Netscape php/mysql authentication

Anon

Hi,
This code works great in ie. In Netscape it reloads the login page. It does not send the user to https://oursite.com/members.htm (debug says the form was validated)

Any help would be great.
George

<?php

PAGE INITIALIZATION

require("clients.inc.php"); # client variables
session_start();
$current_page = str_replace('/', "", $HTTP_SERVER_VARS["PHP_SELF"]);
session_register("client_id");

DEBUGGING (set value to 1 to turn on)

$debug = 0;
$debug2 = 0;

INCLUDE FILES

if ( !$ISLOADED_forms ) {
$ISLOADED_forms = 1;
include("include_form.inc.php"); # basic HTML form functions
}
if ( !$ISLOADED_database ) {
$ISLOADED_database = 1;
include("our_database.inc.php");
}

if ($debug) {
$temp = session_id();
echo "Session ID: $temp ";
}

if ($debug) {
echo "Current Page: $current_page ";
echo '$current_page array variables: ';
if ( is_array(${$current_page}) ) {
while ( list($key, $val) = each(${$current_page}) ) {
echo "form field = $key value = |$val| ";
}
}
}

function validate_form_fields() {

USAGE NOTES:

-- function returns 1 if all validation rules are met

-- returns 0 if any validation rules fail

-- in the case of a validation failure, a global variable

is created using naming '<field name>-error' and set

global $debug;
if ( $debug ) { echo "<BR>Debug set at: $debug<BR>"; }
global $current_page;
global ${$current_page};
global $stringUserName_error;
global $stringPassword_error;
global $client_id;
    reset(${$current_page}); 
# check each of the current pages form fields for problems
$db_pw = "";
while ( list($key, $val) = each(${$current_page}) ) {
	if ( $debug) { echo "<BR>Checking KEY: $key<BR>"; }
	switch ( $key ) {

		case "stringUserName":
			#check against database to make sure unique
			$db_our = new DB_our;
			$query = sprintf("select * from system_info where subdomain = '%s';", $val);
			$result = $db_our->query($query);
			$num_rows = 0;
			$num_rows = $db_our->num_rows();
			if ($num_rows) {
				while ( $db_our->next_record() ) {
					$db_pw = $db_our->f("password");
					$customer_id = $db_our->f("client_id");
				}
				$stringUserName_error = 0;
				if ( $debug ) { echo "<BR>$num_rows FOUND<BR>"; }
			}
			elseif ( !$num_rows ) {
				$stringUserName_error = 1;
				if ( $debug ) { echo "<BR>no rows: $num_rows FOUND<BR>"; }
			}
			elseif ( !$val ) {
				$stringUserName_error = 1;
				if ( $debug ) { echo "<BR>username value blank<BR>"; }
			}
			else {
				# reset any prior error flags if there are
				#  no problems with this field now
				if ( $debug ) { echo "<BR>no problems with username<BR>"; }
				$stringUserName_error = 0;
			}
			break;
		case "stringPassword":
			if ( $debug ) { echo "<BR>val: |$val|   db_pw: |$db_pw|<BR>"; }
			if ( !$val ) { 
				if ( $debug ) { echo "<BR>password was blank  <BR>"; }
				$stringPassword_error = 1;
			}
			elseif ( strcasecmp($val,$db_pw) ) {  
				if ( $debug ) { echo "<BR>password comparison error<BR>"; }
				$stringPassword_error = 1;
			}
			else {
				# reset any prior error flags if there are
				#  no problems with this field now
				if ( $debug ) { echo "<BR>no problems with password<BR>"; }
				$stringPassword_error = 0;
			}	
			break;
	}
}
#return $validation_status;  

# do a quick check to make sure the customer's account is still active
$testStatus = new Client();
$testStatus->setClientID($client_id);
$testStatus->PullClientInformation();
if ( !strcmp($testStatus->getStatus(), "inactive") ) {
	global $stringAccountInactive;
	$stringAccountInactive = 1;
	return 0;
}

if ( $debug ) { echo "<BR>stringUserName_error is: $stringUserName_error<BR>stringPassword_error is: $stringPassword_error<BR>"; }
if ( $stringUserName_error || $stringPassword_error ) {
	return 0;
}
else {
	return 1;
}

} # end of business rules

CHECK FORM POST

if ( is_array(${$current_page}) ) { # if the current_page array exists, form

has been submitted

$validated = 0;
$validated = validate_form_fields();
if ( $debug ) { echo " validated came back: $validated "; }
if ($validated) {

do any final processing of the data then redirect to next page

if ($debug2) {
echo "LOGIN VALIDATED: when debug is turned off user would be redirected to members page ";
}
else {

set authentication status to TRUE

session_register("authenticated");
session_register("authenticated_expire");
$authenticated = 1;
$authenticated_expire = time() + (60 * 15); # set login timeout to 15 minutes from now

                    # log customer access to database
                    $db_our2 = new DB_our;
                    $query2 = sprintf("insert into client_logins (client_id) values ('%s');",
				addslashes($client_id) );
                    $result2 = $db_our->query($query2);

		header("Location: https://oursite.com/members.htm");  # NOTE: They are logging in from https://oursite.com/index.htm
	}
}
else {
		session_register("authenticated");
		$authenticated = 0;
	if ($debug2) {
	echo "<STRONG>LOGIN NOT VALIDATED</STRONG>: Error field is indicated in list below<BR><BR>";
	# do anything special with errors and display page
	echo "stringUserName_error = |" . $stringUserName_error . "|<BR>";
	echo "stringPassword_error = |" . $stringPassword_error . "|<BR>";
	}
}

}
else {
if ($debug) echo " PAGE FORM HAS NOT BEEN SUBMITTED YET ";
}

HEADER MODIFICATIONS turn off browser caching of pages -- required to fix IE caching options in particular

header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache");
header("Cache-Control: post-check=0, pre-check=0");
header("Pragma: no-cache");

html ---

Thanks,
George

Anon

I am having a similar problem- has any made this sort of processing work with Netscape ??

blakey

Did you guys ever work this out?

Mike Carey wrote:

I am having a similar problem- has any made this sort of processing work with Netscape ??

Anon

We do not test any applications against netscape any more. Its just to expensive.

.. sorry netscape, I understand what happened to you, but your product is the worst ever. no - its horrific.