SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Addict buildakicker's Avatar
    Join Date
    Jun 2005
    Location
    NorCal
    Posts
    378
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Thumbs up Login problem, is it Register Globals Off? CODE

    Hi all,

    I have just recently had an issue with pages that use passwords to enter. I have this script set up:

    PHP Code:
    <?php
    session_start
    ();

    $user 'admin';
    $passw 'pass';

    if ((
    $_POST["username"] == $user) and ($_POST["password"] == $passw)){
        
    $_SESSION["login"] = "true";
        
    header("Location:edit.php");
        exit;
    } else {
        
    $_SESSION["error"] = "<font color=red>Wrong username or password. Try again.</font>";
        
    header("Location:index.php");
    }

    ?>
    That accepts the data from:

    HTML Code:
    <form name="login" method="post" action="verify.php">
    <table width="80%" border="0" align="center" cellpadding="4" cellspacing="1">
        <tr> 
          <td colspan="2"><div align="center">
            <h3><?php echo $_SESSION["error"]; ?></h3>
            <h3>Please Log In </h3>
          </div> 
          </td>
        </tr>
        <tr> 
          <td align="right" bgcolor="#DBD594"> <div align="right">Login</div></td>
          <td bgcolor="#DBD594"> <div align="left"> 
              <input name="username" type="text" id="username">
            </div></td>
        </tr>
        <tr> 
          <td bgcolor="#DBD594"> <div align="right">Password</div></td>
          <td bgcolor="#DBD594"> <div align="left"> 
              <input name="password" type="password" id="password">
            </div></td>
        </tr>
        <tr> 
          <td colspan="2"><div align="center"> 
              <input type="submit" name="Submit" value="Submit" class="button">
              &nbsp; 
              <input name="reset" type="reset" id="reset" value="Reset" class="button">
            </div></td>
        </tr>
    
        <tr>
        <td colspan=2 align=center>&nbsp;</td>
    
      </table>
    </form>
    Then EDIT.php is loaded. However, what happens when I login with the user and pass is the login page just reloads. It doesn't seem to even load verify.php, but it did 2 weeks ago. I noticed on the phpinfo() I did for the server that Register Globals is off. Does this make a difference here?

    Thanks!
    SKILEASES.COM - FREE rental listings!
    WILDFIREBLOG.COM - Wildland Fire microblog!

  2. #2
    SitePoint Evangelist
    Join Date
    Sep 2004
    Location
    Oregon
    Posts
    445
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    For testing purposes, change your top page to this:

    PHP Code:

    <?php
    session_start
    ();

    echo 
    $_POST["username"];
    echo 
    $_POST["password"];

    $user 'admin';
    $passw 'pass';

    if ((
    $_POST["username"] == $user) and ($_POST["password"] == $passw)){
        
    $_SESSION["login"] = "true";
        
    // header("Location:edit.php");
        
    exit;
    } else {
        
    $_SESSION["error"] = "<font color=red>Wrong username or password. Try again.</font>";
        
    // header("Location:index.php");
    }

    ?>
    When you load the page it should say the posted username, and then the password. If nothing is echoed, then no data is being carried. Regardless, an empty string does not equal your username and password and thus I am unsure why the authentication query is giving a true value.

  3. #3
    SitePoint Addict buildakicker's Avatar
    Join Date
    Jun 2005
    Location
    NorCal
    Posts
    378
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It does say adminpass when I do this, however, when I try and have it load the edit page... it just reloads the login page.

    It's like it doesn't like the Session
    SKILEASES.COM - FREE rental listings!
    WILDFIREBLOG.COM - Wildland Fire microblog!


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •