SitePoint Sponsor

User Tag List

Results 1 to 5 of 5
  1. #1
    SitePoint Addict
    Join Date
    Feb 2006
    Posts
    299
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Help With This Php Code: It Is Not Working In Some Broswers

    Hello People,
    I have a php code embbeded in html. It is working well or as expected in Mozilla Firefox broswer. But when I open the same page in Microsoft Internet Explorer it is giving blank page without give an error. Your help will be highly appreciated.

    PHP CODE is as follows:

    PHP Code:
    <?php
    include'users/Connections/connections.php';

    /* Variables */ 
    $user $_POST["Username"]; 
    $pass md5($_POST["Password"]); 

    //pages where to redirect after login or failing to login


     
    $resultpage7="login_failed.php";
          
     
    //selecting variables
     
    $tusername=mysql_query("select username from  phpdesk_users where username = '$user' AND password='$pass'")or die("<center><font face=\"arial\" size=\"2\">Error!! Select Operation Failed.1 Reason: 
        "
    .mysql_error()."</font></center>");
    $row mysql_fetch_object($tusername);
    $disusername$row->username;


    $tdivision=mysql_query("select division from  phpdesk_users where username= '$user' AND password='$pass'")or die("<center>
        <font face=\"arial\" size=\"2\">Error!! Select2 Operation Failed. Reason: 
        "
    .mysql_error()."</font></center>");
    $row mysql_fetch_object($tdivision);
    $disdivision$row->division;


    $textension=mysql_query("select  work_ext from  phpdesk_users where username = '$user' AND password='$pass'")or die("<center>
        <font face=\"arial\" size=\"2\">Error!!3 Select Operation Failed. Reason: 
        "
    .mysql_error()."</font></center>");
    $row mysql_fetch_object($textension);
    $disextension$row->work_ext;

    $tstation=mysql_query("select station from  phpdesk_users where username= '$user' AND password='$pass'")or die("<center>
        <font face=\"arial\" size=\"2\">Error!!4 Select Operation Failed. Reason: 
        "
    .mysql_error()."</font></center>");
    $row mysql_fetch_object($tstation);
    $disstation$row->station;

    $tname=mysql_query("select name  from  phpdesk_users where username= '$user' AND password='$pass'")or die("<center>
        <font face=\"arial\" size=\"2\">Error!!5 Select Operation Failed. Reason: 
        "
    .mysql_error()."</font></center>");
    $row mysql_fetch_object($tname);
    $disname$row->name;   

    $tsection=mysql_query("select section  from  phpdesk_users where username= '$user' AND password='$pass'")or die("<center>
        <font face=\"arial\" size=\"2\">Error!!5 Select Operation Failed. Reason: 
        "
    .mysql_error()."</font></center>");
    $row mysql_fetch_object($tsection);
    $tsectionfinal$row->section;   
         
    $ttype=mysql_query("select type  from  phpdesk_users where username= '$user' AND password='$pass'")or die("<center>
        <font face=\"arial\" size=\"2\">Error!!5 Select Operation Failed. Reason: 
        "
    .mysql_error()."</font></center>");
    $row mysql_fetch_object($ttype);
    $distype$row->type;     
     
          
    $dtoday date('Y-m-j'); 
    $today =time("h:i:s "); 
    $curtime time(); 
    $utcdiff date('Z'$curtime); // get difference to UTC in seconds 
    $bmttime $curtime $utcdiff 7200// BMT = UTC+0100 

    $deecho =' ' date('H:i:s'$bmttime) . ' ' date(''$curtime); 


    /* Query */ 
    $query "SELECT * FROM phpdesk_users WHERE username= '$user' AND password = '$pass'";


    //redirecting staff
    if($distype=="staff")
    {
     
    $resultpage1 "itstaff/ControlPanel.php";
    }

    //redirecting user
    elseif($distype=="user")
    {
    //checking if user has submitted details

         
    if(($disdivision=="NoDetails") and ($tsectionfinal=="NoDetails") and ($disstation=="NoDetails")){
         
    $resultpage1 "users/Add_Details.php";
           }

           else{

           
    $resultpage1 "users/ControlPanel.php";
             }
           }
          
    //redirecting administrator
          
     
    elseif($distype=="admin")
          {
       
    $resultpage1 "itadmin/ControlPanel.php";

       }
     


    /* query the database */
    $result mysql_query($query);


    if (
    mysql_fetch_row($result)){ 
       
        
    /* Allow access if a matching record was found, else deny access. */ 
                 
    $_SESSION['Username'] = "Username";
              
    $_SESSION['Password'] = "Password";
             
    $_SESSION['username'] = "username";
             
    $_SESSION['key1']=$disname;
             
    $_SESSION['kite']=$disusername;
             
    $_SESSION['kite2']=$distype;
             
    $_SESSION['kite3']=$disdivision;
             
    $_SESSION['sectcode']=$tsectionfinal;
             
    $_SESSION['stationd']=$disstation;
                 
    $_SESSION['auth']=true;
                  
    session_write_close();     
        
             
    ?>
              <HEAD>
              <script language="JavaScript" type="text/javascript"> 
    <!-- 
    location.replace("<?php echo $resultpage1?>?sid=<?php echo strip_tags($sid); ?>"); 
    //--> 
                      </script>
              </HEAD>
              <?php
                
     
           
        
    } else { 
        
        echo
    "Wrong password";
                
    ?>
              <HEAD>
              <script language="JavaScript" type="text/javascript"> 
    <!-- 
    location.replace("<?php echo $resultpage7?>?sid=<?php echo strip_tags($sid); ?>"); 
    //--> 
                      </script>
              </HEAD>
              <?php
        

     
    ?>

  2. #2
    SitePoint Wizard silver trophybronze trophy Stormrider's Avatar
    Join Date
    Sep 2006
    Location
    Nottingham, UK
    Posts
    3,133
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    It won't be a browser issue, php runs on the server and both browsers are given the same output.

    A couple of other points: Why are you running all those separate queries at the top? Just SELECT * then grab the field names all from the same query.

    You need to sanitise your input before passing it into a query, using mysql_real_escape_string.

  3. #3
    SitePoint Addict
    Join Date
    Feb 2006
    Posts
    299
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    what is mysql_real_escape_string?

  4. #4
    rajug.replace('Raju Gautam'); bronze trophy Raju Gautam's Avatar
    Join Date
    Oct 2006
    Location
    Kathmandu, Nepal
    Posts
    4,013
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    As the word itself points that it escapes some special characters (specially quotes) in a string. Can you please see the PHP Manual before asking such where you can be much clear?
    Mistakes are proof that you are trying.....
    ------------------------------------------------------------------------
    PSD to HTML - SlicingArt.com | Personal Blog | ZCE - PHP 5

  5. #5
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,508
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    As stormrider says, both browsers get the same result, which is a HTML/Javascript page. So the problem must be that in that HTML/JS code there's something that IE doesn't like.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •