Wild Guess Theory
[These are assuming that the normal attempts to debug have failed]
One of the problems with header("Location: ") in conjuction with
session_start() is this:
The browser is sent 2 things as a result of these calls:
1. An HTTP response code involving a 302 and a new URL
2. A Cookie to store
*Some* browsers will see #1 and act upon it immediately, before
actually looking at the Cookie.
Poof!
Your cookie is ignored.
It's possible that you've been testing with a browser bug, rather than
a change in the site itself.
The more likely scenarios, of course, are that the session directory
is not writable, or the browser is not accepting cookies.
I think we can rule out a parallel MySQL upgrade with different
'password' implementations in your case, but if somebody else finds
this thread, I just mentioned it. :-)
On Wed, August 9, 2006 7:55 am, blackwater dev wrote:
> Hello,
>
> I have a site that was coded a while ago. I was just told that the
> admin
> side no longer works. I looked and the host recently put php 4.4.2 on
> the
> site. I have tried a few things but nothing seems to work. The
> problem is
> once you log in the admin page always kicks you back, doesn't see the
> session vars. What could be wrong? Here is the code:
>
> <?php require_once('Connections/db.php'); ?>
> <? if (isset($_POST["uname"])){
> $uname=$_POST["uname"];
> $pword=md5($_POST["pword"]);
> $SQL="select * from users where admin=1 and pword='$pword' and
> uname='$uname'";
> mysql_select_db($database, $wards);
> $Result1 = mysql_query($SQL, $wards) or die(mysql_error());
> $affected_rows = mysql_num_rows($Result1);
> if ($affected_rows>0){
> session_start();
> $_SESSION['wardadmin']="yes";
> header("location: admin.php");
> }
> else {$bad="Incorrect username and Password";}
> }
>
> I can echo out the session here and see yes, but I have this code in
> admin.php
>
> <?
> session_start();
> if ($_SESSION['wardadmin']!="yes") { header("location: login.php");
> exit;
> }
> ?>
>
> Thanks!
>
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
