Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6
  1. #1
    New Coder
    Join Date
    Sep 2009
    Posts
    40
    Thanks
    3
    Thanked 0 Times in 0 Posts

    problem from upgrading php 4 to php5

    My website works fine on php4 when I upgrading to php5 there is problem in login the code give me this message
    ("Invalid way to login please follow the right steps of login.");
    I don't no why this happen
    PHP Code:
    <?php
                  
    if (!is_null($_SESSION['user']))                                                             
    {
                        
    // user already signed from this machine
                        
    $user $_SESSION['user'];
                        echo
    "<strong><font color='red'>Sorry, User $user already signed from this computer.</font>
                        <br> Please, <a href='logout.php'>Logout</a> and then login.</strong>"
    ;
                    }
                else
                    {
                        include 
    'main.php';
                        
    $link bio_connect();
                        if (
    $hdnLoginSubmit)
                            {
                                  
    $found false;
                                
    // if user is student
                                
    $qr "select * from students where std_id='$txtUsername' and std_password='$txtPassword'";
                                
    $res mysql_query($qr)or die(mysql_error());
                                
    $rowsAffected mysql_num_rows($res);
                                if (
    $rowsAffected != 0)
                                    {
                                        while (
    $row mysql_fetch_array($res))
                                            {
                                                
    $username $row[std_name];
                                                
    $user_no $row[std_no];
                                                
    $user_inistitute $row[inis_no];
                                                
    $user_groupNo $row[group_no];
                                            }
                                        
    $userType "s";
                                        
    $found true;
                                    }
                                else
                                    {
                                        
    // if user is teacher (lectural or tutor)
                                        
    $qr "select * from teachers where teach_id='$txtUsername' and teach_pswd='$txtPassword'";
                                        
    $res mysql_query($qr)or die(mysql_error());
                                        
    $rowsAffected mysql_num_rows($res);
                                        if (
    $rowsAffected != 0)
                                            {
                                                while (
    $row mysql_fetch_array($res))
                                                    {
                                                        
    $username $row[tname];
                                                        
    $user_no $row[teach_no];
                                                        
    $user_inistitute $row[inis_no];
                                                        
    $userType $row[teach_type];
                                                    }
                          
    $found true;
                                            }
                                        else
                                            {
                                                
    //user not found
                                                
    echo "<strong><font color='red'>Invalid User Name or Password</font><br>
                                                <a href='index.php'>Click Here</a> if you have account, or contact the webmaster if you haven't.</strong>"
    ;
                                            }
                                    }
                  if (
    $found)
                     {
                      
    $_SESSION['user'] = $user_no;
                              
    $_SESSION['name'] = $username;
                              
    $_SESSION['inis'] = $user_inistitute;
                              
    $_SESSION['ut'] = $userType;
                              switch (
    $userType)
                                     {
                                        case 
    "s" header("Location: index.php");
                                          break;
                                        case 
    "l" header("Location: admin/index.php");
                                          break;
                                        case 
    "t" header("Location: tutor/index.php");
                                   }
                     }
    }
    else
     {
                                
    // illegal access
                                
    die("Invalid way to login please follow the right steps of login.");
                            }
                                    
                            }
                    
                                   
              
    ?>

  • #2
    Regular Coder
    Join Date
    Mar 2006
    Posts
    238
    Thanks
    3
    Thanked 37 Times in 37 Posts
    What the function bio_connect() does ? It is necessary to see the code where $hdnLoginSubmit is defined.

  • #3
    Senior Coder tomws's Avatar
    Join Date
    Nov 2007
    Location
    Arkansas
    Posts
    2,644
    Thanks
    29
    Thanked 330 Times in 326 Posts
    Is this the full code? There's no session_start() at the top of the file.
    Are you a Help Vampire?

  • #4
    New Coder
    Join Date
    Sep 2009
    Posts
    40
    Thanks
    3
    Thanked 0 Times in 0 Posts
    index.php (there is hdnLoginSubmit in this page)
    PHP Code:
    <?php
        session_start
    ();
        @
    ob_start();
    ?>
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
    <html>
    <head>
    <title>Welcome to BioChemistryOnline.edu</title>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    <link rel="stylesheet" href="1.css" type="text/css">
    <SCRIPT language="JavaScript">
                                function setHomepage(myElement)
                                {
                                    myElement.style.behavior='url(#default#homepage)';
                                    myElement.setHomepage('http://www.biochemistryonline.edu');
                                    return false;
                                }
                            </SCRIPT>
    </head>

    <body>
    <table width="90%" height="100" border="0" align="center" cellpadding="0" cellspacing="0">
      <tr> 
        <td colspan="3"><img src="images/banner3.jpg" width="100%" height="120"></td>
      </tr>
      <tr> 
        <td>&nbsp;</td>
        <td>&nbsp;</td>
        <td>&nbsp;<a href="index.php"><strong>Home</strong></a><strong> 
          &nbsp;&nbsp; <a href="about.php">About Us</a> &nbsp;&nbsp;<a href="contact.php">Contact 
          Us</a></strong> &nbsp;&nbsp;<strong><a href="publications.php">Publications</a></strong>&nbsp;&nbsp; 
          <?php
              
    if (is_null($_SESSION['user']))
                echo
    "<a href='generalcourse.php'><strong>Courses</strong></a>";
          
    ?></td>
      </tr>
      <tr> 
        <td colspan="3"><hr></td>
      </tr>
      <tr> 
        <td width="20%">&nbsp;</td>
        <td width="5%">&nbsp;</td>
        <td width="75%">&nbsp;</td>
      </tr>
      <tr> 
        <td width="20%" valign="bottom"><img src="images/side_m_top.jpg" width="100%" height="20" align="bottom"></td>
        <td width="5%" valign="bottom">&nbsp;</td>
        <td width="75%"> 
          <h2><font color="#8e9bb8">Welcome to BiochemistryOnline.edu</font></h2></td>
      </tr>
      <tr> 
        <td width="20%" valign="top" bordercolor="#FFFFFF" background="images/bg.jpg">
    <table width="100%" border="0">
            <tr> 
              <td> 
                <?php
              
    if (is_null($_SESSION['user']))
              {
                  
    ?>
                <FORM id=frmLogin name=frmLogin action=login.php method=post>
                  <HR>
                  <strong>Existing users login </strong> 
                  <HR>
                  <INPUT type=hidden value=true name=hdnLoginSubmit>
                  <TABLE cellSpacing=0 width="100%" border=0>
                    <TBODY>
                      <TR> 
                        <TD align=left><FONT size=2>Username</FONT></TD>
                      </TR>
                      <TR> 
                        <TD align=middle><INPUT id=Text1 size=10 
                  name=txtUsername></TD>
                      </TR>
                      <TR> 
                        <TD align=left><FONT size=2>Password</FONT></TD>
                      </TR>
                      <TR> 
                        <TD align=middle><INPUT id=txtPassword type=password size=10 
                      name=txtPassword></TD>
                      </TR>
                      <TR> 
                        <TD align=middle><INPUT 
                      onmouseup="this.src='images/login_01_over.jpg';" 
                      onmousedown="this.src='images/login_01.jpg';" 
                      onmouseover="this.src='images/login_01_over.jpg';" 
                      onclick=javascript:document.frmLogin.submit(); 
                      onmouseout="this.src='images/login_01.jpg';" type=image 
                      height=25 alt="Click to login" width=84 
                      src="images/login_01.jpg" 
                      border=0 name=Login_01> </TD>
                      </TR>
                    </TBODY>
                  </TABLE>
                </FORM>
                <?php
                
    }
                else
                    {
                        
    $user $_SESSION['user'];
                        
    $name $_SESSION['name'];
                        
    $ut $_SESSION['ut'];
                        if (
    $ut == 's')
                 
    $type "Student";
              else
                  
    $type ="Teacher";
                        echo 
    "<strong>Welcome $type <br><font color='#DEDEC7'> $name</font></strong>";
                    }
                
    ?>
              </td>
            </tr>
            <tr> 
              <td> 
                <?php
              
    if (is_null($_SESSION['user']))
                      echo
    "<strong><a href='forgetpswd.php'>forget password!</a></strong>";
              else
                      echo
    "<strong><a href='mngAccount.php'>Manage My Account</a></strong>
                      <br><strong><a href='logout.php'>Logout</a>
              <br><a href='students.php'>Students Page</a></strong>"
    ;
              
    ?>
              </td>
            </tr>
            <tr> 
              <td>&nbsp;</td>
            </tr>
            <tr> 
              <td>&nbsp;</td>
            </tr>
            <tr> 
              <td align="center"><a href="http://www.saec-sd.org/" target="_blank"><img src="images/saec.jpg" width="140" height="40" border="0"></a></td>
            </tr>
            <tr> 
              <td></td>
            </tr>
          </table></td>
        <td width="5%" bordercolor="#FFFFFF">&nbsp;</td>
        <td width="75%" valign="top"> 
          <table width="100%" border="0">
            <tr> 
              <td width="75%" rowspan="3" align="left" valign="top"><div align="justify"><strong>Welcome 
                  to Biochemistryonline, we hope to provide students, researchers 
                  and teachers with useful information about medical biochemistry, 
                  biostatistics and radiobiology. We try to collect some information 
                  about each of the above mentioned disciplines from different sources, 
                  textbooks, websites and lecture notes of our competent professors. 
                  </strong> </div>
                <p align="justify"><strong>Welcome and have a tour.</strong></p>
                <p align="right"><em><font color="#330066"><strong>Eltayeb Anawrani<br>
                  </strong> </font></em></p></td>
              <td align="center"><img src="images/DNA.jpg" width="53" height="108"></td>
            </tr>
            <tr> 
              <td>&nbsp;</td>
            </tr>
            <tr> 
              <td align="center" valign="top"><img src="images/2.jpg" width="116" height="118"></td>
            </tr>
          </table></td>
      </tr>
      <tr> 
        <td width="20%"><img src="images/side_m_bot.jpg" width="100%" height="20"></td>
        <td width="150">&nbsp;</td>
        <td>&nbsp;</td>
      </tr>
      <tr> 
        <td width="150">&nbsp;</td>
        <td width="150">&nbsp;</td>
        <td><div align="right"><SCRIPT type=text/javascript>
                                                var browser=navigator.appName
                                                var b_version=navigator.appVersion
                                                var version=parseFloat(b_version)
                                                if ((browser=="Microsoft Internet Explorer"))
                                                {
                                                    document.write('<a href="#" onclick="setHomepage(this)"><font size="1">Make BiochemistryOnline.edu my homepage!</font></a>');
                                                }
                                        </SCRIPT>&nbsp;</div></td>
      </tr>
      <tr bgcolor="#8e9bb8"> 
        <td colspan="3"><div align="center"><strong>Copyrights &copy; 2005-2006 BiochemistryOnline.edu. 
            All Rights Reserved.&nbsp;&nbsp;<a href="link.htm">About Us</a>, <a href="link.htm">Contact</a></strong></div></td>
      </tr>
    </table>
    </body>
    </html>
    login.php
    PHP Code:
    <?php
        session_start
    ();
        @
    ob_start();
    ?>
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
    <html>
    <head>
    <title>Welcome to BioChemistryOnline.edu</title>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    <link rel="stylesheet" href="1.css" type="text/css">
    <SCRIPT language="JavaScript">
                                function setHomepage(myElement)
                                {
                                    myElement.style.behavior='url(#default#homepage)';
                                    myElement.setHomepage('http://www.biochemistryonline.edu');
                                    return false;
                                }
                            </SCRIPT>
    </head>

    <body>
    <table width="90%" height="100" border="0" align="center" cellpadding="0" cellspacing="0">
      <tr> 
        <td colspan="3"><img src="images/banner3.jpg" width="100%" height="120"></td>
      </tr>
      <tr> 
        <td>&nbsp;</td>
        <td>&nbsp;</td>
        <td>&nbsp;<a href="index.php"><strong>Home</strong></a><strong> 
          &nbsp;&nbsp; <a href="about.php">About Us</a> &nbsp;&nbsp;<a href="contact.php">Contact 
          Us</a></strong></td>
      </tr>
      <tr> 
        <td colspan="3"><hr></td>
      </tr>
      <tr> 
        <td width="20%">&nbsp;</td>
        <td width="5%">&nbsp;</td>
        <td width="75%">&nbsp;</td>
      </tr>
      <tr> 
        <td width="20%" valign="bottom"><img src="images/side_m_top.jpg" width="100%" height="20" align="bottom"></td>
        <td width="5%" valign="bottom">&nbsp;</td>
        <td width="75%"> 
          <h2><font color="#8e9bb8">Login to BiochemistryOnline.edu</font></h2></td>
      </tr>
      <tr> 
        <td width="20%" valign="top" bordercolor="#FFFFFF" background="images/bg.jpg">
    <table width="100%" border="0">
            <tr> 
              <td>&nbsp; </td>
            </tr>
            <tr> 
                
              <td>&nbsp; </td>
            </tr>
            <tr>
              <td></td>
            </tr>
          </table></td>
        <td width="5%" bordercolor="#FFFFFF">&nbsp;</td>
        <td width="75%">
    <table width="100%" border="0">
            <tr> 
              <td width="75%" rowspan="6" align="left" valign="top">
              <?php
                  
    if ($_SESSION['user']!=NULL)                                                             
    {
                        
    // user already signed from this machine
                        
    $user $_SESSION['user'];
                        echo
    "<strong><font color='red'>Sorry, User $user already signed from this computer.</font>
                        <br> Please, <a href='logout.php'>Logout</a> and then login.</strong>"
    ;
                    }
                else
                    {
                        include 
    'main.php';
                        
    $link bio_connect();
                        if (
    $hdnLoginSubmit)
                            {
                                  
    $found false;
                                
    // if user is student
                                
    $qr "select * from students where std_id='$txtUsername' and std_password='$txtPassword'";
                                
    $res mysql_query($qr)or die(mysql_error());
                                
    $rowsAffected mysql_num_rows($res);
                                if (
    $rowsAffected != 0)
                                    {
                                        while (
    $row mysql_fetch_array($res))
                                            {
                                                
    $username $row[std_name];
                                                
    $user_no $row[std_no];
                                                
    $user_inistitute $row[inis_no];
                                                
    $user_groupNo $row[group_no];
                                            }
                                        
    $userType "s";
                                        
    $found true;
                                    }
                                else
                                    {
                                        
    // if user is teacher (lectural or tutor)
                                        
    $qr "select * from teachers where teach_id='$txtUsername' and teach_pswd='$txtPassword'";
                                        
    $res mysql_query($qr)or die(mysql_error());
                                        
    $rowsAffected mysql_num_rows($res);
                                        if (
    $rowsAffected != 0)
                                            {
                                                while (
    $row mysql_fetch_array($res))
                                                    {
                                                        
    $username $row[tname];
                                                        
    $user_no $row[teach_no];
                                                        
    $user_inistitute $row[inis_no];
                                                        
    $userType $row[teach_type];
                                                    }
                          
    $found true;
                                            }
                                        else
                                            {
                                                
    //user not found
                                                
    echo "<strong><font color='red'>Invalid User Name or Password</font><br>
                                                <a href='index.php'>Click Here</a> if you have account, or contact the webmaster if you haven't.</strong>"
    ;
                                            }
                                    }
                  if (
    $found)
                     {
                      
    $_SESSION['user'] = $user_no;
                              
    $_SESSION['name'] = $username;
                              
    $_SESSION['inis'] = $user_inistitute;
                              
    $_SESSION['ut'] = $userType;
                              switch (
    $userType)
                                     {
                                        case 
    "s" header("Location: index.php");
                                          break;
                                        case 
    "l" header("Location: admin/index.php");
                                          break;
                                        case 
    "t" header("Location: tutor/index.php");
                                   }
                     }
    }
    else
     {
                                
    // illegal access
                                
    die("Invalid way to login please follow the right steps of login.");
                            }
                                    
                            }
                    
                                   
              
    ?> 
              </td>
              <td align="center">&nbsp;</td>
            </tr>
            <tr> 
              <td>&nbsp;</td>
            </tr>
            <tr> 
              <td>&nbsp;</td>
            </tr>
            <tr> 
              <td>&nbsp;</td>
            </tr>
            <tr> 
              <td>&nbsp;</td>
            </tr>
            <tr> 
              <td align="center" valign="top">&nbsp;</td>
            </tr>
          </table></td>
      </tr>
      <tr> 
        <td width="20%"><img src="images/side_m_bot.jpg" width="100%" height="20"></td>
        <td width="150">&nbsp;</td>
        <td>&nbsp;</td>
      </tr>
      <tr> 
        <td width="150">&nbsp;</td>
        <td width="150">&nbsp;</td>
        <td><div align="right"><SCRIPT type=text/javascript>
                                                var browser=navigator.appName
                                                var b_version=navigator.appVersion
                                                var version=parseFloat(b_version)
                                                if ((browser=="Microsoft Internet Explorer"))
                                                {
                                                    document.write('<a href="#" onclick="setHomepage(this)"><font size="1">Make BiochemistryOnline.edu my homepage!</font></a>');
                                                }
                                        </SCRIPT>&nbsp;</div></td>
      </tr>
      <tr bgcolor="#8e9bb8"> 
        <td colspan="3"><div align="center"><strong>Copyrights &copy; 2005-2006 BiochemistryOnline.edu. 
            All Rights Reserved.&nbsp;&nbsp;<a href="link.htm">About Us</a>, <a href="link.htm">Contact</a></strong></div></td>
      </tr>
    </table>
    </body>
    </html>
    main.php (include bio_connect function)
    PHP Code:
    <!doctype html public "-//W3C//DTD HTML 4.0//EN">
    <html>
    <head>
      <title>Untitled web-page</title>
    </head>
    <body>
    <?php
    function bio_connect()
    {
    $link mysql_connect("localhost""myusername""mypassword")
               or die (
    "Could not connect to MySQL");
    mysql_select_db ("mydbname")
               or die (
    "Could not select database");
    return 
    $link;
    }
    ?>
    </body>
    </html>

  • #5
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,987
    Thanks
    4
    Thanked 2,660 Times in 2,629 Posts
    This code uses a deprecated directive from register_globals. I'm surprised it was even enabled on you're old PHP4 host.
    Values passed from get, post, cookies, etc should be requested via the $_GET, $_POST, $_COOKIE superglobals, much the same way you're using the $_SESSION superglobal.

    Since $hdnLoginSubmit is undefined, an if ($hdnLoginSubmit) is always false, causing you're code to drop to the else statement. That should be if (isset($_POST['hdnLoginSubmit'])) which should allow you're code to proceed in the intended if block.

    You should remove any html out of either main or login depending on how these are handled. As it sits, you're redeclaring you're doctype, html, head and body tags when it is not necessary to do this unless you're planning on using and parsing as an xml based result.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • #6
    New Coder
    Join Date
    Sep 2009
    Posts
    40
    Thanks
    3
    Thanked 0 Times in 0 Posts
    Thank you very much my login works fine


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •