would be dedicated to this. If there is more that i can provide, or question i can answer to be able to make this better understood please don't hesitate, i've been trying so hard to get this to work.
define('IN_SCRIPT',1);

/* Get all the required files and functions */
require_once('hesk_settings.inc.php');
require_once('language/'.$hesk_settings['language'].'.inc.php');
require_once('inc/common.inc.php');
hesk_session_start();
require_once('inc/database.inc.php');
hesk_dbConnect() or hesk_error("$hesklang[cant_connect_db] $hesklang[contact_webmsater] $hesk_settings[webmaster_mail]!");

/* What should we do? */
$action=hesk_input($_REQUEST['a']) or $action='login';
if ($action == 'login') {print_login();}
elseif ($action == 'do_login') {do_login();}
elseif ($action == 'logout') {logout();}
else {hesk_error($hesklang['invalid_action']);}

/* Print footer */
require_once('inc/footer.inc.php');
exit();

/*** START FUNCTIONS ***/

function do_login() {
global $hesklang;
$user=hesk_isNumber($_POST['user'],$hesklang['select_username']);
$pass=hesk_input($_POST['pass'],$hesklang['enter_pass']);

$sql = "SELECT * FROM `hesk_users` WHERE `id`=$user LIMIT 1";
$result = hesk_dbQuery($sql) or hesk_error("$hesklang[cant_sql]: $sql</p><p>$hesklang[mysql_said]:<br>".mysql_error()."</p><p>$hesklang[contact_webmsater] $hesk_settings[webmaster_mail]");
$_SESSION=hesk_dbFetchAssoc($result);

/* Check password */
if ($pass != $_SESSION['pass']) {
hesk_session_stop();
hesk_error($hesklang['wrong_pass']);
}

session_regenerate_id();

/* Get allowed categories */
if (empty($_SESSION['isadmin'])) {
$cat=substr($_SESSION['categories'], 0, -1);
$_SESSION['categories']=explode(",",$cat);
}

if ($url=hesk_input($_REQUEST['goto'])) {
Header("Location: $url");
} else {
Header("Location: admin_main.php");
}
exit();
} // End do_login()


function print_login() {
require_once('inc/header.inc.php');
global $hesk_settings, $hesklang;
?>
<p class="smaller"><a href="<?php echo $hesk_settings['site_url']; ?>"
class="smaller"><?php echo $hesk_settings['site_title']; ?></a> >
<?php echo $hesklang['admin_login']; ?><br>&nbsp;</p>
</td>
</tr>
<tr>
<td>

<p>&nbsp;</p>

<h3 align="center"><?php echo $hesklang['login']; ?></h3>

<?php
if ($_REQUEST['notice']) {
echo "<p align=\"center\" class=\"important\">$hesklang[session_expired]</p>";
}
?>


<form action="admin.php" method="POST">

<div align="center">
<center>
<table border="0" cellspacing="1" cellpadding="5">
<tr>
<td align="right"><?php echo $hesklang['user']; ?>: </td>
<td><select name="user">
<?php
$sql = "SELECT * FROM `hesk_users`";
$result = hesk_dbQuery($sql) or hesk_error("$hesklang[cant_sql]: $sql</p><p>$hesklang[mysql_said]:<br>".mysql_error()."</p><p>$hesklang[contact_webmsater] $hesk_settings[webmaster_mail]");
while ($row=hesk_dbFetchAssoc($result))
{
echo "
<option value=\"$row[id]\">$row[user]</option>
";
}

?>
</select></td>
</tr>
<tr>
<td align="right"><?php echo $hesklang['pass']; ?>: </td>
<td><input type="password" name="pass"></td>
</tr>
</table>
</center>
</div>

<p align="center"><input type="hidden" name="a" value="do_login">
<?php
if ($url=hesk_input($_REQUEST['goto'])) {
echo "<input type=\"hidden\" name=\"goto\" value=\"$url\">";
}
?>
<input type="submit" value="<?php echo $hesklang['login']; ?>" class="button"></p>

</form>
<?php
} // End print_login()

function logout() {
require_once('inc/header.inc.php');
global $hesk_settings, $hesklang;
hesk_session_stop();
?>
<p class="smaller"><a href="<?php echo $hesk_settings['site_url']; ?>"
class="smaller"><?php echo $hesk_settings['site_title']; ?></a> >
<?php echo $hesklang['logged_out']; ?><br>&nbsp;</p>
</td>
</tr>
<tr>
<td>

<p>&nbsp;</p>
<h3 align="center"><?php echo $hesklang['logout']; ?></h3>
<p>&nbsp;</p>

<p align="center"><?php echo $hesklang['logout_success']; ?></p>
<p>&nbsp;</p>
<p align="center"><a href="admin.php"><?php echo $hesklang['click_login']; ?></a></p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<?php
require_once('inc/footer.inc.php');
exit();
} // End logout()

?>
User avatar
arturm
Forum Commoner
Posts: 86
Joined: Fri Apr 13, 2007 8:29 am
Location: NY
Contact:

Post by arturm »

It is hard to tell whats wrong but try to look at your php.ini file and check if you have session support on and that your browser support cookies.
Addulous
Forum Newbie
Posts: 2
Joined: Thu Apr 19, 2007 11:33 am

Post by Addulous »

hello arturm. thank you for your response.

i went into my php.ini file. what exactly do i need to look at to see if session support is enabled. there is alot of lines in there about [session]
User avatar
bert4
Forum Newbie
Posts: 18
Joined: Wed Apr 18, 2007 9:44 am
Location: Bali, Indonesia

Post by bert4 »

Look at your phpinfo() output....
Post Reply