please help with small php problem

Urbicek

Hello guys,
I have troubles with one small php script and writter of this script told me that its problem with Session config on the server but not exactly what to change...🙁 I have here this confing but I dont know whats wrong 🙁 http://webmasterland.com/showphp.php

So the problem is, that when I try to login (password is "pass") at http://www.webmasterland.com/click/admin.php it dont log me in (pass is valid of course).

here is the logging part of this admin.php

// Administrator Login

function login() {
global $HTTP_POST_VARS, $sPassword;//, $HTTP_SESSION_VARS;

if(isset($HTTP_POST_VARS["pass"])) $pass = $HTTP_POST_VARS["pass"];

if(isset($pass) && ($pass == $sPassword)) {
// $HTTP_SESSION_VARS["log"] = 1;
$SESSION['log'] = 1;
$log = 1;
session_register('log');
Header("Location: admin.php");
}
else if(isset($pass)) {
$warning = "<br><font color=#ff0000>".WRONGPASS."</font>";
}

if(!isset($warning)) $warning = "";

head();

Thanks for any help 🙂

leetcrew

there's a problem on your form

<input type="submit" value="Login" class=button>

it should be

<input name="some_action"  type="submit" value="Login" class=button>

then add this on your code


if ( $HTTP_POST_VARS['some_action'] == "Login" )
{
        //TODO: insert more codes here

}

PS: it is not safe to hide your decrypted password on the variables... you may use md5() function

Urbicek

thanks for reply!

so I have edited this login part to :

// Administrator Login

function login() {
global $HTTP_POST_VARS, $sPassword;//, $HTTP_SESSION_VARS;

if(isset($HTTP_POST_VARS["pass"])) $pass = $HTTP_POST_VARS["pass"];
if ( $HTTP_POST_VARS['some_action'] == "Login" )

if(!isset($warning)) $warning = "";

head();
?>

and made replace of <input type="submit" value="Login" class=button> as described... but its still not working 🙁((

help, help... thanks