Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

MySQL login issue

  • 03-09-2010 11:26am
    #1
    Registered Users, Registered Users 2 Posts: 7,838 ✭✭✭


    I'm trying to make a login script appear on every page of my site like it is here on boards. I've used include and it all works fine except when I try to use an else statement for when the user logs in.

    [PHP]<?php if (!isset($_SESSION)) { echo "
    <form id='login' name='login' method='post' action='<?php echo $loginFormAction; ?>'>
    Username:
    <label>
    <input type='text' name='username' id='username' />
    <br />
    Password:
    <input type='password' name='pwd' id='pwd' />
    <br />
    <input type='button' name='signup' id='signup' value='Sign Up!' onClick='parent.location=\"fsiregister_users.php\"' />
    <input type='submit' name='doLogin' id='doLogin' value='Login' />
    </label>
    </form>";
    } else {
    echo "Welcome, " . $_SESSION; } ?> [/PHP]

    I get an error message when I click login using this code
    Forbidden

    You don't have permission to access /blah-blah.com/< on this server.

    When I remove the conditional statement completely it works. Is there something obvious I'm missing?


Comments

  • Moderators, Politics Moderators Posts: 41,235 Mod ✭✭✭✭Seth Brundle


    The issue isn't with MySQL though but with your PHP code & server.
    What happens when you try something like:
    [php]<?php if (!isset($_SESSION)) { echo "Hello World";
    } else {
    echo "Welcome, " . $_SESSION; } ?> [/php]

    Can you get the Session username printing at all?
    Are any PHP session variables working?
    See http://www.computing.net/answers/webdevel/php-sessions-not-working/571.html


  • Registered Users, Registered Users 2 Posts: 7,838 ✭✭✭Nulty


    Thanks kbannon

    It outputs "Hello World".

    The problem only presents itself when clicking the "login" button, not when the page loads.

    If I remove the the conditional statement on a page "a", login on that page and then navigate to page "b" which has the original script on it, it outputs the else condition "Welcome, Username" fine.

    Page a would just have this on it

    [HTML]<form id='login' name='login' method='post' action='<?php echo $loginFormAction; ?>'>
    Username:
    <label>
    <input type='text' name='username' id='username' />
    <br />
    Password:
    <input type='password' name='pwd' id='pwd' />
    <br />
    <input type='button' name='signup' id='signup' value='Sign Up!' onClick='parent.location=\"fsiregister_users.php\"' />
    <input type='submit' name='doLogin' id='doLogin' value='Login' />
    </label>
    </form>[/HTML]


  • Moderators, Politics Moderators Posts: 41,235 Mod ✭✭✭✭Seth Brundle


    FYI I edited my post above as you were posting


  • Registered Users, Registered Users 2 Posts: 7,838 ✭✭✭Nulty


    Yeah the SESSION variable are working fine, just not in this particular case


  • Moderators, Politics Moderators Posts: 41,235 Mod ✭✭✭✭Seth Brundle


    If you look at the source code of the generated page, where is the form's action attribute pointing to?
    If I remove the the conditional statement on a page "a", login on that page and then navigate to page "b" which has the original script on it, it outputs the else condition "Welcome, Username" fine.

    Page a would just have this on it
    Have a look at http://www.html-form-guide.com/php-form/php-login-form.html


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 7,838 ✭✭✭Nulty


    Its almost as if the server doesn't like the access of the database through a php script. If I remove the else part of the if statement, I get the same message. The problem is in wrapping the login html and probably the action='<?php echo $loginFormAction; ?>' in a php script.


  • Moderators, Politics Moderators Posts: 41,235 Mod ✭✭✭✭Seth Brundle


    your database isn't being accessed by that particular script.
    If you look at the source code of the generated page, where is the form's action attribute pointing to?

    if you try this also what is the result (both in the generated HTML and the effect:
    [php]<?php if (!isset($_SESSION)) { echo "
    <form id='login' name='login' method='post' action='" . $loginFormAction . "'>
    Username:
    <label>
    <input type='text' name='username' id='username' />
    <br />
    Password:
    <input type='password' name='pwd' id='pwd' />
    <br />
    <input type='button' name='signup' id='signup' value='Sign Up!' onClick='parent.location=\"fsiregister_users.php\"' />
    <input type='submit' name='doLogin' id='doLogin' value='Login' />
    </label>
    </form>";
    } else {
    echo "Welcome, " . $_SESSION; } ?> [/php]


  • Registered Users, Registered Users 2 Posts: 7,838 ✭✭✭Nulty


    [PHP]$loginFormAction = $_SERVER;[/PHP]

    then i call an include that refers to the entire login script


  • Moderators, Politics Moderators Posts: 41,235 Mod ✭✭✭✭Seth Brundle


    Whats the form action in the HTML?


  • Registered Users, Registered Users 2 Posts: 7,838 ✭✭✭Nulty


    Perfect kbannon! thanks.

    the concatanation worked. I knew there was something fishy about echoing the php action attribute.

    Thanks a million


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 7,838 ✭✭✭Nulty


    kbannon wrote: »
    Whats the form action in the HTML?

    Its a bit redundant now that the problem is solved but, I don't understand what your asking there.


  • Moderators, Politics Moderators Posts: 41,235 Mod ✭✭✭✭Seth Brundle


    You're welcome.
    Stick the cheque in the post please!


  • Moderators, Politics Moderators Posts: 41,235 Mod ✭✭✭✭Seth Brundle


    Nulty wrote: »
    Its a bit redundant now that the problem is solved but, I don't understand what your asking there.
    I was trying to find out what the parsed PHP code was returning in the HTML served to the browser (view the served page source code in your browser [in Internet Explorer press Alt & V and then C])


  • Registered Users, Registered Users 2 Posts: 7,838 ✭✭✭Nulty


    It returns
    <form id='login' name='login' method='post' action='/blah-blah.com/index.php'>
    

    strangely enough.


  • Moderators, Politics Moderators Posts: 41,235 Mod ✭✭✭✭Seth Brundle


    But earlier I'd say that the HTML was more like
    action='<?php echo $loginFormAction; ?>'>
    i.e. not parsed!


  • Registered Users, Registered Users 2 Posts: 7,838 ✭✭✭Nulty


    Yeah thats exactly how it was happening before.

    I'm getting a better understanding of it all now.

    I couldn't use the $_POST variable on any other page the login script is used on or else it may be used to log someone in instead of another imagianary reason I might want to use it.
    if (isset($_POST['username'])) {
      $loginUsername=$_POST['username'];
      $password=$_POST['pwd'];
    


    I'm guessing - I $_POST the username and pwd through $loginformaction, which equals PHP_SELF, which searches the script on the current page for refence to the $_POST variables and the script starts working.

    Thanks again kbannon.


Advertisement