Hello..
I have the latest PHP on IIS 5.1 on a windows XP pro sp1.
I download a login script from a page, but when i try to run it i get this error:
Notice: Undefined index: QUERY_STRING in c:/web/test.php on line 16
I have register_globals = Off, but i read that $_SEVER is a superglobal or something like that so this code should work, why it doesnt?? please help!!
<?
session_start(); // start session.
?>
<!-- header tags, edit to match your own, or include template header file. -->
<html>
<head>
<title>Login</title>
<head>
<body>
<?
if(!isset($username) | !isset($password)) {
// escape from php mode.
?>
<form action="<?=$_SERVER["PHP_SELF"]?><?if($_SERVER['QUERY_STRING']){ echo"?". $_SERVER['QUERY_STRING'];}?>" method="POST">
<p align="center">Members only. Please login to access this document.</p>
<table align="center" border="0">
<tr>
<th>
Usuario:
</th>
<th>
<input type="text" name="username">
</th>
</tr>
<tr>
<th>
Password:
</th>
<th>
<input type="password" name="password">
</th>
</tr>
<tr>
<th colspan="2" align="right">
<input type="submit" value="Login">
</form>
</th>
</tr>
</table>
</body>
</html>
<?
exit();
}
// If all is well so far.
session_register("username");
session_register("password"); // register username and password as session variables.
// Here you would check the supplied username and password against your database to see if they exist.
// For example, a MySQL Query, your method may differ.
$db = mysql_connect("localhost", "root");
mysql_select_db("users",$db);
$sql = mysql_query("SELECT * FROM users WHERE usuario = '$username' AND password = '$password'");
$fetch_em = mysql_fetch_array($sql);
$numrows = mysql_num_rows($sql);
if($numrows != "0") {
$valid_user = 1;
}
else {
$valid_user = 0;
}
// If the username exists and pass is correct, don't pop up the login code again.
// If info can't be found or verified....
if (!($valid_user))
{
session_unset(); // Unset session variables.
session_destroy(); // End Session we created earlier.
// escape from php mode.
?>
<form action="<?=$_SERVER["PHP_SELF"]?><?if($_SERVER['QUERY_STRING']){ echo"?". $_SERVER['QUERY_STRING'];}?>" method="POST">
<p align="center">Incorrect login information, please try again. You must login to access this document.</p>
<table align="center" border="0">
<tr>
<th>
Username:
</th>
<th>
<input type="text" name="username">
</th>
</tr>
<tr>
<th>
Password:
</th>
<th>
<input type="password" name="password">
</th>
</tr>
<tr>
<th colspan="2" align="right">
<input type="submit" value="Login">
</form>
</th>
</tr>
</table>
</body>
</html>
<?
exit();
}
?>
Thanks, I hope anyone can give me a hand.
RQ
