Still not working ...
Here is some output that shows the session is being registered and the ID is
the same between pages ... but the var $user gets lost.
LOGIN PAGE
-----------
userid h:
session_name(): PHPSESSID
Session ID: f227e539d7b9b8db2c2a2b63dc79c6e2
Session name: PHPSESSID
after succesful LOGIN
------------
userid h: jc
session_name(): PHPSESSID
Session ID: f227e539d7b9b8db2c2a2b63dc79c6e2
Session name: PHPSESSID
You are logged in as: jc
click on HREF linking to same page:
------------
userid h: jc
session_name(): PHPSESSID
Session ID: f227e539d7b9b8db2c2a2b63dc79c6e2
Session name: PHPSESSID
You are logged in as: jc
click on FORM SUBMIT with action loading another page
------------
userid h:
session_name(): PHPSESSID
Session ID: f227e539d7b9b8db2c2a2b63dc79c6e2
Session name: PHPSESSID
You are logged in as:
CONCLUSION
------------
So as you can see the session ID is registered and the same throughout the
two pages. BUT the var $userid loses it value ...
Any suggestions?
Here is some of my code in case it helps. Sorry for the length.
AUTH.php
------------
(all functions are include files)
if (isset($PHPSESSID))
session_start($PHPSESSID);
else
session_start();
$PHPSESSID = session_id();
$SID = "PHPSESSID=$PHPSESSID";
html_header();
if(!isset($userid)) {
login_form();
exit;
}
else {
session_register('userid', 'userpassword');
$username = auth_user($userid, $userpassword);
if(!$username) {
session_unregister("userid");
session_unregister("userpassword");
echo "Authorization failed. " .
"Click on the following link to try again.<BR>\n";
echo "<A HREF=\"$PHP_SELF\">Login</A><BR>";
echo "If you're not a member yet " .
"ask JC to add you to the user database.<BR>\n";
exit;
}
else {
menubar();
switch ($option) {
case("create"):
create_project();
break;
case("show_all"):
show_all_projects();
break;
case("show_mine"):
show_projects($userid);
break;
case("edit"):
edit_project($projectid);
break;
default:
break;
}
}
}
function auth_user($userid, $userpassword) {
global $default_dbname, $user_tablename;
$link_id = db_connect($default_dbname);
$query = "SELECT username FROM $user_tablename
WHERE userid = '$userid'
AND userpassword = password('$userpassword')";
$result = mysql_query($query);
if(!mysql_num_rows($result)) return 0;
else {
$query_data = mysql_fetch_row($result);
return $query_data[0];
}
}
function login_form() {
global $PHP_SELF, $option, $userid;
?>
<HTML>
<HEAD>
<TITLE>Login</TITLE>
</HEAD>
<BODY>
<FORM METHOD="POST" ACTION="<?php echo $PHP_SELF ?>">
<DIV ALIGN="CENTER"><CENTER>
<H3>Please log in to access the page you requested.</H3>
<TABLE BORDER="1" WIDTH="200" CELLPADDING="2">
<TR>
<TH WIDTH="18%" ALIGN="RIGHT" NOWRAP>ID</TH>
<TD WIDTH="82%" NOWRAP>
<INPUT TYPE="TEXT" NAME="userid" SIZE="8">
</TD>
</TR>
<TR>
<TH WIDTH="18%" ALIGN="RIGHT" NOWRAP>Password</TH>
<TD WIDTH="82%" NOWRAP>
<INPUT TYPE="PASSWORD" NAME="userpassword" SIZE="8">
</TD>
</TR>
<TR>
<TD WIDTH="100%" COLSPAN="2" ALIGN="CENTER" NOWRAP>
<INPUT TYPE="SUBMIT" VALUE="LOGIN" NAME="Submit">
</TD>
</TR>
</TABLE>
</CENTER></DIV>
</FORM>
</BODY>
</HTML>
<?
}
----------------
clicking on a project link (HREF) brings up auth.php but with this:
----------------
function edit_project($projectid) {
$link_id = db_connect();
$query = "SELECT * from main_project WHERE projectid='$projectid'";
$result = mysql_query($query, $link_id);
while($data = mysql_fetch_object($result)) {
$title = $data->title;
$desc = $data->description;
$est = $data->est;
$act = $data->act;
$man = $data->manager;
$comp = $data->completion;
$type = $data->type;
}
?>
<CENTER>
<FORM METHOD="POST" ACTION="create_sub_project.php">
<INPUT TYPE="HIDDEN" NAME="projectid" VALUE="<?php echo $projectid ?>">
<INPUT TYPE="SUBMIT" VALUE="Create a Sub-Project">
</CENTER>
<CENTER>
<FORM METHOD="POST" ACTION="create_project.php">
<INPUT TYPE="HIDDEN" NAME="action" VALUE="edit_main_project">
<INPUT TYPE="HIDDEN" NAME="projectid" VALUE="<?php echo $projectid ?>">
<FORM METHOD="POST" ACTION="create_project.php">
<INPUT TYPE="HIDDEN" NAME="action" VALUE="edit_main_project">
<INPUT TYPE="HIDDEN" NAME="projectid" VALUE="<?php echo $projectid ?>">
<TABLE BORDER="1">
<CAPTION><B>Edit Project</B></CAPTION>
<TR>
<TD>Title</TD>
<TD NOWRAP><INPUT TYPE="TEXT" VALUE="<?php echo $title ?>" NAME="title"
SIZE="30"></TD>
</TR>
<TR>
<TD>Estimated Hours</TD>
<TD NOWRAP><INPUT TYPE="TEXT" VALUE="<?php echo $est ?>" NAME="est"
SIZE="8"></TD>
</TR>
<TR>
<TD>Responsible</TD>
<TD><SELECT NAME="manager">
<?php
$link_id = db_connect();
$query = "SELECT username from user";
$result = mysql_query($query, $link_id);
$query = "SELECT username from user WHERE usernumber='$man'";
$res2 = mysql_query($query, $link_id);
$data2 = mysql_fetch_object($res2);
$select = $data2->username;
while($data = mysql_fetch_object($result)) {
if ($data->username == $select) {
echo " <OPTION SELECTED>" . $data->username . "</OPTION>\n";
}
else {echo " <OPTION>" . $data->username . "</OPTION>\n";}
}
?>
</TD>
<TR>
<TD>Project Type</TD>
<TD><SELECT NAME="type" SELECTED="<?php echo $man ?>">
<?php
$array = enum_options('type', 'main_project', $link_id);
foreach($array as $var) {
if ($var == $type) {
echo " <OPTION SELECTED>" . $type . "</OPTION>\n";
}
else {echo " <OPTION>" . $type . "</OPTION>\n";}
}
?>
</SELECT>
</TR>
<TR>
<TD>Description</TD>
<TD NOWRAP><TEXTAREA ROWS="10" COLS="30" NAME="desc"><?php echo $desc ?>
</TEXTAREA></TD>
</TR>
<TR>
<TH COLSPAN="2" NOWRAP>
<INPUT TYPE="SUBMIT" VALUE="Submit">
<INPUT TYPE="RESET" VALUE="Reset">
</TR>
</TABLE>
</CENTER>
</FORM>
<?php
show_sub_projects($projectid);
html_footer();
}
-----------------
Clicking on the "Create Sub-porject" button loads up a *different* page
(create_sub_project.php) and that page cannot access the $userid var even
though the session ID is the same.
<?php
include "common.php";
include "common_db.inc";
global $userid;
html_header();
menubar();
?>
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
