Login Again

corruption

My school sucks, the login script i had using sessions won't work on my groups website but it will on my personal website. Apparently register globals is turned off. I need to change this to cookies, is there an easy way to do this?

kellog

Using cookies vs. session to get around register globals being off will yield the same results. The best thing to do is to change every place you reference a session variable to $_SESSION['variable_name']. You do not ever want to have register globals on.

corruption

yes that is how the scripts are written. They work at http://www2.truman.edu/~d1514/Members/login_form.html

test
test

but not at
http://dsp.truman.edu/members/login_form.html

they are the exact same files.
both are passed through checkuser.php and supposed to direct through Header('Location: brothers.php')

I use $_session['username'] and it doesn't work right on the group website. I don't really understand why. If you need some of the source let me know i'll be glad to provide it.

xlordt

Try echoing out the session variables and see what you get on your submittion

corruption

ok did that and it doesn't pass the $SESSION variables through to anything. The header won't send it in to a page called logintest.php and it won't echo anything when the page login.php which is just modified from login_form.html to include

echo $_SESSION['lname'];  

echo $_SESSION['fname'];   

echo $_SESSION['username'];

although my website the one with d1514 it says welcome $_SESSION['fname'] and presents you with the first name of the user.

So then i guess the conclusion is that the problem is in connecting to the database?

or as i mentioned before register_globals are off on the server is that the problem?

http://dsp.truman.edu/dspphpinfo.php

kellog

First make sure that session is working on that server. Make a page with:

session_start();
session_register("test");

$_session['test'] = "testing";

echo $_session['test'];

If that works, then the problem must be where your grabing data and setting the session variables.

corruption

That problem is fixed, now i'm setting up a membership database. Here are the two files that i have... the actual page is at
http://www2.truman.edu/~d1514/Members/profile.php

it should make you login first use test:test
the script to put the data in the databse brothers looks like the attached file
<?
include 'db.php';
// Define post fields into simple variables
$fname = $POST['fname'];
$lname = $POST['lname'];
$IN = $POST['IN'];
$major = $POST['major'];
$year = $POST['year'];
$email = $POST['email'];
$address1 = $POST['address1'];
$address2 = $POST['address2'];
$phone = $POST['phone'];
$big = $POST['big'];
$little = $POST['little'];
$birthdate = $POST['birthdate'];
$pledge = $_POST['pledge'];

/ Let's strip some slashes in case the user enteredany escaped characters. /

$fname = stripslashes($fname);
$lname = stripslashes($lname);
$email = stripslashes($email);
$username = stripslashes($birthdate);

/ Do some error checking on the form posted fields /
if((!$fname) || (!$lname) || (!$email) || (!$address1) || (!$birthdate) || (!$IN))
{ echo 'You did not submit the following required information! ';
if(!$fname){
echo "First Name is a required field. Please enter it below. "; }
if(!$lname){
echo "Last Name is a required field. Please enter it below. "; }
if(!$email){
echo "Email Address is a required field. Please enter it below. "; }
if(!$address1){
echo "Address is a required field. Please enter it below. "; }
if(!$birthdate){
echo "Birthdate is a required field. Please enter it below. "; } }
if(!$IN){
echo "IN number is a required field. Please enter it below. "; }
include 'profile.php';
// Show the form again!
/ End the error checking and if everything is ok, we'll move on to creating the user account /
exit();
// if the error checking has failed, we'll exit the script!
}
/ Let's do some checking and ensure that the user's email address or username does not exist in the database /

$sql_email_check = mysql_query("SELECT email FROM brothers WHERE email='$email'");
$sql_IN_check = mysql_query("SELECT IN FROM brothers WHERE IN='$IN'");

$email_check = mysql_num_rows($sql_email_check);
$IN_check = mysql_num_rows($sql_IN_check);

if(($email_check > 0) || ($IN_check > 0)){
echo "Please fix the following errors: ";
if($email_check > 0){
echo "Your email address has already been used by another member in our database.
Please submit a different Email address! ";
unset($email); }
if($IN_check > 0){
echo "The IN number you have selected has already been used by another member in our database.
Please choose a different Username! ";
unset($IN); }
include 'profile.php';
// Show the form again!
exit();
// exit the script so that we do not create this account!
}
/ Everything has passed both error checks that we have done.It's time to create the account! /
// Enter info into the Database.
$sql = mysql_query("INSERT INTO brothers (fname, lname, IN, email, address1, address2, phone, big, little, birthdate, pledge )
VALUES('$fname', '$lname', '$IN', '$email', '$address1', '$address2', '$phone', '$big'. '$little', '$birthdate', '$pledge')"
) or die (mysql_error(can not connect to the database)));
if(!$sql)
{ echo 'There has been an error creating your account. Please contact the webmaster.';}
else {
$userid = mysql_insert_id();
?>

Sorry this is so long but i couldn't figure out how to take an image of the screen. Thanks for all the help so far for some reason this doesn't put the information in the database.