PHP on OES and my login page LOOPS !!!!
Posted: Tue Aug 09, 2005 2:41 am
Hello all...
OK I'm a newbie, and I am currently developing a system for my client using PHP code, MY SQL database and OES server.
Initially, all looks well as I work from my office which is in Windows environment. But it feels like hell when I tried to integrate my system into OES/SuSe Linux platform - I encountered missing data/fields etc etc. But after some tuning here and there the system seems to work. But little did I know about the Second wind when I include login page coding into my system
Here's the idea. As a security measure, I had wrote a simple code whereby anyone who tried to bypass my system (by inserting the direct address on URL browser) will be challenged by my infamous login page. Upon correct verification only will the user have access to the system.
From my office, all looks fine since it is a Windows environment, so it seems like my system is running smoothly as I intended. Meaning that any bypass attempt will prompt the login page, and only authorised users have access to the system.
Here's what my coding looks like :-
<?
$db="upentrg";
$table="login";
if($email == '' || $password == '')
{
header('Location:login.php?refer='.urlencode($psRefer));
}
else
{
$con=mysql_connect("localhost","root","");
mysql_select_db($db,$con);
$q="select id, MD5(UNIX_TIMESTAMP() + id + RAND(UNIX_TIMESTAMP())) GUID from $table where email='$email' AND password='$password'";
$rslt=mysql_query($q,$con);
if(mysql_num_rows($rslt))
{
$prslt=mysql_fetch_row($rslt);
$q="update $table set GUID='$prslt[1]'
WHERE id = $prslt[0]";
mysql_query($q,$con);
setcookie("session_id",$prslt[1]);
if(!$psRefer)
$psRefer='index.php';
header('Location:'.$psRefer);
}
else
{
header('Location:login.php?refer='.urlencode($psRefer));
}
}
?>
Could somebody please *enlighten* me on why am I feeling like I'm repeatedly pounding my head on a brick wall? As usual, when I integrate this new version on OES server I found new problems. This time it looks like upon userid and password prompt, the login page seems to stuck in a LOOP and it doesn't go to my index.php file ? What gives ???
Thanks to help. Pweeessssssseeee....
OK I'm a newbie, and I am currently developing a system for my client using PHP code, MY SQL database and OES server.
Initially, all looks well as I work from my office which is in Windows environment. But it feels like hell when I tried to integrate my system into OES/SuSe Linux platform - I encountered missing data/fields etc etc. But after some tuning here and there the system seems to work. But little did I know about the Second wind when I include login page coding into my system
Here's the idea. As a security measure, I had wrote a simple code whereby anyone who tried to bypass my system (by inserting the direct address on URL browser) will be challenged by my infamous login page. Upon correct verification only will the user have access to the system.
From my office, all looks fine since it is a Windows environment, so it seems like my system is running smoothly as I intended. Meaning that any bypass attempt will prompt the login page, and only authorised users have access to the system.
Here's what my coding looks like :-
<?
$db="upentrg";
$table="login";
if($email == '' || $password == '')
{
header('Location:login.php?refer='.urlencode($psRefer));
}
else
{
$con=mysql_connect("localhost","root","");
mysql_select_db($db,$con);
$q="select id, MD5(UNIX_TIMESTAMP() + id + RAND(UNIX_TIMESTAMP())) GUID from $table where email='$email' AND password='$password'";
$rslt=mysql_query($q,$con);
if(mysql_num_rows($rslt))
{
$prslt=mysql_fetch_row($rslt);
$q="update $table set GUID='$prslt[1]'
WHERE id = $prslt[0]";
mysql_query($q,$con);
setcookie("session_id",$prslt[1]);
if(!$psRefer)
$psRefer='index.php';
header('Location:'.$psRefer);
}
else
{
header('Location:login.php?refer='.urlencode($psRefer));
}
}
?>
Could somebody please *enlighten* me on why am I feeling like I'm repeatedly pounding my head on a brick wall? As usual, when I integrate this new version on OES server I found new problems. This time it looks like upon userid and password prompt, the login page seems to stuck in a LOOP and it doesn't go to my index.php file ? What gives ???
Thanks to help. Pweeessssssseeee....