Hi,
We are using the following to authenticate members on our site. It works great in IE but returns Netscape users to the login page. Any help would be really apreciated.
// login page
<?php
session_start();
$current_page = str_replace('/', "", $HTTP_SERVER_VARS["PHP_SELF"]);
session_register("customer_id");
database code here.. ( works fine )
CHECK FORM POST
if ( is_array(${$current_page}) ) {
$validated = 0;
$validated = validate_form_fields();
if ($validated) {
# set authentication status to TRUE
session_register("authenticated");
session_register("authenticated_expire");
$authenticated = 1;
$authenticated_expire = time() + (60 * 15); # set login timeout to 15 minutes from now
header("Location: https://foo.com/members.htm");
}
}
else {
session_register("authenticated");
$authenticated = 0;
}
?>
//authentication code on members page..
<?php
register session_variables
session_register("authenticated");
session_register("authenticated_expire");
first, see if they have been authenticated; if not, redirect to login
if ( !$authenticated ) {
$authenticated_error = "login_required";
header("Location: https://foo.com/members.htm");
}
ok, they've been authenticated -- now check idle time
if ( time() > $authenticated_expire ) {
they've been idle more than 60 minutes, make them login again
$authenticated = 0;
$authenticated_error = "timeout";
header("Location: https://foo.com/members.htm");
}
else {
update idle timer and reset any authentication error message
$authenticated_expire = time() + (60 * 300);
$authenticated_error = "";
}
?>
thanks again.
