RE: session confusion| can anyone help?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



try defining the values as empty strings first...

<?php // accesscontrol.php

include_once 'common.php';
include_once 'db.php';
session_start();

$suid = '';
$spwd = '';

$suid = isset($_POST['suid']) ? $_POST['suid'] : $_SESSION['suid']; //line 7
$spwd = isset($_POST['spwd']) ? $_POST['spwd'] : $_SESSION['spwd']; //line 8

if(!isset($suid)) {
 ?>

bastien


From: "bo" <bo1st@xxxxxxxxxxx>
Reply-To: "bo" <bo1st@xxxxxxxxxxx>
To: php-db@xxxxxxxxxxxxx
Subject:  session confusion| can anyone help?
Date: Fri, 26 Aug 2005 11:42:18 +0800

here is the code for accesscontrol.php which control the access to protected
page, the server gives an error as of

Notice: Undefined index: uid in E:\www\signup\accesscontrol.php on line 7

Notice: Undefined index: pwd in E:\www\signup\accesscontrol.php on line 8

I tried input username and password and it will give the error as:

Access Denied
Your user ID or password is incorrect, or you are not a registered user on
this site. To try logging in again, click here. To register for instant
access, click here.

code
//
<?php // accesscontrol.php

include_once 'common.php';
include_once 'db.php';
session_start();

$suid = isset($_POST['suid']) ? $_POST['suid'] : $_SESSION['suid']; //line 7 $spwd = isset($_POST['spwd']) ? $_POST['spwd'] : $_SESSION['spwd']; //line 8

if(!isset($suid)) {
  ?>
  <!DOCTYPE html PUBLIC "-//W3C/DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
  <html xmlns="http://www.w3.org/1999/xhtml";>
  <head>
    <title> Please Log In for Access </title>
    <meta http-equiv="Content-Type"
      content="text/html; charset=iso-8859-1" />
  </head>
  <body>
  <h1> Login Required </h1>
  <p>You must log in to access this area of the site. If you are
     not a registered user, <a href="signup.php">click here</a>
     to sign up for instant access!</p>
  <p><form method="post" action="<?=$_SERVER['PHP_SELF']?>">
    User ID: <input type="text" name="suid" size="8" /><br />
    Password: <input type="password" name="spwd" SIZE="8" /><br />
    <input type="submit" value="Log in" />
  </form></p>
  </body>
  </html>
  <?php
  exit;
}
$_SESSION['suid'] = $suid;
$_SESSION['spwd'] = $spwd;
dbConnect("cartoon");
$sql = "SELECT * FROM userinfo WHERE
        uid = '$suid' AND pwd = PASSWORD('$spwd')";
$result = mysql_query($sql);
if (!$result) {
  error('A database error occurred while checking your '.
        'login details.\\nIf this error persists, please '.
        'contact you@xxxxxxxxxxxx');
}
if (mysql_num_rows($result) == 0) {
  unset($_SESSION['suid']);
  unset($_SESSION['spwd']);
  ?>
  <!DOCTYPE html PUBLIC "-//W3C/DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
  <html xmlns="http://www.w3.org/1999/xhtml";>
  <head>
    <title> Access Denied </title>
    <meta http-equiv="Content-Type"
      content="text/html; charset=iso-8859-1" />
  </head>
  <body>
  <h1> Access Denied </h1>
  <p>Your user ID or password is incorrect, or you are not a
     registered user on this site. To try logging in again, click
     <a href="<?=$_SERVER['PHP_SELF']?>">here</a>. To register for instant
     access, click <a href="signup.php">here</a>.</p>
  </body>
  </html>
  <?php
  exit;
}
$username = mysql_result($result,0,'unick');
echo $username;
?>

//

Thanks.

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [PHP Users]     [Postgresql Discussion]     [Kernel Newbies]     [Postgresql]     [Yosemite News]

  Powered by Linux