...

View Full Version : problem from upgrading php 4 to php5



hassanab
09-02-2009, 03:58 PM
My website works fine on php4 when I upgrading to php5 there is problem in login the code give me this message
("Invalid way to login please follow the right steps of login.");
I don't no why this happen


<?php
if (!is_null($_SESSION['user']))
{
// user already signed from this machine
$user = $_SESSION['user'];
echo"<strong><font color='red'>Sorry, User $user already signed from this computer.</font>
<br> Please, <a href='logout.php'>Logout</a> and then login.</strong>";
}
else
{
include 'main.php';
$link = bio_connect();
if ($hdnLoginSubmit)
{
$found = false;
// if user is student
$qr = "select * from students where std_id='$txtUsername' and std_password='$txtPassword'";
$res = mysql_query($qr)or die(mysql_error());
$rowsAffected = mysql_num_rows($res);
if ($rowsAffected != 0)
{
while ($row = mysql_fetch_array($res))
{
$username = $row[std_name];
$user_no = $row[std_no];
$user_inistitute = $row[inis_no];
$user_groupNo = $row[group_no];
}
$userType = "s";
$found = true;
}
else
{
// if user is teacher (lectural or tutor)
$qr = "select * from teachers where teach_id='$txtUsername' and teach_pswd='$txtPassword'";
$res = mysql_query($qr)or die(mysql_error());
$rowsAffected = mysql_num_rows($res);
if ($rowsAffected != 0)
{
while ($row = mysql_fetch_array($res))
{
$username = $row[tname];
$user_no = $row[teach_no];
$user_inistitute = $row[inis_no];
$userType = $row[teach_type];
}
$found = true;
}
else
{
//user not found
echo "<strong><font color='red'>Invalid User Name or Password</font><br>
<a href='index.php'>Click Here</a> if you have account, or contact the webmaster if you haven't.</strong>";
}
}
if ($found)
{
$_SESSION['user'] = $user_no;
$_SESSION['name'] = $username;
$_SESSION['inis'] = $user_inistitute;
$_SESSION['ut'] = $userType;
switch ($userType)
{
case "s" : header("Location: index.php");
break;
case "l" : header("Location: admin/index.php");
break;
case "t" : header("Location: tutor/index.php");
}
}
}
else
{
// illegal access
die("Invalid way to login please follow the right steps of login.");
}

}


?>

SKDevelopment
09-02-2009, 04:07 PM
What the function bio_connect() does ? It is necessary to see the code where $hdnLoginSubmit is defined.

tomws
09-02-2009, 04:16 PM
Is this the full code? There's no session_start() (http://php.net/session_start) at the top of the file.

hassanab
09-02-2009, 07:04 PM
index.php (there is hdnLoginSubmit in this page)


<?php
session_start();
@ob_start();
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Welcome to BioChemistryOnline.edu</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="stylesheet" href="1.css" type="text/css">
<SCRIPT language="JavaScript">
function setHomepage(myElement)
{
myElement.style.behavior='url(#default#homepage)';
myElement.setHomepage('http://www.biochemistryonline.edu');
return false;
}
</SCRIPT>
</head>

<body>
<table width="90%" height="100" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td colspan="3"><img src="images/banner3.jpg" width="100%" height="120"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td>&nbsp;<a href="index.php"><strong>Home</strong></a><strong>
&nbsp;&nbsp; <a href="about.php">About Us</a> &nbsp;&nbsp;<a href="contact.php">Contact
Us</a></strong> &nbsp;&nbsp;<strong><a href="publications.php">Publications</a></strong>&nbsp;&nbsp;
<?php
if (is_null($_SESSION['user']))
echo"<a href='generalcourse.php'><strong>Courses</strong></a>";
?></td>
</tr>
<tr>
<td colspan="3"><hr></td>
</tr>
<tr>
<td width="20%">&nbsp;</td>
<td width="5%">&nbsp;</td>
<td width="75%">&nbsp;</td>
</tr>
<tr>
<td width="20%" valign="bottom"><img src="images/side_m_top.jpg" width="100%" height="20" align="bottom"></td>
<td width="5%" valign="bottom">&nbsp;</td>
<td width="75%">
<h2><font color="#8e9bb8">Welcome to BiochemistryOnline.edu</font></h2></td>
</tr>
<tr>
<td width="20%" valign="top" bordercolor="#FFFFFF" background="images/bg.jpg">
<table width="100%" border="0">
<tr>
<td>
<?php
if (is_null($_SESSION['user']))
{
?>
<FORM id=frmLogin name=frmLogin action=login.php method=post>
<HR>
<strong>Existing users login </strong>
<HR>
<INPUT type=hidden value=true name=hdnLoginSubmit>
<TABLE cellSpacing=0 width="100%" border=0>
<TBODY>
<TR>
<TD align=left><FONT size=2>Username</FONT></TD>
</TR>
<TR>
<TD align=middle><INPUT id=Text1 size=10
name=txtUsername></TD>
</TR>
<TR>
<TD align=left><FONT size=2>Password</FONT></TD>
</TR>
<TR>
<TD align=middle><INPUT id=txtPassword type=password size=10
name=txtPassword></TD>
</TR>
<TR>
<TD align=middle><INPUT
onmouseup="this.src='images/login_01_over.jpg';"
onmousedown="this.src='images/login_01.jpg';"
onmouseover="this.src='images/login_01_over.jpg';"
onclick=javascript:document.frmLogin.submit();
onmouseout="this.src='images/login_01.jpg';" type=image
height=25 alt="Click to login" width=84
src="images/login_01.jpg"
border=0 name=Login_01> </TD>
</TR>
</TBODY>
</TABLE>
</FORM>
<?php
}
else
{
$user = $_SESSION['user'];
$name = $_SESSION['name'];
$ut = $_SESSION['ut'];
if ($ut == 's')
$type = "Student";
else
$type ="Teacher";
echo "<strong>Welcome $type <br><font color='#DEDEC7'> $name</font></strong>";
}
?>
</td>
</tr>
<tr>
<td>
<?php
if (is_null($_SESSION['user']))
echo"<strong><a href='forgetpswd.php'>forget password!</a></strong>";
else
echo"<strong><a href='mngAccount.php'>Manage My Account</a></strong>
<br><strong><a href='logout.php'>Logout</a>
<br><a href='students.php'>Students Page</a></strong>";
?>
</td>
</tr>
<tr>
<td>&nbsp;</td>
</tr>
<tr>
<td>&nbsp;</td>
</tr>
<tr>
<td align="center"><a href="http://www.saec-sd.org/" target="_blank"><img src="images/saec.jpg" width="140" height="40" border="0"></a></td>
</tr>
<tr>
<td></td>
</tr>
</table></td>
<td width="5%" bordercolor="#FFFFFF">&nbsp;</td>
<td width="75%" valign="top">
<table width="100%" border="0">
<tr>
<td width="75%" rowspan="3" align="left" valign="top"><div align="justify"><strong>Welcome
to Biochemistryonline, we hope to provide students, researchers
and teachers with useful information about medical biochemistry,
biostatistics and radiobiology. We try to collect some information
about each of the above mentioned disciplines from different sources,
textbooks, websites and lecture notes of our competent professors.
</strong> </div>
<p align="justify"><strong>Welcome and have a tour.</strong></p>
<p align="right"><em><font color="#330066"><strong>Eltayeb Anawrani<br>
</strong> </font></em></p></td>
<td align="center"><img src="images/DNA.jpg" width="53" height="108"></td>
</tr>
<tr>
<td>&nbsp;</td>
</tr>
<tr>
<td align="center" valign="top"><img src="images/2.jpg" width="116" height="118"></td>
</tr>
</table></td>
</tr>
<tr>
<td width="20%"><img src="images/side_m_bot.jpg" width="100%" height="20"></td>
<td width="150">&nbsp;</td>
<td>&nbsp;</td>
</tr>
<tr>
<td width="150">&nbsp;</td>
<td width="150">&nbsp;</td>
<td><div align="right"><SCRIPT type=text/javascript>
var browser=navigator.appName
var b_version=navigator.appVersion
var version=parseFloat(b_version)
if ((browser=="Microsoft Internet Explorer"))
{
document.write('<a href="#" onclick="setHomepage(this)"><font size="1">Make BiochemistryOnline.edu my homepage!</font></a>');
}
</SCRIPT>&nbsp;</div></td>
</tr>
<tr bgcolor="#8e9bb8">
<td colspan="3"><div align="center"><strong>Copyrights &copy; 2005-2006 BiochemistryOnline.edu.
All Rights Reserved.&nbsp;&nbsp;<a href="link.htm">About Us</a>, <a href="link.htm">Contact</a></strong></div></td>
</tr>
</table>
</body>
</html>

login.php


<?php
session_start();
@ob_start();
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Welcome to BioChemistryOnline.edu</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="stylesheet" href="1.css" type="text/css">
<SCRIPT language="JavaScript">
function setHomepage(myElement)
{
myElement.style.behavior='url(#default#homepage)';
myElement.setHomepage('http://www.biochemistryonline.edu');
return false;
}
</SCRIPT>
</head>

<body>
<table width="90%" height="100" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td colspan="3"><img src="images/banner3.jpg" width="100%" height="120"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td>&nbsp;<a href="index.php"><strong>Home</strong></a><strong>
&nbsp;&nbsp; <a href="about.php">About Us</a> &nbsp;&nbsp;<a href="contact.php">Contact
Us</a></strong></td>
</tr>
<tr>
<td colspan="3"><hr></td>
</tr>
<tr>
<td width="20%">&nbsp;</td>
<td width="5%">&nbsp;</td>
<td width="75%">&nbsp;</td>
</tr>
<tr>
<td width="20%" valign="bottom"><img src="images/side_m_top.jpg" width="100%" height="20" align="bottom"></td>
<td width="5%" valign="bottom">&nbsp;</td>
<td width="75%">
<h2><font color="#8e9bb8">Login to BiochemistryOnline.edu</font></h2></td>
</tr>
<tr>
<td width="20%" valign="top" bordercolor="#FFFFFF" background="images/bg.jpg">
<table width="100%" border="0">
<tr>
<td>&nbsp; </td>
</tr>
<tr>

<td>&nbsp; </td>
</tr>
<tr>
<td></td>
</tr>
</table></td>
<td width="5%" bordercolor="#FFFFFF">&nbsp;</td>
<td width="75%">
<table width="100%" border="0">
<tr>
<td width="75%" rowspan="6" align="left" valign="top">
<?php
if ($_SESSION['user']!=NULL)
{
// user already signed from this machine
$user = $_SESSION['user'];
echo"<strong><font color='red'>Sorry, User $user already signed from this computer.</font>
<br> Please, <a href='logout.php'>Logout</a> and then login.</strong>";
}
else
{
include 'main.php';
$link = bio_connect();
if ($hdnLoginSubmit)
{
$found = false;
// if user is student
$qr = "select * from students where std_id='$txtUsername' and std_password='$txtPassword'";
$res = mysql_query($qr)or die(mysql_error());
$rowsAffected = mysql_num_rows($res);
if ($rowsAffected != 0)
{
while ($row = mysql_fetch_array($res))
{
$username = $row[std_name];
$user_no = $row[std_no];
$user_inistitute = $row[inis_no];
$user_groupNo = $row[group_no];
}
$userType = "s";
$found = true;
}
else
{
// if user is teacher (lectural or tutor)
$qr = "select * from teachers where teach_id='$txtUsername' and teach_pswd='$txtPassword'";
$res = mysql_query($qr)or die(mysql_error());
$rowsAffected = mysql_num_rows($res);
if ($rowsAffected != 0)
{
while ($row = mysql_fetch_array($res))
{
$username = $row[tname];
$user_no = $row[teach_no];
$user_inistitute = $row[inis_no];
$userType = $row[teach_type];
}
$found = true;
}
else
{
//user not found
echo "<strong><font color='red'>Invalid User Name or Password</font><br>
<a href='index.php'>Click Here</a> if you have account, or contact the webmaster if you haven't.</strong>";
}
}
if ($found)
{
$_SESSION['user'] = $user_no;
$_SESSION['name'] = $username;
$_SESSION['inis'] = $user_inistitute;
$_SESSION['ut'] = $userType;
switch ($userType)
{
case "s" : header("Location: index.php");
break;
case "l" : header("Location: admin/index.php");
break;
case "t" : header("Location: tutor/index.php");
}
}
}
else
{
// illegal access
die("Invalid way to login please follow the right steps of login.");
}

}


?>
</td>
<td align="center">&nbsp;</td>
</tr>
<tr>
<td>&nbsp;</td>
</tr>
<tr>
<td>&nbsp;</td>
</tr>
<tr>
<td>&nbsp;</td>
</tr>
<tr>
<td>&nbsp;</td>
</tr>
<tr>
<td align="center" valign="top">&nbsp;</td>
</tr>
</table></td>
</tr>
<tr>
<td width="20%"><img src="images/side_m_bot.jpg" width="100%" height="20"></td>
<td width="150">&nbsp;</td>
<td>&nbsp;</td>
</tr>
<tr>
<td width="150">&nbsp;</td>
<td width="150">&nbsp;</td>
<td><div align="right"><SCRIPT type=text/javascript>
var browser=navigator.appName
var b_version=navigator.appVersion
var version=parseFloat(b_version)
if ((browser=="Microsoft Internet Explorer"))
{
document.write('<a href="#" onclick="setHomepage(this)"><font size="1">Make BiochemistryOnline.edu my homepage!</font></a>');
}
</SCRIPT>&nbsp;</div></td>
</tr>
<tr bgcolor="#8e9bb8">
<td colspan="3"><div align="center"><strong>Copyrights &copy; 2005-2006 BiochemistryOnline.edu.
All Rights Reserved.&nbsp;&nbsp;<a href="link.htm">About Us</a>, <a href="link.htm">Contact</a></strong></div></td>
</tr>
</table>
</body>
</html>

main.php (include bio_connect function)


<!doctype html public "-//W3C//DTD HTML 4.0//EN">
<html>
<head>
<title>Untitled web-page</title>
</head>
<body>
<?php
function bio_connect()
{
$link = mysql_connect("localhost", "myusername", "mypassword")
or die ("Could not connect to MySQL");
mysql_select_db ("mydbname")
or die ("Could not select database");
return $link;
}
?>
</body>
</html>

Fou-Lu
09-02-2009, 08:42 PM
This code uses a deprecated directive from register_globals. I'm surprised it was even enabled on you're old PHP4 host.
Values passed from get, post, cookies, etc should be requested via the $_GET, $_POST, $_COOKIE superglobals, much the same way you're using the $_SESSION superglobal.

Since $hdnLoginSubmit is undefined, an if ($hdnLoginSubmit) is always false, causing you're code to drop to the else statement. That should be if (isset($_POST['hdnLoginSubmit'])) which should allow you're code to proceed in the intended if block.

You should remove any html out of either main or login depending on how these are handled. As it sits, you're redeclaring you're doctype, html, head and body tags when it is not necessary to do this unless you're planning on using and parsing as an xml based result.

hassanab
09-03-2009, 07:26 AM
Thank you very much my login works fine



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum