PHP Login form with session

[crims0nluv]

Hi all,

 

I have this login form , but it relies on session which gives me the error

Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled

 

How can I modify my script so that this error will not appear? I do not want to set the register_globals enabled. Please help. Thanks!

 

<? if($_POST['sublogin']) {

$login_error=array();

session_register("login_error");

$flag=0;

/* Checks that username is in database and password is correct */

    $md5pass = md5($_POST['pass']);

    $result = confirmUser($_POST['email'], $md5pass);

/* Check error codes */

  if($result == 1){

  $flag=1;

   

      array_push($login_error, 'Email address doesn\'t exist.');

  }

  else if($result == 2){

  $flag=1;

array_push($login_error, 'Incorrect password, please try again.');

}

if($flag==0) {

session_unregister('login_error');

            /* Username and password correct, register session variables */

  $_POST['email'] = stripslashes($_POST['email']);

$_SESSION['username'] = $_POST['email'];

$_SESSION['password'] = $md5pass;

if(isset($_POST['remember'])){

setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");

  setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");

  setcookie("cookid", $_SESSION['userid'], time()+60*60*24*100, "/");

}

echo "<meta http-equiv=\"Refresh\" content=\"0;url=index.php\">";

return; } }

?>

<?php if(!$username) { ?>

 

<form name="login" action="<? $PHP_SELF ?>" method="post">

<input type="hidden" value="sublogin" name="sublogin">

<b>LOGIN</b> <br><br>

<?php  if($flag==1) {

foreach($_SESSION['login_error'] as $error) {

                      echo "<font color='#FF0000'>".$error."</font>"; }

echo "<br><br>";

}

?>

<table>

<tr><td>EMAIL ADDRESS :</td><td><input type="text" name="email"></td></tr>

<tr><td>PASSWORD: </td><td><input type="password" name="pass"></td></tr>

            <tr><td colspan="2"><a href="forgot-password.php">FORGOT PASSWORD</a></td></tr>

<tr><td colspan="2"><input type="checkbox" name="remember" >REMEMBER ME </td></tr> </table>

         

[hitman6003]

Don't use session_register...

 

http://www.php.net/session_register:

 

If you want your script to work regardless of register_globals, you need to instead use the $_SESSION array as $_SESSION entries are automatically registered. If your script uses session_register(), it will not work in environments where the PHP directive register_globals is disabled.