Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    New to the CF scene
    Join Date
    Nov 2006
    Location
    FL
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Sessions :: register_globals went from ON to OFF

    Can someone please tell me where I'm going wrong with sessions. My authorization was working fine with register_globals on (ON to OFF in PHP 4.2.0) but with new php.ini settings I'm getting Warnings when I login. I though the fallowing code would work but doesn't. I'm not getting the warning now but I can't get to secure_page.php for some reason.
    ANY HELP??!!!

    ~A


    Code:
    <?php // index.php contains Login form action="check_access.php"
    session_start();
    header("Cache-control: private");
    
    $admin_username = "demo";
    $admin_password = "admin";
    
    $Match = array("@","\r","\n","\\");
    $Replace = array("","","","");
    $post_username = str_replace($Match, $Replace, $_POST['post_username']);
    $post_password = str_replace($Match, $Replace, $_POST['post_password']);
    
    if ($post_username == $admin_username && $post_password == $admin_password) {
    	$_SESSION['access_username'] = $admin_username ;
    	$_SESSION['access_password"'] = $admin_password ;
    	header ("Location: secure_page.php");
    } else {
    	header ("Location: index.php");
    	exit;
    }
    ?>
    Code:
    <?php // authorize.php
    session_start();
    header("Cache-control: private");
    
    $admin_username = "demo";
    $admin_password = "admin";
    
    if ($_SESSION['access_username'] != $admin_username && $_SESSION['access_password'] != $admin_password ) {
    	header ("Location: index.php");
    	session_destroy();
    	exit;
    }
    ?>
    Code:
    <?php // secure_page.php
    require("authorize.php");
    ?>

  • #2
    $object->toCD-R(LP); vinyl-junkie's Avatar
    Join Date
    Jun 2003
    Posts
    3,088
    Thanks
    2
    Thanked 23 Times in 23 Posts
    Nothing just really jumps out at me as being incorrect. Personally, I would start with some strategically placed echo statements in the code to see what's going on. For example:

    Code:
    <?php // index.php contains Login form action="check_access.php"
    session_start();
    header("Cache-control: private");
    
    $admin_username = "demo";
    $admin_password = "admin";
    
    echo "post password: " & $_POST['post_password'])& "<br>";
    echo "post username: " & $_POST['post_username']) & "<br>";
    echo "session username: " & $_SESSION['access_username'] & "<br>";
    echo "session password: " & $_SESSION['access_password"'] & "<br>";
    
    $Match = array("@","\r","\n","\\");
    $Replace = array("","","","");
    $post_username = str_replace($Match, $Replace, $_POST['post_username']);
    $post_password = str_replace($Match, $Replace, $_POST['post_password']);
    
    if ($post_username == $admin_username && $post_password == $admin_password) {
    	$_SESSION['access_username'] = $admin_username ;
    	$_SESSION['access_password"'] = $admin_password ;
    	header ("Location: secure_page.php");
    } else {
    	header ("Location: index.php");
    	exit;
    }
    ?>
    Music Around The World - Collecting tips, trade
    and want lists, album reviews, & more
    SNAP to it!

  • #3
    teh Moderatorinator
    Join Date
    Sep 2004
    Location
    USA
    Posts
    2,472
    Thanks
    4
    Thanked 40 Times in 40 Posts
    heh, vinyl...been doing too much asp! Concatenation is the '.' here.

    echo "post password: " . $_POST['post_password'] . "<br>";

  • #4
    $object->toCD-R(LP); vinyl-junkie's Avatar
    Join Date
    Jun 2003
    Posts
    3,088
    Thanks
    2
    Thanked 23 Times in 23 Posts
    Yep, you're right. And the heck of it is, I know better!
    Music Around The World - Collecting tips, trade
    and want lists, album reviews, & more
    SNAP to it!


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •