Page 1 of 1
PHP dislike IIS?
Posted: Thu Jun 15, 2006 11:05 pm
by peperoni
Hi u all,
I'm writin i little application in PHP with SQL Server as Database Manager and IIS as Web Server.
http://georiesgos-ca.amnet.com.ni/servi ... /login.php
The problem is that when i was codin i try it in my PC with SQL Server and Apache but when its on position on the server it doesn't work... Please try admin admin and look how it reload the page... i think isnt the Database because if you enter a wrong user e.g aaa aaaa it shows the error page...
Thanks
See u!
Posted: Thu Jun 15, 2006 11:24 pm
by bdlang
I'd suggest posting the code to the login handling script to the PHP code forum. It's impossible to tell at this point what the issue might be.
Posted: Thu Jun 15, 2006 11:44 pm
by peperoni
feyd | Please use Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
Conection!
Code: Select all
function Conectar(){
if (!($con = mssql_connect("georiesgos-ca","productos","productos"))){
echo "Error conectando el motor base de datos.";
exit();
}
if (!(mssql_select_db("Productos",$con))){
echo "Error seleccionando la base de datos.";
exit();
}
return $con;
}
Now authentication
Code: Select all
function UsuarioValido($usuario, $password){
if($usuario =="" || $password=="") return false;
$sql = sprintf("SELECT count(*) FROM usuarios WHERE login_user = '%s' AND passwd_user = '%s'", $usuario, $password);
$con = Conectar();
$resultado = mssql_query($sql,$con);
$fila = mssql_fetch_array($resultado);
if ($fila[0]==1){
return true;
}
else{
return false;
}
}
Login.php
Code: Select all
<?php
if (isset($_POST["cmdEntrar"]) && isset($_POST["txtUsuario"]) && isset($_POST["txtPass"])){
if (UsuarioValido($_POST["txtUsuario"], $_POST["txtPass"])){
$GLOBALS['login']=$_POST["txtUsuario"];
$GLOBALS['passwd']=$_POST["txtPass"];
//Registrar Varibles de Sesion!
session_register('login');
session_register('passwd');
header("Location:index.php");
exit();
}
else {
header("Location:error.php");
}
}
?>
Thanks...
feyd | Please use Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
Posted: Fri Jun 16, 2006 12:53 am
by bdlang
In your third script, you have a call to a (deprecated) function
session_register(); what version of PHP are you working with? Working with register_globals = On? What does the code that validate the session variables look like, i.e. the code at the top of index.php that checks the user login?
I
strongly recommend changing your strategy, if you can possibly update your version of PHP, or at least work without global variables it's a step in the right direction.
Posted: Fri Jun 16, 2006 1:02 am
by RobertGonzalez
Try this for login. Remember to use session_start() at the beginning of every page within the session realm.
Code: Select all
<?php
session_start();
if (isset($_POST["cmdEntrar"]) && isset($_POST["txtUsuario"]) && isset($_POST["txtPass"])){
if (UsuarioValido($_POST["txtUsuario"], $_POST["txtPass"])){
//Registrar Varibles de Sesion!
$_SESSION['login'] = $_POST["txtUsuario"];
$_SESSION['passwd'] = $_POST["txtPass"];
// Mueve el usario al otra pagina correcto
// usando un URL completamento
header("Location: http://www.fullurl.org/index.php");
exit();
} else {
// La informacion del usario no esta valido
header("Location: http://www.fullurl.org/error.php");
}
}
?>
Posted: Fri Jun 16, 2006 1:25 pm
by peperoni
Thank you all for helpin... and sorry about the wrong postin code..
what version of PHP are you working with?
PHP Version 5.1.4
Working with register_globals = On?
My php.ini says:
Code: Select all
; - register_globals = Off [Security, Performance]
What does the code that validate the session variables look like
index.php
Code: Select all
<?php require_once 'funciones.php';
session_start();
//Revisa si hay una session iniciada.
if(!isset ($_SESSION['login']) ||
!isset ($_SESSION['passwd']) ||
!UsuarioValido($_SESSION['login'],$_SESSION['passwd'])){
header("Location:login.php");
}
?>
All the session stuff are activated in the php.ini
C u!
Posted: Fri Jun 16, 2006 1:53 pm
by bdlang
Ok, so can we safely assume that the code provided by Everah using $_SESSION superglobal is working for you? Otherwise, if you're still using session_register(), it's not going to function with register_globals= Off.
Posted: Fri Jun 16, 2006 10:24 pm
by peperoni
Thanks everybody for helpin...
I solved the problem, it was all because using
Thanks Everah your code was all i needed.
We'll keep in touch...