Can ne one find what I have done wrong

Anon

Hello,

I have patched together a script to take care of user auth and login.

However there seems to be something that I have over looked which makes the script buggy. :-(

I have spent hours on this and can not find the problem.
Much obliged if any one of you code gurus could point me in the right direction.

Thanks of your time.

Raghu

<?php
// login.php

session_start(); // starting session
// session variables must be global
global $strName, $strPass;
// registering session variables
session_register("strName");
session_register("strPass");

// check if VAR to store username has been set
if (!isset($strName))
{
// if not, check if he just filled form, but we haven't processed that info yet
global $HTTP_POST_VARS;
if (isset($HTTP_POST_VARS["form_username"]))
{
$strName = $HTTP_POST_VARS["form_username"];
$strPass = $HTTP_POST_VARS["form_password"];

     // HARD CODE: path for the login page set below

      header("Location: http://www.akin.com/dbs/login.php");
      exit;
  }

?>
<form method="post" action="login.php">
Username: <input type="text" name="form_username"><br>
Password: <input type="password" name="form_password"><br>
<input type="submit" value="Submit">
</form>
<?
exit;
}

if (isset($strName))
{

// Read the entire file into the variable $file_contents
$filename = '/home/akin/www/myl/.htpasswd';
// HARD CODE: Above line sets the path and file name of password file.
$fp = fopen( $filename, 'r' );
$file_contents = fread( $fp, filesize( $filename ) );
fclose( $fp );
// Place the individual lines from the file contents into an array.
$lines = explode ( "\n", $file_contents );
// Split each of the lines into a username and a password pair
// and attempt to match them to $strName and $strPass.
foreach ( $lines as $line )
{
list( $username, $password ) = explode( ':', $line );
// check if a match can be found for the entered username
if ( $username == "$strName" )
{
// after uname match now test for password
// Get the salt from $password. It is always the first
// two characters of a DES-encrypted string.
$salt = substr( $password , 0 , 2 );
// Encrypt $strPass based on $salt
$enc_pw = crypt( $strPass, $salt );
if ( $password == "$enc_pw" )
{

		//	HARD CODE: path for the menu page set below

	            header("Location: http://www.akin.com/dbs/nextpage.php");
		}
	}
}

}
else
{
// HARD CODE: path for the login page set below
// else redirect user to login again
header("Location: http://www.akin.com/dbs/login.php");
exit;
}
?>

Anon

What's it doing that's wrong?

Anon

I am using Netscape 4.5 as the browser

When I run the script it first shows form and accepts user name and password.

When I click submit it says "document contains no data"

Thanks for trying to figure out the problem.

Regards,

Raghu

Weedpacket wrote:

What's it doing that's wrong?