RE: Self-calling script problem.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I don't see any $_GET['User_ID'] statements anywhere.  When you pass a
value via the URL like "scriptname.php?userid=9999", you either need to
use $_GET[] or $_REQUEST[] to retrieve the data.  That could be why it's
being 'ignored'

-TG

> -----Original Message-----
> From: Garry Grierson [mailto:garry.grierson@xxxxxxxxxxxxx] 
> Sent: Thursday, June 17, 2004 7:25 AM
> To: php-windows@xxxxxxxxxxxxx
> Subject:  Self-calling script problem.
> 
> 
> 
> I have a script that asks a user to login using an ID and 
> password, it then
> displays a login menu based on the users access type.
> 
> 
> 
> This script works on another machine, but I have attempted to 
> set up PHP on
> two new machines and keep getting the same problem.
> 
> 
> 
> The script runs but when the user types in their data and clicks the
> continue button the parameters being input into the script do 
> change but it
> looks like it is being ignored.
> 
>  e.g
> 
>             Calling the page for the first time works:
> 
>                         http://160.221.21.129/timelog/index.php
> 
> 
> 
>             Self-calling with the additional user_id 
> parameter set results
> in the login screen being shown again!
> 
>                         http://160.221.21.129/timelog/?user_id=99999
> 
> This should now show the users menu options. (As on the other system!)
> 
> 
> 
> If I don't put in a user Id and password the screen is 
> updated to reflect
> this, I don't understand this as again this is calling itself 
> to perform
> this change.
> 
> 
> 
> My script is included below, any help would be much appreciated:
> 
> 
> 
> <?php
> 
> // (Re-)Start the session handler
> 
> session_start();
> 
> 
> 
> include ( $to_root.'scripts_php/common.php' );
> 
> 
> 
> if ( isset ($_GET['LOGOUT']) ) {
> 
>             $_SESSION = array();
> 
>             header ('Location: http://'.$thiswebsite);
> 
> }
> 
> 
> 
> // Get the task_id, if supplied
> 
> $task_id = trim ($_REQUEST['task_id']);
> 
> 
> 
> $errormsg = '';
> 
> // Login requested?
> 
> if ( $_POST['login'] == 'Click To Login' ) {
> 
>             $username = trim ($_POST['username']);
> 
>             $f_username = fixquotes ($username); // fixed for 
> SQL statements
> 
>             $passwd = trim ($_POST['passwd']);
> 
> //            $f_passwd = fixquotes (md5 ($passwd)); // fixed for SQL
> statements
> 
>             $f_passwd = fixquotes ($passwd); // fixed for SQL 
> statements
> 
> 
> 
>             // Error check the form data
> 
>             if ( strlen ($username) == 0 ) {
> 
>                         $errormsg .= 'You must supply a 
> username in the form
> <em>Lastname Firstname</em>.<br />';
> 
>             }
> 
>             if ( strlen ($passwd) == 0 ) {
> 
>                         $errormsg .= 'You must supply a 
> password.<br />';
> 
>             }
> 
> 
> 
>             $allok = ( strlen ($errormsg) > 0 ) ? false : true;
> 
>             if ( $allok ) {
> 
>                         // Check that supplied data is valid
> 
>                         $sql = "
> 
>                         SELECT UserID,UserName,UserType,LastLogin FROM
> userlog
> 
>                         WHERE UserName='$f_username' AND
> UserPassword='$f_passwd'
> 
>                         ";
> 
>                         $rs = @mysql_query ($sql);
> 
>                         if ( !$rs ) {
> 
>                                     $errormsg .= 'There was a problem
> accessing the database.<br />';
> 
>                         }
> 
>                         elseif ( mysql_num_rows ($rs) != 1 ) {
> 
>                                     // Details not OK - error
> 
>                                     $errormsg .= 'Username 
> and/or password
> supplied was incorrect.<br />';
> 
>                         } else {
> 
>                                     // Details OK - process login
> 
>                                     $_SESSION['LoggedIn'] = true;
> 
>                                     $row = mysql_fetch_object ($rs);
> 
>                                     $_SESSION['User_ID'] = 
> $row->UserID;
> 
>                                     $_SESSION['User_NAME'] = 
> $row->UserName;
> 
>                                     $_SESSION['User_TYPE'] = 
> $row->UserType;
> 
>                                     $_SESSION['LastLogin'] =
> $row->LastLogin;
> 
>                                     header ('Location:
> http://'.$thiswebsite.'?user_id='.$row->UserID);
> 
>                         }
> 
>             }
> 
> }
> 
> // End of Login requested?
> 
> ?>
> 
> <?php echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\"?".">"; ?>
> 
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
> 
> <html xmlns="http://www.w3.org/1999/xhtml";>
> 
> <head>
> 
> <title>Time Reporting Website</title>
> 
> <meta http-equiv="Content-Type" content="text/html; 
> charset=iso-8859-1" />
> 
> 
> 
> <!-- Honeywell Intranet Template Header Files -->
> 
> <link rel=stylesheet type='text/css'
> href="http://my.honeywell.com/inc/styleurl.css";>
> 
> <script language="JavaScript"
> src="http://my.honeywell.com/inc/properties.js";></script>
> 
> <script language='JavaScript'
> src='http://my.honeywell.com/inc/framed.js'></script>
> 
> <script language='JavaScript'
> src='http://my.honeywell.com/inc/left_framed.js'></script>
> 
> <!-- End of Honeywell Intranet Template Header Files -->
> 
> 
> 
> <? include ( 'metas.php' ); ?>
> 
> 
> 
> <script language="JavaScript" type="text/JavaScript">
> 
> <!--
> 
> function MM_reloadPage(init) {  //reloads the window if Nav4 resized
> 
>   if (init==true) with (navigator) {if
> ((appName=="Netscape")&&(parseInt(appVersion)==4)) {
> 
>     document.MM_pgW=innerWidth; document.MM_pgH=innerHeight;
> onresize=MM_reloadPage; }}
> 
>   else if (innerWidth!=document.MM_pgW || 
> innerHeight!=document.MM_pgH)
> location.reload();
> 
> }
> 
> MM_reloadPage(true);
> 
> //-->
> 
> </script>
> 
> </head>
> 
> 
> 
> <body>
> 
> 
> 
> <div id="logo">Time<br />Reporting<br />System</div>
> 
> 
> 
> <!-- Honeywell Intranet Template Top Row -->
> 
> <script language="JavaScript"
> src="http://my.honeywell.com/inc/globalnav.js";></script>
> 
> <!-- End of Honeywell Intranet Template Top Row -->
> 
> 
> 
> <!-- Honeywell Intranet Template Left Navigation List -->
> 
> <script language="JavaScript"
> src="http://my.honeywell.com/inc/menuload_url.js";></script>
> 
> <script language="JavaScript">
> 
> // Change this value to highlight required link in menu
> 
> if ( LoggedIn == "1" ) {
> 
>             honeywell.list.selItem=0;
> 
> } else {
> 
>             honeywell.list.selItem=0;
> 
> }
> 
> </script>
> 
> <script language="JavaScript"
> src="http://my.honeywell.com/inc/leftmenu_div.js";></script>
> 
> <!-- End of Honeywell Intranet Template Left Navigation List -->
> 
> 
> 
> <div id="container">
> 
> 
> 
> <?php
> 
> // Check for Login parameter
> 
> if ( $_SESSION['LoggedIn'] ) {
> 
> ?>
> 
> 
> 
>   <h3>Utilities available to <?php echo 
> $_SESSION['User_NAME'] ?>.</h3>
> 
>   <p><hr>
> 
>   <table bgcolor="gray" width="70%" border="0" cellspacing="4"
> cellpadding="4"><tr><td>
> 
>   <p><font color="blue"><h4>OPTIONS:</h4></font><p>
> 
> <?php
> 
> 
> 
> 
> 
>             switch ( $_SESSION['User_TYPE'] ) {
> 
>                         case 'viewer':
> 
>                                     echo '
> 
>                                     <a href="#" onclick="openwin
> (\'inputer.php?user_id='.$user_id.'\',\'work\',true,700,525,15
> ,20)">Enter
> time against projects.</a>';
> 
>                                     echo ( is_numeric ($user_id) ) ? '
> (user_'.$user_id.' pre-selected)' : '';
> 
>                                     echo '
> 
>                                     </p>
> 
>                                     <p>
> 
>                                     <a href="#" onclick="openwin
> (\'status.php?user_id='.$user_id.'\',\'status\',true,700,525,1
> 5,20)">View
> Status reports.</a>';
> 
>                                     echo ( is_numeric ($user_id) ) ? '
> (user_'.$user_id.' pre-selected)' : '';
> 
>             echo '
> 
>                                     </p><hr><p>
> 
>                                     ';
> 
>                                     echo '
> 
>                                     <a href="#" onclick="openwin
> (\'admin.php?user_id='.$user_id.'&admin_type=pass\',\'pass\',t
rue,700,525,15
> ,20)">Change Password.</a></p>
> 
>                                     ';
> 
>             echo '
> 
>                                     </p></table>
> 
>                                     ';
> 
>                                     break;
> 
> 
> 
>                         case 'inputer':
> 
>                                     echo '
> 
>                                     <a href="#" onclick="openwin
> (\'inputer.php?user_id='.$user_id.'\',\'work\',true,700,525,15
> ,20)">Enter
> time against projects.</a>';
> 
>             echo ( is_numeric ($user_id) ) ? ' (user_'.$user_id.'
> pre-selected)' : '';
> 
>             echo '
> 
>                                     </p>
> 
>                                     <p>
> 
>                                     <a href="#" onclick="openwin
> (\'status.php?user_id='.$user_id.'\',\'status\',true,700,525,1
> 5,20)">View
> Status reports.</a>';
> 
>                                     echo ( is_numeric ($user_id) ) ? '
> (user_'.$user_id.' pre-selected)' : '';
> 
>             echo '
> 
>                                     </p><hr><p>
> 
>                                     ';
> 
>                                     echo '
> 
>                                     <a href="#" onclick="openwin
> (\'admin.php?user_id='.$user_id.'&admin_type=pass\',\'pass\',t
rue,700,525,15
> ,20)">Change Password.</a></p>
> 
>                                     ';
> 
>             echo '
> 
>                                     </p></table>
> 
>                                     <p>
> 
>                                     ';
> 
>                                     break;
> 
> 
> 
>                         case 'admin':
> 
>                                     echo '
> 
>                                     <a href="#" onclick="openwin
> (\'inputer.php?user_id='.$user_id.'\',\'work\',true,700,525,15
> ,20)">Enter
> time against projects.</a>';
> 
>             echo '
> 
>                                     </p>
> 
>                                     <p>
> 
>                                     <a href="#" onclick="openwin
> (\'status.php?user_id='.$user_id.'\',\'status\',true,700,525,1
> 5,20)">View
> Status reports.</a>';
> 
>             echo '
> 
>                                     </p><p></table><hr><p>
> 
>                                     ';
> 
>             echo '<p><font color="blue"><h3>Administrative
> Tasks:</h3></font><p>';
> 
>             echo '
> 
>                                     <a href="#" onclick="openwin
> (\'admin.php?user_id='.$user_id.'&admin_type=list\',\'list\',t
rue,700,525,15
> ,20)">Search for an IDWeb User ID.</a></p></table>
> 
>                                     ';
> 
>                                     echo '
> 
>                                     <a href="#" onclick="openwin
> (\'admin.php?user_id='.$user_id.'&admin_type=pass\',\'pass\',t
rue,700,525,15
> ,20)">Change Local User Password.</a></p>
> 
>                                     ';
> 
>             echo '
> 
>                                     <a href="#" onclick="openwin
> (\'admin.php?user_id='.$user_id.'&admin_type=type\',\'type\',t
rue,700,525,15
> ,20)">Change Local User Type.</a></p>
> 
>                                     ';
> 
>             echo '
> 
>                                     <a href="#" onclick="openwin
> (\'admin.php?user_id='.$user_id.'&admin_type=new\',\'new\',tru
e,700,525,15,2
> 0)">Add a New Local User.</a></p></table>
> 
>                                     ';
> 
> 
> 
>                                     break;
> 
> 
> 
>                         default:
> 
>                                     echo '
> 
>                                     <p class="errormsg">You have an
> unrecognised user type. There are no utilities available to you.</p>
> 
>                                     ';
> 
>             }
> 
> ?>
> 
>   <hr>
> 
>   <h4>Last Logged in on: <?php echo $_SESSION['LastLogin'] ?>.</h4>
> 
> <?PHP
> 
> //Save Login-Time to the User-Log table
> 
>   $now = date ('Y-m-d H:i:s');
> 
>   $sql = "UPDATE UserLog SET LastLogin = '$now' WHERE 
> UserID=$user_id";
> 
>   $rs = @mysql_query ($sql);
> 
> 
> 
> } else {
> 
> ?>
> 
> 
> 
>   <h3>Please login to access the Time Logging system.</h3>
> 
> 
> 
>   <form name="loginform" action="<?php echo $PHP_SELF ?>" 
> method="post">
> 
>     <input type="hidden" name="task_id" value="<?php echo 
> $task_id ?>" />
> 
>     <table width="550" border="0" cellspacing="0" cellpadding="4">
> 
>             <caption><?php echo '<span
> class="errormsg">'.$row->UserID.$row->UserPassword.$errormsg.'</span>'
> ?></caption>
> 
>       <tr>
> 
>         <td>Username: </td>
> 
>         <td><input type="text" name="username" tabindex="1" 
> value="<?php
> echo $username ?>" /></td>
> 
>       </tr>
> 
>       <tr>
> 
>         <td>Password: </td>
> 
>         <td><input type="password" name="passwd" tabindex="2" /></td>
> 
>       </tr>
> 
>       <tr>
> 
>         <td colspan="2"><div align="center">
> 
>             <input type="submit" name="login" value="Click To Login"
> tabindex="3" />
> 
>           </div></td>
> 
>       </tr>
> 
>     </table>
> 
>   </form>
> 
> 
> 
> <?php
> 
> 
> 
> }
> 
> // End of Check for Login parameter
> 
> ?>
> 
> 
> 
> <!-- Footer section - do not touch -->
> 
>   <p>
> 
>     <script language="JavaScript"
> src="http://my.honeywell.com/inc/footer_url.js";></script>
> 
>     <script language="JavaScript" src="<? echo $to_root
> ?>content_owner.js"></script>
> 
>   </p>
> 
> <!-- End of Footer section - do not touch -->
> 
> </div>
> 
> </body>
> 
> </html>
> 
> -- 
> PHP Windows Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
> 

-- 
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[Index of Archives]     [PHP Home]     [PHP Users]     [PHP Database Programming]     [PHP Install]     [Kernel Newbies]     [Yosemite Forum]     [PHP Books]

  Powered by Linux