SitePoint Sponsor

User Tag List

Results 1 to 2 of 2

Thread: Passing PHP variables through a variables page is not working... need some advice

  1. Feb 17, 2012 11:00 #1
    Angrypoonani
    Angrypoonani is offline
    SitePoint Enthusiast Angrypoonani's Avatar
    Join Date
    Mar 2011
    Posts
    35
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question Passing PHP variables through a variables page is not working... need some advice

    Now I'm pretty new to PHP and server scripting so I could be having a problem with some no brainer rules or simple syntax but I can't get this code to work...

    So the aim is to have a global variable ($logfail) to be set it the username/password doesn't exist then redirect to the login page and an error message will be displayed through the if statement checking is $logfail is true... but I'm doing something wrong because it's not working.... Any pointers or solutions would be helpful.

    login.php:
    Code PHP:
    <?php include("variables.php"); ?>
<html>
<head></head>
<body>
<?php 
session_start(); 
function check_logged(){ 
     global $_SESSION, $USERS; 
     if (!array_key_exists($_SESSION["logged"],$USERS)) { 
          header("Location: /index.php"); 
     }; 
}; 
 
if ($_POST["portal"]=="log") { 
     if ($USERS[$_POST["logn"]]==$_POST["pswd"]) { 
          $_SESSION["logged"]=$_POST["logn"]; 
     } else { 
          echo 'Incorrect username/password. Please, try again.'; 
     }; 
}; 
if (array_key_exists($_SESSION["logged"],$USERS)) { 
    header("Location: statelist.php");
} else {
    global $logfail;
    $logfail = true;
    check_logged();
}; 
?>
...

    variables.php:
    Code PHP:
    <?php
$logfail;
?>

    index.php:
    Code PHP:
    <?php include("php/variables.php"); ?>
<html>
<head></head>
<body>
.......
<?php
global $logfail;
if ($logfail) {
    ?>
    <p class="logFail red">Incorrect username/password combination...</p>
    <?php 
};
?>
......
    Reply With Quote Reply With Quote
  2. Feb 17, 2012 13:01 #2
    ServerStorm
    ServerStorm is offline
    Foozle Reducer ServerStorm's Avatar
    Join Date
    Feb 2005
    Location
    Burlington, Canada
    Posts
    2,612
    Mentioned
    83 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by Angrypoonani View Post
    Now I'm pretty new to PHP and server scripting so I could be having a problem with some no brainer rules or simple syntax but I can't get this code to work...
    @Angrypoonani

    You first do not need to set the $_SESSION as global; it is a super global already and can be accessed at any time.

    The
    PHP Code:
     header("Location: /index.php"); 
    will not work as all header commands must be output before any other output. In your example the HTML and BODY tags will have already output so the header redirect will not work and should throw a warning.

    You should do a 'Not logged In' check at the very top of your php page. make sure that you do not have any whitespace or anything output before you issue the header redirect.

    I also wonder where you are storing your password. You should never store just a clear text password in a file or a database record instead HASH and SALT the stored password and then verify when the user enters their username, and password that you run the HASH with the same SALT to verify that they match otherwise you redirect.

    Your use of globals is worrisome.

    Regards,
    Steve
    :@SitePoint
    Find out all things Hosting.
    Get Sitepoint's free hosting documentation here
    Question? Servers, Virtualization, Apache, IIS, Rewriting.

    ictus==""
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules