Passing session and HTTP authentication..?? Error. why?

Hitoshi

Ok here's my code

<?php 



$authorized = FALSE;  


if ( (isset($_SERVER['PHP_AUTH_USER']) AND isset($_SERVER['PHP_AUTH_PW'])) ) {



define ('username', 'hitoshi_admin');

define ('password', '*****');

define ('localhost', 'localhost');

define ('sitename', 'www.PSOrevolution.com');



$dbc = @mysql_connect (localhost, hitoshi_admin, *****) OR die ('Could not connect to MySQL: ' . mysql_error() );

mysql_select_db (hitoshi_web) OR die ('Could not select the database: ' . mysql_error() );


$query = "SELECT first_name FROM users WHERE username='{$_SERVER['PHP_AUTH_USER']}' and password=PASSWORD('{$_SERVER['PHP_AUTH_PW']}')";

$result = mysql_query ($query);
	$row = @mysql_fetch_array ($result);


if ($row) { $authorized = TRUE;
	}	
}


if (!$authorized) {

header('WWW-Authenticate: Basic realm="Log in to experiance PSO Revolution, where two worlds collide!"');

header('HTTP/1.0 401 Unauthorized');
echo '
<html> 
<head> 
<title>Signup Form</title> 
</head> 
<body> 
<form name=form1 method=post action=register.php> 
<table width=100% border=0 cellpadding=4 cellspacing=0> 
<tr> 
<td width=24% align=left valign=top>First Name</td> 
<td width=76%><input name=first_name type=text id=first_name2></td> 
</tr> 
<tr> 
<td align=left valign=top>Last Name</td> 
<td><input name=last_name type=text id=last_name></td> 
</tr> 
<tr> 
<td align=left valign=top>Email Address</td> 
<td><input name=email_address type=text id=email_address></td> 
</tr> 
<tr> 
<td align=left valign=top>Desired Username</td> 
<td><input name=username type=text id=username></td> 
</tr> 
<tr> 
<td align=left valign=top>Information about you:</td> 
<td><textarea name=info id=info></textarea></td> </tr> 
<tr> 
<td align=left valign=top>&nbsp;</td> 
<td><input type=submit name=Submit value=Join Now!></td> 
</tr> 
</table> 
</form> 
</body> 
</html> 
';
exit; 

}
?>
<body bgcolor="00000" text="ffffff">
<center>
<font face="arial" size="0">
Welcome,
<?php
echo "{$_SERVER['PHP_AUTH_USER']}";
?><br>
Authenticated!<br>
Please proceed, <a href="login_success.php">to the members section.</a>
</center>

This logs the user in.. but when I go to the next page, it appears like it never even logged in.. Here's the next page (login_success.php) :

<? 

session_start(); 


include 'mysql_connect.php'; 


echo "Welcome, ". $_SESSION['username'] ." "; 

echo "<h3><b>News</b></h3>"; 
include 'news.php'; 

echo "<h3><b>Admin:</b></h3>"; 
include 'admin.php';  


if ($_SESSION['username'] == "Hitoshi" ) { 
echo "<li><a href=news.php>News</a>"; 
} 
if ($_SESSION['username'] == "Hitoshi" ) { 
echo "<li><a href=admin.php>Admin</a>"; 
} 

echo "<b><a href=logout.php>Logout</a>"; 
print ""; 
?>

What it does is.. doesnt come up with the username in "WELCOME USERNAME" and doesnt give access

if ($_SESSION['username'] == "Hitoshi" ) { 
echo "<li><a href=news.php>News</a>"; 
} 
if ($_SESSION['username'] == "Hitoshi" ) { 
echo "<li><a href=admin.php>Admin</a>"; 
}

Therefor, it's obvious that the session is not running properly..

Any ideas?
I have been trying to do this login thing for weeks, this is the closest ive got. plz help.. 😕

Natty_Dreadlock

the first page doesn't start the session nor does it set any $_SESSION variable ... It cannot work, coz the session is empty... or did u leave out some pieces of your code??
hth

Hitoshi

PLEASE can someone help me with this problem!! 🙁
I've been trying for ages.. i need to get on with my site, i don't have much time now. I really need help!! comon phpbuilder! u guys are my only hope of ever gettin my site to work. lol

Natty_Dreadlock

just put this on your login page (before the db query):

session_start();

and modify the if-statement (after the db-query):

if ($row) 
{ 
$authorized = TRUE; 
$_SESSION['username'] =  $_SERVER['PHP_AUTH_USER'];
}

This should solve your problem
hth & cu

Hitoshi

I keep on ending up with this error on the first page? 😕
Parse error: parse error in /home/hitoshi/public_html/login.php on line 96

Natty_Dreadlock

so pls post the code of line 96... maybe you r missing a ; or } ?

Hitoshi

I have no idea which line is 96 🙁
Here's my code.. can u spot any obvious mistakes??😕

<?php  



$authorized = FALSE;   


if ( (isset($_SERVER['PHP_AUTH_USER']) AND isset($_SERVER['PHP_AUTH_PW'])) ) { 



define ('username', 'hitoshi_admin'); 

define ('password', '****'); 

define ('localhost', 'localhost'); 

define ('sitename', 'www.PSOrevolution.com'); 



$dbc = @mysql_connect (localhost, hitoshi_admin, ****) OR die ('Could not connect to MySQL: ' . mysql_error() ); 

mysql_select_db (hitoshi_web) OR die ('Could not select the database: ' . mysql_error() ); 

session_start();

$query = "SELECT first_name FROM users WHERE username='{$_SERVER['PHP_AUTH_USER']}' and password=PASSWORD('{$_SERVER['PHP_AUTH_PW']}')"; 

$result = mysql_query ($query); 
    $row = @mysql_fetch_array ($result); 


if ($row)  

{  

$authorized = TRUE;  

$_SESSION['username'] =  $_SERVER['PHP_AUTH_USER']; 
}



if (!$authorized) { 

header('WWW-Authenticate: Basic realm="Log in to experiance PSO Revolution, where two worlds collide!"'); 

header('HTTP/1.0 401 Unauthorized'); 
echo ' 
<html> 
<head> 
<title>Signup Form</title> 
</head> 
<body> 
<form name=form1 method=post action=register.php> 
<table width=100% border=0 cellpadding=4 cellspacing=0> 
<tr> 
<td width=24% align=left valign=top>First Name</td> 
<td width=76%><input name=first_name type=text id=first_name2></td> 
</tr> 
<tr> 
<td align=left valign=top>Last Name</td> 
<td><input name=last_name type=text id=last_name></td> 
</tr> 
<tr> 
<td align=left valign=top>Email Address</td> 
<td><input name=email_address type=text id=email_address></td> 
</tr> 
<tr> 
<td align=left valign=top>Desired Username</td> 
<td><input name=username type=text id=username></td> 
</tr> 
<tr> 
<td align=left valign=top>Information about you:</td> 
<td><textarea name=info id=info></textarea></td> </tr> 
<tr> 
<td align=left valign=top>&nbsp;</td> 
<td><input type=submit name=Submit value=Join Now!></td> 
</tr> 
</table> 
</form> 
</body> 
</html> 
'; 
exit;  

} 
?> 
<body bgcolor="00000" text="ffffff"> 
<center> 
<font face="arial" size="0"> 
Welcome, 
<?php 
echo "{$_SERVER['PHP_AUTH_USER']}"; 
?><br> 
Authenticated!<br> 
Please proceed, <a href="login_success.php">to the members section.</a> 
</center>

Natty_Dreadlock

u r missing another } aftre the if-statement u just changed

Hitoshi

Parse error: parse error in /home/hitoshi/public_html/login.php on line 22

 <?php   



$authorized = FALSE;    


if ( (isset($_SERVER['PHP_AUTH_USER']) AND 

isset($_SERVER['PHP_AUTH_PW'])) ) {  



define ('username', 'hitoshi_admin');  

define ('password', '****');  

define ('localhost', 'localhost');  

define ('sitename', 'www.PSOrevolution.com');  



$dbc = @mysql_connect (localhost, hitoshi_admin, ****) OR die 

('Could not connect to MySQL: ' . mysql_error() );  

mysql_select_db (hitoshi_web) OR die ('Could not select the 

database: ' . mysql_error() );  

session_start(); 

$query = "SELECT first_name FROM users WHERE 

username='{$_SERVER['PHP_AUTH_USER']}' and 

password=PASSWORD('{$_SERVER['PHP_AUTH_PW']}')";  

$result = mysql_query ($query);  

    $row = @mysql_fetch_array ($result);  


if ($row)   

{   

$authorized = TRUE;
$_SESSION['username'] =  $_SERVER['PHP_AUTH_USER'];  

} 
}


if (!$authorized) {  

header('WWW-Authenticate: Basic realm="Log in to experiance PSO 

Revolution, where two worlds collide!"');  

header('HTTP/1.0 401 Unauthorized');  

echo ' 
<html> 
<head> 
<title>Signup Form</title> 
</head> 
<body> 
<form name=form1 method=post action=register.php> 
<table width=100% border=0 cellpadding=4 cellspacing=0> 
<tr> 
<td width=24% align=left valign=top>First Name</td> 
<td width=76%><input name=first_name type=text 

id=first_name2></td> 
</tr> 
<tr> 
<td align=left valign=top>Last Name</td> 
<td><input name=last_name type=text id=last_name></td> 
</tr> 
<tr> 
<td align=left valign=top>Email Address</td> 
<td><input name=email_address type=text id=email_address></td> 
</tr> 
<tr> 
<td align=left valign=top>Desired Username</td> 
<td><input name=username type=text id=username></td> 
</tr> 
<tr> 
<td align=left valign=top>Information about you:</td> 
<td><textarea name=info id=info></textarea></td> </tr> 
<tr> 
<td align=left valign=top>&nbsp;</td> 
<td><input type=submit name=Submit value=Join Now!></td> 
</tr> 
</table> 
</form> 
</body> 
</html> 
';  

exit;   

}  

?>  

<body bgcolor="00000" text="ffffff"> 
<center> 
<font face="arial" size="0"> 
Welcome, 
<?php  

echo "{$_SERVER['PHP_AUTH_USER']}";  

?><br> 
Authenticated!<br> 
Please proceed, <a href="login_success.php">to the members 

section.</a> 
</center>

????

Hitoshi

ok.. i fixed the error but now.. i still get the same problem as before ur help. I get nothin that is supposed to happen upon logging in.

Natty_Dreadlock

put var_dump($row) before the if-statement with $row and see whether the row contains any data. Another possible problem: which php version r u usin??

Hitoshi

How do I know if $row contains any data?? there is nothing called row on my table if thats what u mean ???

I have no idea which php version im using.

Natty_Dreadlock

there's this mysql call in your code:

$row = @mysql_fetch_array ($result);

and after this, u put

var_dump($row);

to get your php version, create a php page containing only one line: <?php phpinfo();?> and u'll get the version (and a lot more) of php when u open the page in your browser.
hth