PDA

View Full Version : php help



Narayana
01-09-2006, 04:09 PM
i'm making a site with loads of php. it works fine on my local system. but when i upload to server, lots of problems arise.. they all seem to be related to session variables not being set/unset. Any known reason for this?? Like once i've logged out, if i click home again, i'm getting logged in as a user with no name. Acco. to my code, thios only happens if the session flag is not unset. but the execution reachs the part to unset session variable.
It works fine on localhost.
i'm stumped. i've rechecked my code 100 times. it ought to work.
would have posted the code here.. but its a bit big :ee: more than 300 lines of undocumented crappy code...
Any idea?

coolian
01-09-2006, 04:26 PM
Some code would definitely help in pinpointing the error - if you don't mind, that is.

Narayana
01-11-2006, 01:19 AM
sure. will post the code later today after college
--N

Narayana
01-11-2006, 12:04 PM
REPOST
delete this, mods.

Narayana
01-11-2006, 12:06 PM
<?php
include "phpmysql.php";//Contains expanded forms of query&#40;&#41; fn., other fns
// like mysql_ connect&#40;&#41;, etc.
session_start&#40;&#41;;

/*Session variables used&#58;
utype &#58; This is to display the menu bar selectively,
acco. as user is student/admin etc.
Used in menuBar.php
login &#58; To select action on password error, user error
successful login etc. used only in this file.
count &#58; TO keep track of how many times a wrong password
is entered
flag &#58; just that, a flag.
*/


if&#40; $_GET&#91;'logout'&#93; ==1 &#41;&#123;
session_destroy&#40;&#41;;
&#125;

if&#40; !isset&#40;$_SESSION&#91;'flag'&#93;&#41; &#41; &#123;
//If no yet logged in,
if&#40; isset&#40;$_SESSION&#91;'count'&#93;&#41; &#41;
$_SESSION&#91;'count'&#93;++;//This is to freeze account if login fails 3 times.
else
$_SESSION&#91;'count'&#93; = 0;
$_SESSION&#91;'uid'&#93; = $_POST&#91;'uid'&#93;;//Accepting uid from form

if&#40;isset&#40;$_POST&#91;'uid'&#93;&#41;&#41; &#123;
$link = connect&#40;&#41;;
opendb&#40;&#41;;
$query="select * from users where uid='".$_POST&#91;'uid'&#93;."'";
//uid is primary key in db.
$line=mysql_fetch_array&#40;&#40;$resu lt=query&#40;$query&#41;&#41;,MYSQL_ASSOC&#41; ;
//line stores the resulting row.
if&#40; !line &#41; &#123; //No such user!
//Unset everything except login.
$_SESSION&#91;'login'&#93; = "UserError";
unset&#40;$_SESSION&#91;'utype'&#93;&#41;;
unset&#40;$_SESSION&#91;'count'&#93;&#41;;
unset&#40;$_SESSION&#91;'flag'&#93;&#41;;
&#125;
else&#123; //User Exists.
if&#40;$line&#91;'session'&#93;==='frozen' &#41; &#123;
$_SESSION&#91;'login'&#93; = "AccountFrozen";
unset&#40;$_SESSION&#91;'utype'&#93;&#41;;
unset&#40;$_SESSION&#91;'count'&#93;&#41;;
unset&#40;$_SESSION&#91;'flag'&#93;&#41;;
&#125;
else &#123; //Account is active.
if&#40; $line&#91;'pwd'&#93; == md5&#40;$_POST&#91;'pwd'&#93;&#41; &#41; &#123;//Password correct
$_SESSION&#91;'login'&#93; = "OK";
//Logged in successfully
$_SESSION&#91;'uid'&#93; = $_POST&#91;'uid'&#93;;
unset&#40;$_SESSION&#91;'count'&#93;&#41;;
unset&#40;$_SESSION&#91;'flag'&#93;&#41;;
&#125;
else&#123;
$_SESSION&#91;'login'&#93; = "PassError";
unset&#40;$_SESSION&#91;'flag'&#93;&#41;;
unset&#40;$_SESSION&#91;'utype'&#93;&#41;;
&#125;
&#125;
&#125;
closedb&#40;$result,$link&#41;;
&#125;
&#125;
else &#123;
$_SESSION&#91;'login'&#93;="OK";
&#125;
?>
<html>
<head>


<link rel="stylesheet" href="menustyle.css" type="text/css">
<link rel="stylesheet" href="menu.css" type="text/css">
<script type="text/javascript" src="coolmenus4.js">
</script>


<script language="javascript">
<!--
function checkform&#40;&#41;
&#123;
var message="",errno=0,flag;
if &#40;document.frmlogin.uid.value.l ength==0&#41;
message=message+&#40;++errno&#41;+". User ID field is blank\n";
if &#40;document.frmlogin.pwd.value.l ength<6&#41;
message=message+&#40;++errno&#41;+". Password must be at least six characters\n";
if &#40;message.length>0&#41;&#123;
alert&#40;message&#41;;
return false;
&#125;
else
return true;
&#125;
-->
</script>
</head>

<body topmargin="0" leftmargin="0">


<?php
include "menubar.php";//Conditional menu display
?>

<?php
if&#40;$_SESSION&#91;'login'&#93; == "AccountFrozen"&#41; &#123;
echo "<h2><font color=red><u>Account frozen! Please contact administrator to correct!</u></font></h2>";
unset&#40;$_SESSION&#91;'login'&#93;&#41;;
die&#40;&#41;;
&#125;
if&#40; !isset&#40;$_SESSION&#91;'flag'&#93;&#41; &#41; &#123;
if&#40;$_SESSION&#91;'login'&#93;=="OK"&#41;&#123;
echo "<img src=\"welcome.gif\" width=\"80\" height=\"60\">

";
echo "Congratulations! You have been logged in!
";
echo "Your account is ".$_SESSION&#91;'uid'&#93;;
$_SESSION&#91;'flag'&#93; = session_id&#40;&#41;;
die&#40;&#41;;
&#125;
else if&#40;$_SESSION&#91;'login'&#93;=="PassError"&#41; &#123;
echo "<h2><font color=red><u>Login failed! Password Wrong!</u></font></h2>";
if&#40;$_SESSION&#91;'count'&#93; >= 3&#41;&#123;
echo "<h2><font color=red><u>Your login has failed three times. Freezing your account! Ask your system administrator for re-enabling your account.</u></font></h2>";
$link = connect&#40;&#41;;
opendb&#40;&#41;;
$query= "update users set session='frozen' where uid='".$_POST&#91;'uid'&#93;."'";
$result=query&#40;$query&#41;;
unset&#40;$_SESSION&#91;'count'&#93;&#41;;
unset&#40;$_SESSION&#91;'flag'&#93;&#41;;
unset&#40;$_SESSION&#91;'login'&#93;&#41;;
closedb&#40;$result,$link&#41;;
die&#40;&#41;;
&#125;
&#125;
else if&#40;$_SESSION&#91;'login'&#93;=="UserError"&#41;&#123;
echo "<h3>No such user! </h3>";
&#125;
if&#40;$logout==1&#41;&#123;
echo "<h3>You are now logged out...Click Home to Login
</h3>";
&#125;
?>



<h2><div class="center"><font color=green><u>Please Login</u></font></div></h2>

<div class="center">
<form name="frmlogin" action="home.php"" method="POST" onSubmit="return checkform&#40;&#41;;">


<table width=50% cellpadding="3">
<tr>
<td class="e">
User Name&#58;
</td>
<td>
<input type="text" name="uid" maxlength="12" title="Enter User ID eg&#58; Tom">
</td>
</tr>

<tr>
<td class="v">
Password&#58;
</td>
<td>
<input type="password" name="pwd" maxlength="12" title="Enter Password, max 12 characters, min 6 characters">
</td>
</tr>

<tr>
<td>


</td>
</tr>

<tr>
<td>


</td>
<td>
<input type="submit" value="Sign In" title="Click here to submit the authentication information">
<input type="reset" value="Clear all fields" title="Clear text from all fields">
</td>
</tr>

</table>
</form>
</div>
<?php
die&#40;&#41;;
&#125;
else &#123;
echo "<h3>You are currently logged in as \"" . $_SESSION&#91;'uid'&#93; . "\"
";
&#125;
?>
</body>
</html>


I've edited most html parts. The problem is this project is passed on to me... i've got to do the tough job of reading some1 else's code and modifying it. And this is my first attempt at php. This thing works fine in localhost, but when uploaded to server, starts misbehaving... I'm able to login even if the username is wrong.. and the username appears as null...
all the best reading the code :ee:
and thanks.

coolian
01-13-2006, 04:44 AM
Narayana - I've not had the chance to look at the code, but I'll do that over the weekend.

Narayana
01-13-2006, 12:44 PM
thnx. do you know of any changes to be made when a site is uploaded to the actual server?? Compared to local server??

coolian
01-22-2006, 05:03 AM
Sorry for the late reply. Did you get around the problem?

I can't really see what's wrong with your code - it seems alright - but without being able to test it from my side, there's not really much I can say. And as far as I know, no changes need to be made when the site is uploaded to a server...

Anyway - you might find this example (http://www.evolt.org/article/PHP_Login_Script_with_Remember _Me_Feature/17/60265/) useful.

Narayana
01-22-2006, 05:11 AM
nop. i didnt solve it... btw, another friend of mine doesnt get any problem while accessing the site.... :Ksp: :Ksp:
Thanks anyway. Will check that site...