Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6

Thread: Session problem

  1. #1
    Regular Coder GO ILLINI's Avatar
    Join Date
    Jun 2005
    Location
    USA
    Posts
    634
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Session problem

    first the code:
    Function code(in main.php)
    PHP Code:
    function authizer() {
       global 
    $directories,$settings;
       if(isset(
    $_SESSION['authid'])) {
          
    //connected correctly
       
    }
       else {
          
    //authid bad
          
    $_SESSION['refpage'] = $_SERVER['REQUEST_URI'];
          
    header("Location: {$settings['protocol']}{$settings['servername']}{$settings['path']}/login.php");
       }

    login.php
    PHP Code:
    <?php
    session_start
    ();
    include(
    './lib/main.php');
    if (isset(
    $_POST['submit'])) {
       
    $uname $_POST['uname'];
       
    $pword $_POST['pword'];
       
    $refpage $_POST['refpage'];
       if(
    $uname=="admin") {
           if(
    $pword==$settings['pword']) {
              
    // logged in
              
    if($refpage=="none") {
                 
    $_SESSION['authid'] = 'yes';
                 
    header("Location: index.php");
              }
              else {
                 
    $_SESSION['authid'] = 'yes';
                 
    header("Location: {$refpage}");
             }
          }
          else {
             
    $badlogin 1;
          }
        }
        else {
           
    $badlogin 1;
        }
    }


    template('header');
    if(isset(
    $_SESSION['refpage'])) {
       
    $refpage $_SESSION['refpage'];
       echo 
    "<h1>Authorization Required for this page.</h1><p>You need to be authorized to view \"".$refpage ."\". Please login below.";
    }
    else {
       echo 
    "<h1>Log in to change server settings</h1>";
       
    $refpage 'none';
    }
    if(isset(
    $badlogin)) {
       echo 
    "<h2 style=\"text-align:center;\">Login incorrect</h2>";
    }
    ?>
    <form action="login.php" method="POST">
    <table style="text-align:center;width:400px;">
    <tr><td style="text-align:right;"><label>Username:</label></td><td style="text-align:left;"><input type="text" name="uname" id="uname"></td></tr>
    <tr><td style="text-align:right;"><label>Password:</label></td><td style="text-align:left;"><input type="text" name="pword" id="pword"></td></tr>
    <tr><td  colspan="2"><input type="submit" id="submit" value="Login" name="submit"></td></tr>
    </table>
    <input type="hidden" name="refpage" value="<?=$refpage;?>">
    </form>


    <?php
    session_destroy
    ();
    template('footer');
    ?>
    index.php
    PHP Code:
    <?php
    session_start
    ();
    include(
    './lib/main.php');
    authizer();
    template('header');
    ?>



    <?php
    template
    ('footer');
    ?>
    then the problem:
    When I login (with correct details), It sends be back to the login page with a "Authorization Required for this page." error. I don't understand but i think its something to with the session not registering correctly? im not sure... but i'de like to make a release of my program soon and so would like some help soon.


    thanks,
    -Adam
    Why not thank me?

    http://adamsworld.name

  • #2
    Senior Coder CFMaBiSmAd's Avatar
    Join Date
    Oct 2006
    Location
    Denver, Colorado USA
    Posts
    3,146
    Thanks
    2
    Thanked 333 Times in 325 Posts
    It probably has something to do with the session_destroy() statement near the end of login.php that is unconditionally executed whenever login.php is requested and the fact that there are no exit; statements following each of the header(location:... redirect statements in that file.

    The header(...) is sent to the browser and the browser will make a http request back to the server for the location: ... url, but the code in login.php continues to execute until it reaches an exit/die statement or the end of the file.
    If you are learning PHP, developing PHP code, or debugging PHP code, do yourself a favor and check your web server log for errors and/or turn on full PHP error reporting in php.ini or in a .htaccess file to get PHP to help you.

  • #3
    Regular Coder GO ILLINI's Avatar
    Join Date
    Jun 2005
    Location
    USA
    Posts
    634
    Thanks
    0
    Thanked 7 Times in 7 Posts
    ohh... i thought header(location simulated the exit()... So I should always use an exit after a header(Location command?

    -Adam
    Why not thank me?

    http://adamsworld.name

  • #4
    Senior Coder CFMaBiSmAd's Avatar
    Join Date
    Oct 2006
    Location
    Denver, Colorado USA
    Posts
    3,146
    Thanks
    2
    Thanked 333 Times in 325 Posts
    Direct from you know where -
    PHP Code:
    header("Location: http://www.example.com/"); /* Redirect browser */

    /* Make sure that code below does not get executed when we redirect. */
    exit; 
    If you are learning PHP, developing PHP code, or debugging PHP code, do yourself a favor and check your web server log for errors and/or turn on full PHP error reporting in php.ini or in a .htaccess file to get PHP to help you.

  • #5
    Regular Coder GO ILLINI's Avatar
    Join Date
    Jun 2005
    Location
    USA
    Posts
    634
    Thanks
    0
    Thanked 7 Times in 7 Posts
    ohh yes i know where... Ive never done it like that before... always had the "header" command alone. Works great now.

    Thanks
    -Adam
    Why not thank me?

    http://adamsworld.name

  • #6
    New to the CF scene
    Join Date
    Aug 2007
    Location
    Kolkata,India
    Posts
    9
    Thanks
    0
    Thanked 0 Times in 0 Posts
    PHP Code:
    $_SESSION['authid'] = 'yes';
    header("Location: {$refpage}");
    exit; 


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •