On 5/19/08, Tim Thorburn <immortal@xxxxxxxxxx> wrote: > Wolf wrote: > > ---- Tim Thorburn <immortal@xxxxxxxxxx> wrote: > > > > > Hi all, > > > > > > Having a slight problem with a demo I gave at a clients last week - > looking for a little advise. Part of my demo involved a password protected > area - the simplified process is: client enters password on login page > if > login/password match encrypted database, PHP session is created, form > forwards to a secured area > secured area checks to make sure PHP session is > valid > if valid display content, if not, return to login screen. > > > > > > This procedure is what I've used for many years, tested on a variety of > servers and connections. It works. During the demo with my client, I was > able to enter login/password info, the PHP session was created - however the > screen would not forward to the secured area. Instead I was pretended with > a blank screen (client only has an outdated/non-updated version of IE6). If > I were to type in the URL to the secured area, it would display content > properly. As a test, I logged out, closed my browser and started again, > this time entering an incorrect login/password - again it would not forward > to the next screen properly, however this time when I typed in the full URL, > it would not display as the session hadn't been created. > > > > > > I've spoken briefly with my clients IT person, however he's unwilling to > share any firewall information or really anything regarding their security > setup - which I understand as I'm not an employee and just a contractor. > > > > > > So, after long winded description - does anyone with network security > experience have any idea either a) what I would need to ask the IT person to > allow for their site only, or b) have any suggestions for alternate password > authentication that may work given the above conditions? > > > > > > TIA > > > -Tim > > > > > > > > > > It sounds like your code is hokey, since IE is more stringent then other > browsers, the code looks to be at fault. > > > > What browsers did you test this with before taking it to the client? > > Firewalls shouldn't be any type of issue at all in this case, unless your > browser is trying to redirect to another port, in which case, that should be > something that the firewall won't affect internally anyways. > > So all roads point back to code failure. > > > > Wolf > > > > > The code has been tested on Win2k, XP, Vista, Linux and OSX - IE5.x, IE6.x, > IE7, Netscape 9, Firefox 2, Firefox 5 beta 5, and Safari. Works on a > variety of connections and locations outside of the clients office - does > not work inside the clients office. > Someone suggested looking at the error logs. That still seems like a good idea. David -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
