try defining the values as empty strings first...
<?php // accesscontrol.php
include_once 'common.php';
include_once 'db.php';
session_start();
$suid = '';
$spwd = '';
$suid = isset($_POST['suid']) ? $_POST['suid'] : $_SESSION['suid']; //line 7
$spwd = isset($_POST['spwd']) ? $_POST['spwd'] : $_SESSION['spwd']; //line 8
if(!isset($suid)) {
?>
bastien
From: "bo" <bo1st@xxxxxxxxxxx>
Reply-To: "bo" <bo1st@xxxxxxxxxxx>
To: php-db@xxxxxxxxxxxxx
Subject: session confusion| can anyone help?
Date: Fri, 26 Aug 2005 11:42:18 +0800
here is the code for accesscontrol.php which control the access to
protected
page, the server gives an error as of
Notice: Undefined index: uid in E:\www\signup\accesscontrol.php on line 7
Notice: Undefined index: pwd in E:\www\signup\accesscontrol.php on line 8
I tried input username and password and it will give the error as:
Access Denied
Your user ID or password is incorrect, or you are not a registered user on
this site. To try logging in again, click here. To register for instant
access, click here.
code
//
<?php // accesscontrol.php
include_once 'common.php';
include_once 'db.php';
session_start();
$suid = isset($_POST['suid']) ? $_POST['suid'] : $_SESSION['suid']; //line
7
$spwd = isset($_POST['spwd']) ? $_POST['spwd'] : $_SESSION['spwd']; //line
8
if(!isset($suid)) {
?>
<!DOCTYPE html PUBLIC "-//W3C/DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
<html xmlns="http://www.w3.org/1999/xhtml";>
<head>
<title> Please Log In for Access </title>
<meta http-equiv="Content-Type"
content="text/html; charset=iso-8859-1" />
</head>
<body>
<h1> Login Required </h1>
<p>You must log in to access this area of the site. If you are
not a registered user, <a href="signup.php">click here</a>
to sign up for instant access!</p>
<p><form method="post" action="<?=$_SERVER['PHP_SELF']?>">
User ID: <input type="text" name="suid" size="8" /><br />
Password: <input type="password" name="spwd" SIZE="8" /><br />
<input type="submit" value="Log in" />
</form></p>
</body>
</html>
<?php
exit;
}
$_SESSION['suid'] = $suid;
$_SESSION['spwd'] = $spwd;
dbConnect("cartoon");
$sql = "SELECT * FROM userinfo WHERE
uid = '$suid' AND pwd = PASSWORD('$spwd')";
$result = mysql_query($sql);
if (!$result) {
error('A database error occurred while checking your '.
'login details.\\nIf this error persists, please '.
'contact you@xxxxxxxxxxxx');
}
if (mysql_num_rows($result) == 0) {
unset($_SESSION['suid']);
unset($_SESSION['spwd']);
?>
<!DOCTYPE html PUBLIC "-//W3C/DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
<html xmlns="http://www.w3.org/1999/xhtml";>
<head>
<title> Access Denied </title>
<meta http-equiv="Content-Type"
content="text/html; charset=iso-8859-1" />
</head>
<body>
<h1> Access Denied </h1>
<p>Your user ID or password is incorrect, or you are not a
registered user on this site. To try logging in again, click
<a href="<?=$_SERVER['PHP_SELF']?>">here</a>. To register for instant
access, click <a href="signup.php">here</a>.</p>
</body>
</html>
<?php
exit;
}
$username = mysql_result($result,0,'unick');
echo $username;
?>
//
Thanks.
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
