/    Sign up×
Community /Pin to ProfileBookmark

login problem-session varaibles under register global on

Copy linkTweet thisAlerts:
Feb 02.2006

the register_globals is on state.so we are using post.it doesn’t support $_SESSION in this domain why? &
showing error in this line statement: why its working fine in localhost.but when i working in differnet domain it doesn’t

$username=mysql_result($result,0,”emailid”);
$password=mysql_result($result,0,”password”);

can any one help to fix this. this is code.

[code=php]<?
session_cache_limiter(‘must-revalidate’);
session_start();
session_register(“session”);
?>
<?
//if((isset($_POST[‘username’]))&&(isset($_POST[‘password’])))
//{
//echo $_POST[‘username’].$_POST[‘password’];
//$uname=$_POST[‘username’];
//$pass=$_POST[‘password’];
//echo $uname;
//}
//else
//{
//$uname=””;
//}
//if(isset($_POST[‘password’]))
//{
//$pass=$_POST[‘password’];
//echo $uname.$pass;
//}
//else
//{
//$pass=””;
//}

include(“include.php”);

$query=”select * from admin where emailid=’$uname’ and password=’$pass'”;
$result=mysql_query($query);
$numrows=mysql_num_rows($result);

$username=mysql_result($result,0,”emailid”);
$password=mysql_result($result,0,”password”);
//$department=mysql_result($result,0,”department”);
//$session[‘usernam’]=$username;
//$session[‘passwrd’]=$password;

if($numrows>0)
{
header(“Location:adminhome.php”);
}
else
{
header(“Location:adminlogin.php”);
}
?>[/code]

to post a comment
PHP

4 Comments(s)

Copy linkTweet thisAlerts:
@moiseszaragozaFeb 04.2006 — This is the code I use to validate my users


CAll the file

[CODE]<?php require_once('../Connections/aotARTIST.php'); ?>[/CODE]

the Code
[CODE]

<?php
session_start();
$MM_authorizedUsers = "Yes";
$MM_donotCheckaccess = "false";

// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;

// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if (($strUsers == "") && false) {
$isValid = true;
}
}
return $isValid;
}

$MM_restrictGoTo = "http://www.artofthetime.com/aadminLogin.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {

$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
}
?>



[/CODE]
Copy linkTweet thisAlerts:
@patsauthorFeb 04.2006 — I dont understand this code . what this code for ? what actually the code is doing ?

My problem when i pulled the phpinfo of both domain. i came to know that

Working domain setup - session.save_path is /tmp

NOT Working domain setup - session.save_path is /var/session

Does this may be problem in login issue becos it loads the login page again & again.?

help me to fix this
Copy linkTweet thisAlerts:
@moiseszaragozaFeb 04.2006 — Ok I wrote a simple script for you

What I'm doing is I'm checking the database for the Username

[CODE]

<?php
$colname_Recordset1 = "1";
if (isset($_GET['UserName'])) {
$colname_Recordset1 = (get_magic_quotes_gpc()) ? $_GET['UserName'] : addslashes($_GET['UserName']);
}
mysql_select_db($database_DinamicPortfolio, $DinamicPortfolio);
$query_Recordset1 = sprintf("SELECT * FROM Users WHERE UserName = '%s'", $colname_Recordset1);
$Recordset1 = mysql_query($query_Recordset1, $DinamicPortfolio) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>



[/CODE]



that will retern only the recod that has the same user name

[CODE]

<?php
$un=$_POST['UserName'];
$psw=$_POST['password'];

if($un==$row_Recordset1['UserName']){
if($psw==$row_Recordset1['UserPsw']){
header("Location:adminhome.php");
}else{
header("Location:adminlogin.php");
}
}else{
header("Location:adminlogin.php");
}


?>

[/CODE]
Copy linkTweet thisAlerts:
@NogDogFeb 04.2006 — register_globals being on does not inhibit you from using $_SESSION (or $_POST, etc.). If register_globals is off, then you [i]are[/i] inhibited from using the $_SESSION array key as a variable; i.e.: you must use $_SESSION['name'], not $name, while you could use either if register_globals were on.
×

Success!

Help @pats spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.7,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...