Page 1 of 1

PHP dislike IIS?

Posted: Thu Jun 15, 2006 11:05 pm
by peperoni
Hi u all,

I'm writin i little application in PHP with SQL Server as Database Manager and IIS as Web Server.

http://georiesgos-ca.amnet.com.ni/servi ... /login.php

The problem is that when i was codin i try it in my PC with SQL Server and Apache but when its on position on the server it doesn't work... Please try admin admin and look how it reload the page... i think isnt the Database because if you enter a wrong user e.g aaa aaaa it shows the error page...

Thanks

See u!

Posted: Thu Jun 15, 2006 11:24 pm
by bdlang
I'd suggest posting the code to the login handling script to the PHP code forum. It's impossible to tell at this point what the issue might be.

Posted: Thu Jun 15, 2006 11:44 pm
by peperoni
feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


Conection!

Code: Select all

function Conectar(){
		if (!($con = mssql_connect("georiesgos-ca","productos","productos"))){
			echo "Error conectando el motor base de datos.";
			exit();
		}
			
		if (!(mssql_select_db("Productos",$con))){
			echo "Error seleccionando la base de datos.";
			exit();
		}
			
		return $con;
	}
Now authentication

Code: Select all

function UsuarioValido($usuario, $password){
		if($usuario =="" || $password=="") return false;
		
		$sql = sprintf("SELECT count(*) FROM usuarios WHERE login_user = '%s' AND passwd_user = '%s'", $usuario, $password);
		$con = Conectar();
		$resultado = mssql_query($sql,$con);
		$fila = mssql_fetch_array($resultado);
		if ($fila[0]==1){
			return true;
		}
		else{
			return false;
		}
	}
Login.php

Code: Select all

<?php	
		if (isset($_POST["cmdEntrar"]) && isset($_POST["txtUsuario"]) && isset($_POST["txtPass"])){
			if (UsuarioValido($_POST["txtUsuario"], $_POST["txtPass"])){
				$GLOBALS['login']=$_POST["txtUsuario"];
				$GLOBALS['passwd']=$_POST["txtPass"];
				
				//Registrar Varibles de Sesion!
				session_register('login');
				session_register('passwd');
				
				header("Location:index.php");
				exit();
			}
			else {
				header("Location:error.php");
			}
	}
?>
Thanks...


feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

Posted: Fri Jun 16, 2006 12:53 am
by bdlang
In your third script, you have a call to a (deprecated) function session_register(); what version of PHP are you working with? Working with register_globals = On? What does the code that validate the session variables look like, i.e. the code at the top of index.php that checks the user login?

I strongly recommend changing your strategy, if you can possibly update your version of PHP, or at least work without global variables it's a step in the right direction.

Posted: Fri Jun 16, 2006 1:02 am
by RobertGonzalez
Try this for login. Remember to use session_start() at the beginning of every page within the session realm.

Code: Select all

<?php 
session_start();  
if (isset($_POST["cmdEntrar"]) && isset($_POST["txtUsuario"]) && isset($_POST["txtPass"])){
	if (UsuarioValido($_POST["txtUsuario"], $_POST["txtPass"])){
		//Registrar Varibles de Sesion!
		$_SESSION['login'] = $_POST["txtUsuario"];
		$_SESSION['passwd'] = $_POST["txtPass"];

		// Mueve el usario al otra pagina correcto
		// usando un URL completamento
		header("Location: http://www.fullurl.org/index.php");
		exit();
	} else {
		// La informacion del usario no esta valido
		header("Location: http://www.fullurl.org/error.php");
	}
}
?>

Posted: Fri Jun 16, 2006 1:25 pm
by peperoni
Thank you all for helpin... and sorry about the wrong postin code.. :?

what version of PHP are you working with?
PHP Version 5.1.4
Working with register_globals = On?
My php.ini says:

Code: Select all

; - register_globals = Off         [Security, Performance]
What does the code that validate the session variables look like
index.php

Code: Select all

<?php require_once 'funciones.php';
	
	session_start();
	
	//Revisa si hay una session iniciada.
	if(!isset ($_SESSION['login']) || 
	!isset ($_SESSION['passwd']) ||
	!UsuarioValido($_SESSION['login'],$_SESSION['passwd'])){
		header("Location:login.php");
	}
?>
All the session stuff are activated in the php.ini

C u!

Posted: Fri Jun 16, 2006 1:53 pm
by bdlang
Ok, so can we safely assume that the code provided by Everah using $_SESSION superglobal is working for you? Otherwise, if you're still using session_register(), it's not going to function with register_globals= Off.

Posted: Fri Jun 16, 2006 10:24 pm
by peperoni
Thanks everybody for helpin...

I solved the problem, it was all because using :?

Code: Select all

session_register();


Thanks Everah your code was all i needed.

We'll keep in touch...