In your mail you say :
>Calling the page for the first time works:
http://160.221.21.129/timelog/index.php
OK
Self-calling with the additional user_id parameter set results in the login screen being shown again!
http://160.221.21.129/timelog/?user_id=99999
This is what I don't understand. The thing is, the correct call should be
http://160.221.21.129/timelog/index.php?user_id=99999
and inside you should have
$user_id = $_GET['user_id'];
Unless it is a typo on your mail ...
Luis
Garry Grierson wrote:
Both set to: on
"Luis Moreira" <luis.moreira@xxxxxxxxxxxxxxx> wrote in message
news:40E936F0.4090306@xxxxxxxxxxxxxxxxxx
headerGarry Grierson wrote:
If I do this by passing the paramiters back into the script via the
softwareline it works OK.
When I try to use the SESSION variable it cant find the values, as I said
this is working on another machine running identical op and browser
.news:B97E3961173C4943BF7C722DFE31943DCF08CA@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxetc...
Any ideas? "Garry Grierson" <garry.grierson@xxxxxxxxxxxxx> wrote in message news:...
The problem seems to be that the SESSION information isn't being found!?
Any Ideas?
"Trevor Gryffyn" <TGryffyn@xxxxxxxxxxxxxxxxx> wrote in message
. I don't see any $_GET['
'] statements anywhere. When you pass a value via the URL like "scriptname.php?userid=9999", you either need to use $_GET[] or $_REQUEST[] to retrieve the data. That could be why it's being 'ignored'
-TG
-----Original Message----- From: Garry Grierson [mailto:garry.grierson@xxxxxxxxxxxxx] Sent: Thursday, June 17, 2004 7:25 AM To: php-windows@xxxxxxxxxxxxx Subject: Self-calling script problem.
I have a script that asks a user to login using an ID and password, it then displays a login menu based on the users access type.
This script works on another machine, but I have attempted to set up PHP on two new machines and keep getting the same problem.
The script runs but when the user types in their data and clicks the continue button the parameters being input into the script do change but it looks like it is being ignored.
e.g
Calling the page for the first time works:
http://160.221.21.129/timelog/index.php
Self-calling with the additional user_id parameter set results in the login screen being shown again!
http://160.221.21.129/timelog/?user_id=99999
This should now show the users menu options. (As on the other system!)
If I don't put in a user Id and password the screen is updated to reflect this, I don't understand this as again this is calling itself to perform this change.
My script is included below, any help would be much appreciated:
<?php
// (Re-)Start the session handler
session_start();
include ( $to_root.'scripts_php/common.php' );
if ( isset ($_GET['LOGOUT']) ) {
$_SESSION = array();
header ('Location: http://'.$thiswebsite);
}
// Get the task_id, if supplied
$task_id = trim ($_REQUEST['task_id']);
$errormsg = '';
// Login requested?
if ( $_POST['login'] == 'Click To Login' ) {
$username = trim ($_POST['username']);
$f_username = fixquotes ($username); // fixed for SQL statements
$passwd = trim ($_POST['passwd']);
// $f_passwd = fixquotes (md5 ($passwd)); // fixed for SQL statements
$f_passwd = fixquotes ($passwd); // fixed for SQL statements
// Error check the form data
if ( strlen ($username) == 0 ) {
$errormsg .= 'You must supply a username in the form <em>Lastname Firstname</em>.<br />';
}
if ( strlen ($passwd) == 0 ) {
$errormsg .= 'You must supply a password.<br />';
}
$allok = ( strlen ($errormsg) > 0 ) ? false : true;
if ( $allok ) {
// Check that supplied data is valid
$sql = "
SELECT UserID,UserName,UserType,LastLogin FROM userlog
WHERE UserName='$f_username' AND UserPassword='$f_passwd'
";
$rs = @mysql_query ($sql);
if ( !$rs ) {
$errormsg .= 'There was a problem accessing the database.<br />';
}
elseif ( mysql_num_rows ($rs) != 1 ) {
// Details not OK - error
$errormsg .= 'Username and/or password supplied was incorrect.<br />';
} else {
// Details OK - process login
$_SESSION['LoggedIn'] = true;
$row = mysql_fetch_object ($rs);
$_SESSION['User_ID'] = $row->UserID;
$_SESSION['User_NAME'] = $row->UserName;
$_SESSION['User_TYPE'] = $row->UserType;
$_SESSION['LastLogin'] = $row->LastLogin;
header ('Location: http://'.$thiswebsite.'?user_id='.$row->UserID);
}
}
}
// End of Login requested?
?>
<?php echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\"?".">"; ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
<html xmlns="http://www.w3.org/1999/xhtml";>
<head>
<title>Time Reporting Website</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<!-- Honeywell Intranet Template Header Files -->
<link rel=stylesheet type='text/css' href="http://my.honeywell.com/inc/styleurl.css";>
<script language="JavaScript" src="http://my.honeywell.com/inc/properties.js";></script>
<script language='JavaScript' src='http://my.honeywell.com/inc/framed.js'></script>
<script language='JavaScript' src='http://my.honeywell.com/inc/left_framed.js'></script>
<!-- End of Honeywell Intranet Template Header Files -->
<? include ( 'metas.php' ); ?>
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_reloadPage(init) { //reloads the window if Nav4 resized
if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) {
document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }}
else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload();
}
MM_reloadPage(true);
//-->
</script>
</head>
<body>
<div id="logo">Time<br />Reporting<br />System</div>
<!-- Honeywell Intranet Template Top Row -->
<script language="JavaScript" src="http://my.honeywell.com/inc/globalnav.js";></script>
<!-- End of Honeywell Intranet Template Top Row -->
<!-- Honeywell Intranet Template Left Navigation List -->
<script language="JavaScript" src="http://my.honeywell.com/inc/menuload_url.js";></script>
<script language="JavaScript">
// Change this value to highlight required link in menu
if ( LoggedIn == "1" ) {
honeywell.list.selItem=0;
} else {
honeywell.list.selItem=0;
}
</script>
<script language="JavaScript" src="http://my.honeywell.com/inc/leftmenu_div.js";></script>
<!-- End of Honeywell Intranet Template Left Navigation List -->
<div id="container">
<?php
// Check for Login parameter
if ( $_SESSION['LoggedIn'] ) {
?>
<h3>Utilities available to <?php echo $_SESSION['User_NAME'] ?>.</h3>
<p><hr>
<table bgcolor="gray" width="70%" border="0" cellspacing="4" cellpadding="4"><tr><td>
<p><font color="blue"><h4>OPTIONS:</h4></font><p>
<?php
switch ( $_SESSION['User_TYPE'] ) {
case 'viewer':
echo '
<a href="#" onclick="openwin (\'inputer.php?user_id='.$user_id.'\',\'work\',true,700,525,15 ,20)">Enter time against projects.</a>';
echo ( is_numeric ($user_id) ) ? ' (user_'.$user_id.' pre-selected)' : '';
echo '
</p>
<p>
<a href="#" onclick="openwin (\'status.php?user_id='.$user_id.'\',\'status\',true,700,525,1 5,20)">View Status reports.</a>';
echo ( is_numeric ($user_id) ) ? ' (user_'.$user_id.' pre-selected)' : '';
echo '
</p><hr><p>
';
echo '
<a href="#" onclick="openwin (\'admin.php?user_id='.$user_id.'&admin_type=pass\',\'pass\',t
rue,700,525,15
,20)">Change Password.</a></p>
';
echo '
</p></table>
';
break;
case 'inputer':
echo '
<a href="#" onclick="openwin (\'inputer.php?user_id='.$user_id.'\',\'work\',true,700,525,15 ,20)">Enter time against projects.</a>';
echo ( is_numeric ($user_id) ) ? ' (user_'.$user_id.' pre-selected)' : '';
echo '
</p>
<p>
<a href="#" onclick="openwin (\'status.php?user_id='.$user_id.'\',\'status\',true,700,525,1 5,20)">View Status reports.</a>';
echo ( is_numeric ($user_id) ) ? ' (user_'.$user_id.' pre-selected)' : '';
echo '
</p><hr><p>
';
echo '
<a href="#" onclick="openwin (\'admin.php?user_id='.$user_id.'&admin_type=pass\',\'pass\',t
rue,700,525,15
,20)">Change Password.</a></p>
';
echo '
</p></table>
<p>
';
break;
case 'admin':
echo '
<a href="#" onclick="openwin (\'inputer.php?user_id='.$user_id.'\',\'work\',true,700,525,15 ,20)">Enter time against projects.</a>';
echo '
</p>
<p>
<a href="#" onclick="openwin (\'status.php?user_id='.$user_id.'\',\'status\',true,700,525,1 5,20)">View Status reports.</a>';
echo '
</p><p></table><hr><p>
';
echo '<p><font color="blue"><h3>Administrative Tasks:</h3></font><p>';
echo '
<a href="#" onclick="openwin (\'admin.php?user_id='.$user_id.'&admin_type=list\',\'list\',t
rue,700,525,15
,20)">Search for an IDWeb User ID.</a></p></table>
';
echo '
<a href="#" onclick="openwin (\'admin.php?user_id='.$user_id.'&admin_type=pass\',\'pass\',t
rue,700,525,15
,20)">Change Local User Password.</a></p>
';
echo '
<a href="#" onclick="openwin (\'admin.php?user_id='.$user_id.'&admin_type=type\',\'type\',t
rue,700,525,15
,20)">Change Local User Type.</a></p>
';
echo '
<a href="#" onclick="openwin (\'admin.php?user_id='.$user_id.'&admin_type=new\',\'new\',tru
e,700,525,15,2
0)">Add a New Local User.</a></p></table>
';
break;
default:
echo '
<p class="errormsg">You have an unrecognised user type. There are no utilities available to you.</p>
';
}
?>
<hr>
<h4>Last Logged in on: <?php echo $_SESSION['LastLogin'] ?>.</h4>
<?PHP
//Save Login-Time to the User-Log table
$now = date ('Y-m-d H:i:s');
$sql = "UPDATE UserLog SET LastLogin = '$now' WHERE UserID=$user_id";
$rs = @mysql_query ($sql);
} else {
?>
<h3>Please login to access the Time Logging system.</h3>
<form name="loginform" action="<?php echo $PHP_SELF ?>" method="post">
<input type="hidden" name="task_id" value="<?php echo $task_id ?>" />
<table width="550" border="0" cellspacing="0" cellpadding="4">
<caption><?php echo '<span class="errormsg">'.$row->UserID.$row->UserPassword.$errormsg.'</span>' ?></caption>
<tr>
<td>Username: </td>
<td><input type="text" name="username" tabindex="1" value="<?php echo $username ?>" /></td>
</tr>
<tr>
<td>Password: </td>
<td><input type="password" name="passwd" tabindex="2" /></td>
</tr>
<tr>
<td colspan="2"><div align="center">
<input type="submit" name="login" value="Click To Login" tabindex="3" />
</div></td>
</tr>
</table>
</form>
<?php
}
// End of Check for Login parameter
?>
<!-- Footer section - do not touch -->
<p>
<script language="JavaScript" src="http://my.honeywell.com/inc/footer_url.js";></script>
<script language="JavaScript" src="<? echo $to_root ?>content_owner.js"></script>
</p>
<!-- End of Footer section - do not touch -->
</div>
</body>
</html>
-- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
How do you have "register globals" set, on the machine that works, and on the one that doesn't ? :-)
-- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
