The goal for this module is to have login forms on different subdomains all use the same authentication module. If the authentication succeeds, the user will be directed to an appropriate protected section, otherwise they will be sent back to the login page they came from.
Problem 1:
header("Location: ".$_SERVER['REMOTE_ADDR']); results in a 404 error.
Is there a better way to redirect someone to the page they came from?
Problem 2:
After a successful login attempt has been made I generate a new session id for the person and store some information in the session variables, then use a switch statement to redirect the user to the correct page. At the next page for right now all I try to do is print out the information stored in the session array, but there does not seem to be anything there.
how can I propagate the session information using header('Location: admin/index.php'); for example?
Thanks.
Here's the code:
Code: Select all
<?php
require_once('details.php');
require_once("../phpclass/securesession.class.php");
$clean_user = '';
$clean_pass = '';
session_start();
mysql_connect( "localhost", USER, PASS) or die("Cannot connect to MySQL Server");
mysql_select_db(DBNAME) or die("Cannot select database ".mysql_error());
$clean_user = mysql_real_escape_string($_POST['userid']);
$clean_pass = mysql_real_escape_string($_POST['pass']);
$user_query = '';
$user_query = "Select UserNum, UserID, Email, First, Last, Type, Location From user_auth ".
"where UserID = '$clean_user' And Password = password('$pass')";
$user_result = '';
$user_result = mysql_query($user_query);
if (!$user_result){
die("<br><b> $PHP_SELF </b>: ".mysql_error());}
else if (!mysql_num_rows($user_result)>0) {
$_POST['login_failed'] = true;
header("Location: ".$_SERVER['REMOTE_ADDR']);
}
else{
$ss = new SecureSession();
$ss->check_browser = true;
$ss->check_ip_blocks = 2;
$ss->secure_word = 'SALT_';
$ss->regenerate_id = true;
$ss->Open();
$_SESSION['logged_in'] = true;
list($unum, $uid, $email, $first, $last, $type, $loc) = $user_result;
$_SESSION['unum'] = $unum;
$_SESSION['uid'] = $uid;
$_SESSION['email'] = $email;
$_SESSION['first'] = $first;
$_SESSION['last'] = $last;
$_SESSION['type'] = $type;
$_SESSION['loc'] = $loc;
switch($type){
case 'GROWER':
case 'grower':
case 'Grower': header('Location: grower/index.php');
break;
case 'EDITOR':
case 'editor':
case 'Editor': header('Location: edit/index.php');
break;
default: header('Location: auth/index.php');
break;
}
}
?>Code: Select all
<h1> Welcome <?php echo($_SESSION['first'].' '.$_SESSION['last']); ?> </h1>