In Opera however it redirects you to the login page regardless of whether the information posted is correct.
This is the code for page that checks if the username and password is correct :
<?php
session_start();
if ( ($_POST['userN'] == 'admin') && ($_POST['passW'] == 'mypass') ) {
session_regenerate_id();
$_SESSION['NAME'] = $_POST['userN'];
session_write_close();
header("location: member.php");
exit();
}
else {
header("location: login_form.php");
exit();
}
?>
This is the code for the 'authorise' page :
<?php
session_start();
if ( !isset($_SESSION['NAME']) ) {
header("location: login_form.php");
exit();
}
?>
Finally the code for the member page ( don't know if it is relevant but just in case ) :
<?php
@require('authorise.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title><? echo $_SESSION['NAME']; ?></title>
</head>
<body>
<?php echo "Welcome ". $_SESSION['NAME'].""; ?>
</body>
</html>
I thought that maybe it was the include because i posted this elsewhere and got some information that it might have something to do with the include() and the header information not being sent so i changed the include to include_once(), require() and require_once() but it had the same effect.
Below are what I am assuming is header information. Im using XAMPP and the data below came from the apache/logs/access.log. I purposely logged in with the wrong details to see if it made a difference to the header information.
FireFox
127.0.0.1 - - [05/Apr/2009:13:08:36 +0200] "GET /dotQ/login_form.php HTTP/1.1" 200 512
127.0.0.1 - - [05/Apr/2009:13:34:09 +0200] "POST /dotQ/login_exec.php HTTP/1.1" 302 -
127.0.0.1 - - [05/Apr/2009:13:34:09 +0200] "GET /dotQ/member.php HTTP/1.1" 200 319
FireFox – Incorrect Login Details
127.0.0.1 - - [05/Apr/2009:13:41:18 +0200] "GET /dotQ/login_form.php HTTP/1.1" 200 512
127.0.0.1 - - [05/Apr/2009:13:50:12 +0200] "POST /dotQ/login_exec.php HTTP/1.1" 302 -
127.0.0.1 - - [05/Apr/2009:13:50:12 +0200] "GET /dotQ/login_form.php HTTP/1.1" 200 512
Internet Explorer 7
127.0.0.1 - - [05/Apr/2009:13:35:14 +0200] "GET /dotQ/login_form.php HTTP/1.1" 200 512
127.0.0.1 - - [05/Apr/2009:13:35:22 +0200] "POST /dotQ/login_exec.php HTTP/1.1" 302 -
127.0.0.1 - - [05/Apr/2009:13:35:22 +0200] "GET /dotQ/member.php HTTP/1.1" 200 319
Internet Explorer 7 – Incorrect Login Details
127.0.0.1 - - [05/Apr/2009:13:38:59 +0200] "GET /dotQ/login_form.php HTTP/1.1" 200 512
127.0.0.1 - - [05/Apr/2009:13:39:04 +0200] "POST /dotQ/login_exec.php HTTP/1.1" 302 -
127.0.0.1 - - [05/Apr/2009:13:39:05 +0200] "GET /dotQ/login_form.php HTTP/1.1" 200 512
Opera 9.62
127.0.0.1 - - [05/Apr/2009:13:36:24 +0200] "POST /dotQ/login_exec.php HTTP/1.1" 302 -
127.0.0.1 - - [05/Apr/2009:13:36:24 +0200] "GET /dotQ/login_form.php HTTP/1.1" 200 512
127.0.0.1 - - [05/Apr/2009:13:36:24 +0200] "GET /dotQ/member.php HTTP/1.1" 302 –
Opera 9.62 – Incorrect Login Details
127.0.0.1 - - [05/Apr/2009:13:51:34 +0200] "GET /dotQ/login_form.php HTTP/1.1" 200 512
127.0.0.1 - - [05/Apr/2009:13:51:34 +0200] "GET /favicon.ico HTTP/1.1" 200 30894
127.0.0.1 - - [05/Apr/2009:13:51:38 +0200] "POST /dotQ/login_exec.php HTTP/1.1" 302 -
127.0.0.1 - - [05/Apr/2009:13:51:38 +0200] "GET /dotQ/login_form.php HTTP/1.1" 200 512
PS. I have also tried by checking a username && password against a record in a MySQL database and it did the same thing