Blank Error

budder

My php host site is runing php 4.4.4 and that is a problem because when i run the script in wamp on localhost there is no problem. But When I got it on the php host, problems popped up. I know there is alot of new function in php 5.02 >
but i don't think that is the problem, or is it?
functions.inc.php

<?php
function redirect($page) {
	header('Location: ' . $page);
	exit();
}

function check_login_status() {
	// If $_SESSION['logged_in'] is set, return the status
	if (isset($_SESSION['logged_in'])) {
		return $_SESSION['logged_in'];
	}
	return false;
}
?>

login.inc.php

<?php
require_once('config.inc.php');
require_once('functions.inc.php');
session_start();

// Check if user is already logged in
if ($_SESSION['logged_in'] == true) {
	// If user is already logged in, redirect to main page
	redirect('../index.php');
} else {
	// Make sure that user submitted a username/password and username only consists of alphanumeric chars
	if ( (!isset($_POST['username'])) || (!isset($_POST['password'])) OR
	     (!ctype_alnum($_POST['username'])) ) {
		redirect('../login.php');
	}

// Connect to database
$mysqli = @new mysqli(DB_HOSTNAME, DB_USERNAME, DB_PASSWORD, DB_DATABASE);

// Check connection
if (mysqli_connect_errno()) {
	printf("Unable to connect to database: %s", mysqli_connect_error());
	exit();
}

// Escape any unsafe characters before querying database
$username = $mysqli->real_escape_string($_POST['username']);
$password = $mysqli->real_escape_string($_POST['password']);

// Construct SQL statement for query & execute
$sql	= "SELECT * FROM users WHERE username = '" . $username . "' AND password = '" . md5($password) . "'";
$result = $mysqli->query($sql);

// If one row is returned, username and password are valid
if (is_object($result) && $result->num_rows == 1) {
	// Set session variable for login status to true
	$_SESSION['logged_in'] = true;
	redirect('../index.php');
} else {
	// If number of rows returned is not one, redirect back to login screen
	redirect('../login.php');
}
}
?>

First there where no errors when i tried loggin in but after hitting enter it just the blank login.inc.php I get. Then I tried an easy error handling:

function customError($errno, $errstr)
  {
  echo "<b>Error:</b> [$errno] $errstr";
  }

set_error_handler("customError");

at the top of my login.inc.php (After requiere and session_start()😉
Now i got something. There is and undefined index: logged_in. Aha!

So scripts is making an error because i have'nt defined the session and therefore it is returning NULL session.

Then i tried session_is_registred(logged_in) strangly the error messeage disapered but I still get the blank login.inc.php and I am getting pretty blank.

So if there is anyone who can help me out with this problem i will be very greatful.

//Budder

bradgrafelman

budder wrote:
My php host site is runing php 4.4.4 and that is a problem because when i run the script in wamp on localhost there is no problem.

It's more of a problem than that... PHP 4 hasn't been updated since August 7th, 2008. The PHP version your host is running was released on August 17th, 2006 - just shy of 4 years ago - that's 4 years of enhancements, security patches, etc. etc.

The first thing I suggest you do is ditch your incompetent host and find at least a halfway decent one (there's plenty to choose from, anyway).

ixalmida

Just running down your code and checking functions versus supported versions, I found that mysqli_connect_errno() is not supported until PHP 5. That's as far as I went but I suggest that you check every function's minimum version before you use it.

http://php.net/manual/en/mysqli.connect-errno.php

Weedpacket

There have been many more changes to PHP since 4.x than just "many more functions". Whole extensions have been added (including, as ixalmida has observed, the mysqli extension you're relying on); there have been changes to the infrastructure; changes to the semantics of object parameters; and syntax changes both minor and paradigmatic.

A raw list is in the [man]changelog[/man], and practical coverage is spread across Appendices 2 through 5. All current documentation in the manual is for PHP5, except where otherwise stated.

PHP5 is for the most part backwards-compatible with PHP4 (Appendix 5 of the manual notwithstanding). But forwards compatibility has not been a priority. In fact, a change in major version number is a good sign that code written for the later version (e.g., 5.x) shouldn't be expected to work under the earlier version (4.x).

ixalmida

I misused the word "function" but I was in a hurry and not thinking critically. Thanks to Weed for the correction.