Search the Community

Hello All I would appreciate any help anyone could give me in solving this issue. I have been using this Login-Redirect script from mpdolan, and it was working perfectly fine. However, my web host has recently just upgraded from php 5.2 to php 5.3 (php 5.3.18 to be exact) and now the redirect function no longer properly works. Unfortunately, the guy who made the script is not responding to any requests for help and has since removed any links to download the script from his site. If you would like the zip file with all the required files I would be happy to upload it to a dropbox or something. Just note, i'm pretty much a noob here. I know just a little bit about this stuff, but not a lot. I've tried everything I can think of to find the problem, but with no reasonable luck. I'll go through what I tried below. Here are parts of the script, let me know if you need more... The html login page references the following php file redirect.php <? //prevents caching header("Expires: Sat, 01 Jan 2000 00:00:00 GMT"); header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT"); header("Cache-Control: post-check=0, pre-check=0",false); session_cache_limiter(); session_start(); //clear session variables session_unset(); //require the functions file require ("config.php"); require ("functions.php"); //check to see if cookies are already set, remember me if ((!$lr_user) || (!$lr_pass)) { $username = $_POST[username]; $password = $_POST[password]; }else{ $username = $lr_user; $password = $lr_pass; } //if username or password is blank, send to errorlogin.html if ((!$username) || (!$password)) { header("Location:$base_dir/errorlogin.html"); exit; } //sets cookies to remember this computer if the user asks to if ($_POST[remember] == "Yes") { setcookie("lr_user", $username, $duration, "/", $domain); setcookie("lr_pass", $password, $duration, "/", $domain); } if ($_POST[activate] == "Yes") { //make the connection to the database $connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error()); $db = @mysql_select_db($db_name,$connection)or die(mysql_error()); //build and issue the query $sql ="UPDATE $table_name SET verified = '1' WHERE username = '$_POST[username]'"; $result = @mysql_query($sql,$connection) or die(mysql_error()); } //sets session variables sess_vars($base_dir, $server, $dbusername, $dbpassword, $db_name, $table_name, $username, $password); //check to see if the user has to change their password if ($_SESSION[pchange] == "1") { $_SESSION[redirect] = "$base_dir/pass_change.html"; } //check to see if the user has activated the account if ($_SESSION[verified] == "0") { $_SESSION[redirect] = "$base_dir/not_activated.html"; } //make the connection to the database $connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error()); $db = @mysql_select_db($db_name,$connection)or die(mysql_error()); //build and issue the query $sql ="SELECT * FROM banned"; $result = @mysql_query($sql,$connection) or die(mysql_error()); while ($sql = mysql_fetch_object($result)) { $banned = $sql -> no_access; if ($username == $banned || $REMOTE_ADDR == $banned) { include ('banned.html'); exit; } } $last_log = last_login(); //updates table with last log as now $sql = "UPDATE $table_name SET last_login = '$last_log' WHERE username = '$_SESSION[user_name]'"; $result = @mysql_query($sql,$connection) or die(mysql_error()); if (($_SESSION[redirect] != "$base_dir/errorlogin.html") && ($log_login == "1")) { include('loglogin.php'); } //redirects the user header("Location:$_SESSION[redirect]"); ?> <head><title>Redirect</title></head> in the redirect file, the following two files are required note: I have replaced any personal info with ***** (5 asterisk) config.php <?php //set up the names of the database and table $db_name ="*****_UsersLogin"; $table_name ="authorize"; //connect to the server and select the database $server = "localhost"; $dbusername = "*****"; $dbpassword = "*****"; //domain information $domain = ".*****.ca"; //Change to "0" to turn off the login log $log_login = "1"; //base_dir is the location of the files, ie http://www.yourdomain/login $base_dir = "http://www.*****.ca/Client"; //length of time the cookie is good for - 7 is the days and 24 is the hours //if you would like the time to be short, say 1 hour, change to 60*60*1 $duration = time()+(60*60*24*30); //the site administrator\'s email address $adminemail = "*****@gmail.com"; //sets the time to EST $zone=3600*-5; //do you want the verify the new user through email if the user registers themselves? //yes = "0" : no = "1" $verify = "0"; //default redirect, this is the URL that all self-registered users will be redirected to $default_url = "http://www.*****.ca"; //minimum and maximum password lengths $min_pass = 4; $max_pass = 20; $num_groups = 0+2; $group_array = array("Users","Administrators"); ?> functions.php <?php //function to get the date function last_login() { $date = gmdate("Y-m-d"); return $date; } //function that sets the session variable function sess_vars($base_dir, $server, $dbusername, $dbpassword, $db_name, $table_name, $user, $pass) { //make connection to dbase $connection = @mysql_connect($server, $dbusername, $dbpassword) or die(mysql_error()); $db = @mysql_select_db($db_name,$connection) or die(mysql_error()); $sql = "SELECT * FROM $table_name WHERE username = '$user' and password = password('$pass')"; $result = @mysql_query($sql, $connection) or die(mysql_error()); //get the number of rows in the result set $num = mysql_num_rows($result); //set session variables if there is a match if ($num != 0) { while ($sql = mysql_fetch_object($result)) { $_SESSION[first_name] = $sql -> firstname; $_SESSION[last_name] = $sql -> lastname; $_SESSION[user_name] = $sql -> username; $_SESSION[password] = $sql -> password; $_SESSION[group1] = $sql -> group1; $_SESSION[group2] = $sql -> group2; $_SESSION[group3] = $sql -> group3; $_SESSION[pchange] = $sql -> pchange; $_SESSION[email] = $sql -> email; $_SESSION[redirect] = $sql -> redirect; $_SESSION[verified] = $sql -> verified; $_SESSION[last_login] = $sql -> last_login; } }else{ $_SESSION[redirect] = "$base_dir/errorlogin.html"; } } //functions that will determine if access is allowed function allow_access($group) { if ($_SESSION[group1] == "$group" || $_SESSION[group2] == "$group" || $_SESSION[group3] == "$group" || $_SESSION[group1] == "Administrators" || $_SESSION[group2] == "Administrators" || $_SESSION[group3] == "Administrators" || $_SESSION[user_name] == "$group") { $allowed = "yes"; }else{ $allowed = "no"; } return $allowed; } //function to check the length of the requested password function password_check($min_pass, $max_pass, $pass) { $valid = "yes"; if ($min_pass > strlen($pass) || $max_pass < strlen($pass)) { $valid = "no"; } return $valid; } ?> For the redirected link to be secure and only someone who has logged in with the proper credentials can see it, I am required to put the following php code on the redirected page <?php //prevents caching header("Expires: Sat, 01 Jan 2000 00:00:00 GMT"); header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT"); header("Cache-Control: post-check=0, pre-check=0",false); session_cache_limiter(); session_start(); //this should the the absolute path to the config.php file //(ie /home/website/yourdomain/login/config.php or //the location in relationship to the page being protected - ie ../login/config.php ) require('/home/*****/public_html/Client/config.php'); //this should the the absolute path to the functions.php file - see the instrcutions for config.php above require('/home/*****/public_html/Client/functions.php'); //this is group name or username of the group or person that you wish to allow access to // - please be advise that the Administrators Groups has access to all pages. if (allow_access(Users) != "yes") { //this should the the absolute path to the no_access.html file - see above include ('/home/*****/public_html/Client/no_access.html'); exit; } ?> So.. before the update to php 5.3 this code worked flawlessly. Clients would login with their username and password on my site, and it would redirect them to the php page with their content that included the code above. Now after the update what happens is, even after using a correct username/password combination the no_access.html (see below) page is displayed instead, but the link displayed in the browser IS the correct redirected link! What's also strange is, if you then try to login again since this page has the form to do so, you get a 404 error because it is trying to find the redirect.php file in the redirected link instead of the website.ca/Client/ dir it is actually in. So, I tried to put a copy of the redirect.php, config.php, functions.php and a few others in the redirected link directory just for kicks, and tried again and it works! The problem is, the client basically has to login twice.. the first time always fails, but sends them to the redirected link, then when they try again IF I also put those files into their directory then it will work on this second try. So, I am at a loss as to what is going on here, and would appreciate any help on getting this up and running properly again on php 5.3 Many thanks! no_access.html <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <title>NO ACCESS ALLOWED</title> </head> <body> <b><font size="6">Access Denied!!!</font></b><p>Please login with proper credentials:</p> <FORM METHOD="POST" ACTION="redirect.php"> <P><font face="Verdana" size="2" color="#2852A8"><STRONG>Username:</STRONG><BR> </font><font color="#2852A8" face="Verdana"> <INPUT TYPE="text" NAME="username" SIZE=25 MAXLENGTH=25></font></p> <P><font face="Verdana" size="2" color="#2852A8"><STRONG>Password:</STRONG><BR> </font><font color="#2852A8" face="Verdana"> <INPUT TYPE="password" NAME="password" SIZE=25 MAXLENGTH=25></font></p> <P><font face="Verdana"><font color="#2852A8"> <input type="checkbox" name="remember" value="Yes"></font><font size="2" color="#2852A8">Remember me from this computer</font></font></p> <P><font color="#2852A8"> <INPUT TYPE="submit" NAME="submit" VALUE="Login" style="font-family: Verdana"></font></P> </FORM> <p> </p> </body> </html>

I am change the PHP 5.2 to PHP 5.3 and trying to use preg_match replace ereg_replace. But I keep getting the error Warning: preg_replace() [function.preg-replace]: No ending delimiter '_' in code function Relink($linkstrip) { $linkstrip = ereg_replace('_+', '-', str_replace(array(' ', '!', '@', '#', '$', '%', '^', '&', '*', '(', ')', '-', '+', '|', '\\', '\'', '"', '[', ']', '{', '}', ':', ';', '.', ',', '/', '?', '', '<', '>'), '_', trim(ereg_replace('[[:space:]]+', ' ', trim($linkstrip))))); Can anyone please help me? Thank you Best Regards, Pom