OK, I just stumbled into this Dreamweaver MX 2004 much touted new 'feature' that doesn't freakin' work!
Here's what I did to make it work:
1) Read the PHP Manual - This was rather painful as I usually only consult the snippets for the php functions, but there are a whole whack of functions for session handling that only apply if register_globals is enabled. After reading through the introduction and examples (at least three times) I finally figured it out. I think. More or less...
2) Change the way variables are stored in the DW pages. Here's your code, with notes and changes:
<?php require_once('Connections/Login.php'); ?>
<?php
// *** Validate request to login to this site.
session_start();
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($accesscheck)) {
// Here's where it starts - GLOBALS aren't enabled! so comment out this line
//$GLOBALS['PrevUrl'] = $accesscheck;
// Likewise, session_register() is not used if register_globals is disabled
//session_register('PrevUrl');
// Gotta replace it with something... Let's use the $_SESSION "superglobal array"!
$_SESSION['PrevUrl'] = $accesscheck;
}
if (isset($_POST['mem_number'])) {
$loginUsername=$_POST['mem_number'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "";
$MM_redirectLoginSuccess = "membersonly2a.php";
$MM_redirectLoginFailed = "membersonly1al.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_Login, $Login);
$LoginRS__query=sprintf("SELECT username, password FROM login WHERE username='%s' AND password='%s'",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));
$LoginRS = mysql_query($LoginRS__query, $Login) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = "";
/* All this cr@p has to be replaced!
//declare two session variables and assign them
$GLOBALS['MM_Username'] = $loginUsername;
$GLOBALS['MM_UserGroup'] = $loginStrGroup;
//register the session variables
session_register("MM_Username");
session_register("MM_UserGroup");
*/
// replace it with the use of $_SESSION vars again
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>
Now the restricted page should work as expected. Here's the section that changes for logout:
<?php
if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){
//to fully log out a visitor we need to clear the session varialbles
// This doesn't work with $_SESSION !!
// session_unregister('MM_Username');
// session_unregister('MM_UserGroup');
// we have to do it another way...
$_SESSION = array();
// I think this does the job as required (it replaces the DW code perfectly)
// but I'm not sure if one should then call session_destroy() or just leave it at that.
// Any thoughts?
$logoutGoTo = "login.php";
if ($logoutGoTo) {
header("Location: $logoutGoTo");
exit;
}
}
?>
That should do it... Like I said, I'm not sure if one should call session_destroy() after destroying the session vars, but I welcome any comments.
I don't think there is anything that needs changing in the other DW PHP behavior "check new login name" but I'll have a look when I get that far.
Miles