No real reason to start the session in index.php. You are not registering
any session vars, nor are you accessing any.
> index.php
> <?php
> session_start();
> ?>
>
> <form name="form1" method="post" action="admin_select.php">
> <table border="0" cellspacing="0" cellpadding="0">
> <tr bgcolor="#CFCFCF">
> <td colspan="2">Admin Login
> </td>
> </tr>
> <tr>
> <td>Username:
> </td>
> <td><input type="text" name="user_name" >
> </td>
> </tr>
> <tr>
> <td>Password:
> </td>
> <td><input type="text" name="pass_word" >
> </td>
> </tr>
> <tr>
> <td>
> <input type="submit" name="Submit4" value="Submit">
> </td>
> </tr>
> </table>
> </form>
Ok, now that we are in admin_select.php you can start the session, which
you do.
> Then:
> admin_select.php
>
> <?php
> session_start();
> if ((!$HTTP_SESSION_VARS["username"]) &&
> (!$HTTP_SESSION_VARS["password"])) {
> session_register("username","password");
> }
> if (($HTTP_POST_VARS["user_name"]) && ($HTTP_POST_VARS["pass_word"])) {
>
> $username = $HTTP_POST_VARS["user_name"];
> $password = $HTTP_POST_VARS["pass_word"];
> }
Looks ok so far. Although I am not sure session_register() was able to
take multiple args in 4.0.3. But you don't need the check. Nothing bad
happens if you session_register() the same var twice.
> $link = @mysql_connect("localhost",$username,$password) or die
> ('Could not connect!');
> mysql_select_db("mafisa",$link);
> $sql = "select * from project_table order by id";
> $result = mysql_query($sql);
> ?>
> <form action="admin_select_document.php" method="POST"
> enctype="multipart/form-data">
> <table border="1">
> <tr>
> <td colspan="2" bgcolor="CFCFCF">Admin Interface</td>
> </tr>
> <tr>
> <td colspan="2">Please select Project to work with</td>
> </tr>
> <tr>
> <td colspan ="2">
> <?php
> if (mysql_num_rows($result)) {
> echo "<select name=\"sess_id_project\">";
> while ($myrow = mysql_fetch_assoc($result)) {
> $sess_project_name = $myrow["project_name"];
> $sess_project_id = $myrow["id"];
> echo '<option
> value="'.$sess_project_id.'">'.$sess_project_name;
> }
> echo '</select>';
> echo '</td>';
> echo '</tr>';
> echo '<tr>';
> echo '<td colspan="2"><input type="submit" name="submit"
> value="Go!"></td>';
> echo '</tr>';
> echo '</form>';
> } else {
> echo '<b><i>There are currently no Projects on the system,';
> echo 'please use the section below to add one</i></b>';
> echo '</td>';
> echo '</tr>';
> echo '</form>';
> }
>
>
> echo '<tr><td colspan="2" bgcolor="000000"></td></tr>
>
> <tr>
> <td colspan="2" bgcolor="CFCFCF"><a href="admin_add_project.php">Add
> a new Project</a></td>
> </tr>
>
> </table>';
>
> ?>
ok
> This second page has two routes to go, either you select the document
> from the drop_down, or you can "add a new project", It is with the
> second route that I pick up further problems:
>
> admin_add_project.php
>
> <?php
> session_start();
> echo '
> <form action="admin_add_project_do.php" method="POST"
> enctype="multipart/form-data">
> <table>
> <tr>
> <td colspan="2" bgcolor="CFCFCF">Mafisa Admin Interface</td>
> </tr>
> <tr>
> <td>New Project Name</td>
> <td><input type="text" name="project_name_add"></td>
> </tr>
> <tr>
> <td>Project Descriptions</td>
> <td><textarea name="project_description_add"></textarea></td>
> </tr>
> <tr>
> <td colspan="2"><input type="submit" name="submit"
> value="Save"></td>
> </tr>
> </table>
> </form>
> ';
> ?>
Again, you don't register nor do you use any session vars in
admin_add_project.php so there is no need to start the session.
> Now, on this last page that is supposed to insert the form data into the
> db, there is simply no form data, or session variables!!!!!
>
> admin_add_project_do.php
> <?php
> session_start();
> $date = date('Y-m-d');
> $link =
>
>@mysql_connect('localhost',$HTTP_SESSION_VARS["username"],$HTTP_SESSION_VARS["password"])
> or die ('Could not connect!');
> mysql_select_db('mafisa',$link);
> $project_name_db =
> addslashes($HTTP_POST_VARS["project_name_add"]);
> $project_description_db =
> addslashes($HTTP_POST_VARS["project_description_add"]);
> $sql = "insert into project_table
> (project_name,project_description,date) values
> ('$project_name_db','$project_description_db','$date')";
> $result = mysql_query($sql);
> echo 'Thank you, new project ::
> <b><i>'.$project_name_db.'</i></b> was added to the system. <br>
> <a href="admin_select.php">Back</a><br>';
> ?>
Looks ok. Is it only on 4.0.3 that this isn't working?
Why don't you do this instead at the top of each page where you want to
use the session vars:
if(!ini_get('register_globals')) {
extract($HTTP_SESSION_VARS);
}
Then just use plain $username and $password. See if that makes a
difference. But you really should get your provider to upgrade to
something a lot more recent than 4.0.3. Do you realize that 4.0.3 is
almost 2 years old now? That's an eternity on the Web.
-Rasmus
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
