Per request, here are the two other source files that get executed prior to
the invocation of validate_member_login.php, index.php and init.php.
But first, here's a simple restatement of the problem:
(1) Direct the browser to open index.php
(2) init.php is included by index.php.
(3) index.php dispatches user to member_login.htm. User fills in username
and password fields and then presses the submit button.
(4) <form action="validate_member_login.php" .../> is invoked.
(5) The source code of validate_member_login.php is displayed in the browser
rather then being executed.
However, when the invocation sequence is:
(1) Direct the browser directly to member_login.htm and fill in the username
and password fields.
(2) Press submit.
(3) validate_member_login.php is executed properly.
Here's index.php. Its purpose is to check the session variables to
determine whether the user is logged in. If not, the user is dispatched to
member_login.php via redirct using header().
Now, here are the two php files of interest, index.php and init.php. First,
index.php,
<?php
include_once( 'init.php' );
/**
* If member is already logged in, his/her username and password values will
be available to us.
*/
if( isset( $HTTP_SESSION_VARS['session_id'] ) && isset(
$HTTP_SESSION_VARS['username'] ) )
{
$session_id = $HTTP_SESSION_VARS['session_id'];
$username = $HTTP_SESSION_VARS['username'];
$result = authenticate_session( $username, $session_id );
if( $result != SUCCESS )
{
if( $result == MEMBER_NOT_REGISTERED ) {
header( 'Location: '.MEMBER_REGISTRATION_PAGE );
} else if( $result == PASSWORD_MISMATCH ) {
header( 'Location: '.MEMBER_LOGIN_PAGE );
} else {
die( $result );
}
}
header( 'Location: '.MEMBER_HOME_PAGE );
}
header( 'Location: '.MEMBER_LOGIN_PAGE );
?>
Here is init.php, the file that index.php includes (see above). This file
just sets up the exectution environment.
<?php
session_start();
/**
* init.php
*
* Script that initializes the execution environment.
*/
//
// Check whether this is running on a UNIX or a Windows operating system.
// We need to know this to set the include_path separator character
// character correctly.
//
$isWindows = false;
$pathDelimiter = ':';
$operatingSystem = PHP_OS;
if( strcmp( $operatingSystem, 'WINNT' ) == 0 )
{
$isWindows = true;
$pathDelimiter = ';';
}
// Uncomment and use this symbol when publishing to the internet on
ipowerweb.
// Yields /home/mazamaso/public_html
$WWWROOT = $_SERVER['DOCUMENT_ROOT'];
// Set up the dev directory's environment variables.
$PROJECT_DIR = $WWWROOT.'/northwest_steelheader';
$MEMBERS_DIR = $PROJECT_DIR.'/members';
$SCRIPTS_DIR = $PROJECT_DIR.'/scripts';
$DB_SCRIPTS_DIR = $SCRIPTS_DIR.'/db';
$UTILS_SCRIPTS_DIR = $SCRIPTS_DIR.'/utils';
$SESSION_SCRIPTS_DIR = $SCRIPTS_DIR.'/security';
$GRAPHICS_DIR = $SCRIPTS_DIR.'/jpgraphics';
$MEMBER_HOME_PAGE = $PROJECT_DIR.'/member_homepage.html';
$MEMBER_LOGIN_PAGE = $MEMBERS_DIR.'/member_login.htm';
$MEMBER_REGISTRATION_PAGE = $MEMBERS_DIR.'/member_registration_form.htm';
$MEMBER_LOGOUT_PAGE = $MEMBERS_DIR.'/member_logout.php';
$INCLUDE_PATH =
'.'.$pathDelimiter.$PROJECT_DIR.$pathDelimiter.$DB_SCRIPTS_DIR.$pathDelimite
r.$UTILS_SCRIPTS_DIR.$pathDelimiter.$GRAPHICS_DIR.$pathDelimiter.$SESSION_SC
RIPTS_DIR;
//
// Establish the site's environment variables
//
define( 'PROJECT_DIR', $PROJECT_DIR );
define( 'MEMBERS_DIR', $MEMBERS_DIR );
define( 'SCRIPTS_DIR', $SCRIPTS_DIR );
define( 'DB_DIR', $DB_SCRIPTS_DIR );
define( 'UTILS_DIR', $UTILS_SCRIPTS_DIR );
define( 'SESSION_DIR', $SESSION_SCRIPTS_DIR );
define( 'DEBUG', true );
define( 'MEMBER_HOME_PAGE', $MEMBER_HOME_PAGE );
define( 'MEMBER_LOGIN_PAGE', $MEMBER_LOGIN_PAGE );
define( 'MEMBER_REGISTRATION_PAGE', $MEMBER_REGISTRATION_PAGE );
define( 'MEMBER_LOGOUT_PAGE', $MEMBER_LOGOUT_PAGE );
if( strcmp( $WWWROOT, 'c:/program files/apache group/apache/htdocs' ) == 0 )
{
define( 'DB_NAME', 'wwwwwwww' );
define( 'DB_ADMIN', 'aaaaaaaaa' );
define( 'DB_PASSWORD', 'bbbbbbbbb' );
} else {
define( 'DB_NAME', 'wwwwwwww' );
define( 'DB_ADMIN', 'xxxxxxxx' );
define( 'DB_PASSWORD', 'yyyyyyyy' );
}
ini_set( 'include_path', $INCLUDE_PATH );
ini_set( 'session.save_path', $PROJECT_DIR.'session_stats');
// These are the base includes, i.e., that apply to every php file in the
site
include_once( 'print_utils.php' );
include_once( 'mz_error_handler.php' );
include_once( 'db_utils.php' );
include_once( 'passwords.php' );
include_once( 'date_utils.php' );
include_once( 'session_control_lib.php' );
set_error_handler( 'mz_error_handler' );
assert_options( ASSERT_ACTIVE, TRUE );
assert_options( ASSERT_BAIL, TRUE );
?>
<snip>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
