[PHP] Re: headers and session (question)
I use sessions, I also dont store the users password into the session, if you use flat file sessions on a shared server then storing the password should be avoided, What I do is take a username and password, verify their details against database, if their details match one in database I simply add their username to the session, to check if someone is logged in I just check whether their username exists in the session, if it does I deliver my protected content but if not I display a login box. Alessandro Rosa wrote: Here's below the solution (the encryption will be shortly performed into login.php). 1 ?php 2 session_start(); 3 $_SESSION['session_user'] = $_POST['txtIdUtente']; 4 $_SESSION['session_password'] = $_POST['txtPassword']; 5 $PHPcmd = login.php ; 6 header( Location: .$PHPcmd ); 7 ? But a QUESTION now : if line 5 is replaced by these two lines, say here 5a and 5b: 5a require_once(config.inc.php); 5b $PHPcmd = $GLOBALS['gestionale_path_name'].phpcode/login/login.php ; this does not work (meaning user and psw are not passed to login.php); but again the below code works again: 5a require_once(config.inc.php); 5b $PHPcmd = $gestionale_path_name.phpcode/login/login.php ; Thanks, Alessandro -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: headers and session (question)
* Alessandro Rosa [EMAIL PROTECTED]: Here's below the solution (the encryption will be shortly performed into login.php). 1 ?php 2 session_start(); 3 $_SESSION['session_user'] = $_POST['txtIdUtente']; 4 $_SESSION['session_password'] = $_POST['txtPassword']; 5 $PHPcmd = login.php ; 6 header( Location: .$PHPcmd ); 7 ? But a QUESTION now : if line 5 is replaced by these two lines, say here 5a and 5b: 5a require_once(config.inc.php); 5b $PHPcmd = $GLOBALS['gestionale_path_name'].phpcode/login/login.php ; this does not work (meaning user and psw are not passed to login.php); but again the below code works again: 5a require_once(config.inc.php); 5b $PHPcmd = $gestionale_path_name.phpcode/login/login.php ; Again, look at your config.inc.php and make sure it's not sending any output. If you have even a blank line before an opening ?php tag or a blank line following, output will have been sent, and you will not be able to send a cookie or additional HTTP headers. -- Matthew Weier O'Phinney | WEBSITES: Webmaster and IT Specialist | http://www.garden.org National Gardening Association| http://www.kidsgardening.com 802-863-5251 x156 | http://nationalgardenmonth.org mailto:[EMAIL PROTECTED] | http://vermontbotanical.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: headers and session (question)
It wont get passed because your not passing it along to the script in anyway, at line 3/4 you set the details into the session, then you redirect them to the login page so in your login.php just call the session variables which you just stored at line 3/4. login.php example: ?php echo $_SESSION['session_user']; echo $_SESSION['session_password']; ? Now when you redirect the user it will have these session variables stored. James Alessandro Rosa wrote: Here's below the solution (the encryption will be shortly performed into login.php). 1 ?php 2 session_start(); 3 $_SESSION['session_user'] = $_POST['txtIdUtente']; 4 $_SESSION['session_password'] = $_POST['txtPassword']; 5 $PHPcmd = login.php ; 6 header( Location: .$PHPcmd ); 7 ? But a QUESTION now : if line 5 is replaced by these two lines, say here 5a and 5b: 5a require_once(config.inc.php); 5b $PHPcmd = $GLOBALS['gestionale_path_name'].phpcode/login/login.php ; this does not work (meaning user and psw are not passed to login.php); but again the below code works again: 5a require_once(config.inc.php); 5b $PHPcmd = $gestionale_path_name.phpcode/login/login.php ; Thanks, Alessandro -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
