damianjames Posted July 15, 2008 Share Posted July 15, 2008 Hi - I've been searching everywhere, including this site, and I can't seem to find an answer to the issue I'm having. I'm using the (somewhat dreaded) Dreamweaver server behavior for logging in a user, and I can't get it to pass a variable with login success, or login failure. I'm trying to set language preference using a variable in the URL, and am setting it in the session (or at least I think I'm setting it) that Dreamweaver is creating to try and propagate it between the pages. No matter what, the variable comes back as null when I authenticate or fail to authenticate on the page. Here is the page that contains the login form: <?php require_once('Connections/COMPANY.php'); require_once('includes/config.php'); ?> <?php if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } ?> <?php // *** Validate request to login to this site. if (!isset($_SESSION)) { session_start(); } $_SESSION['lang'] = $_GET['lang']; $lang = $_SESSION['lang']; $loginFormAction = $_SERVER['PHP_SELF']; if (isset($_GET['accesscheck'])) { $_SESSION['PrevUrl'] = $_GET['accesscheck']; } if (isset($_POST['user'])) { $loginUsername=$_POST['user']; $password=$_POST['password']; $MM_fldUserAuthorization = ""; $MM_redirectLoginSuccess = "/private/materials.php?lang=" . $lang; $MM_redirectLoginFailed = "login.php?" . $lang . "&loginfailed=true"; $MM_redirecttoReferrer = false; mysql_select_db($database_Cuadros, $Cuadros); $LoginRS__query=sprintf("SELECT `user`, password FROM users WHERE `user`=%s AND password=%s", GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); $LoginRS = mysql_query($LoginRS__query, $Cuadros) or die(mysql_error()); $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $loginStrGroup = ""; //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; if (isset($_SESSION['PrevUrl']) && false) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } header("Location: " . $MM_redirectLoginSuccess ); } else { header("Location: ". $MM_redirectLoginFailed ); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title> <?php echo("COMPANY - $logintitle"); ?> </title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <?php require_once("includes/heading.php"); ?> <style type="text/css"> .contact { background:url(<?php echo("images/login_bg_$lang.jpg"); ?>) top left; width:1000px; min-height:520px; } .contact_form { position:absolute; top:200px; left:300px; } </style> <div id="content"> <div id="content_float"> <div class="contact"> <form ACTION="<?php echo $loginFormAction; ?>" method="POST" name="login"> <table class="contact_form"> <tr><td><?php echo $_SESSION['lang']; ?><br /><?php echo $lang ?></td></tr> <tr> <td class="signinlabel"><?php echo $userlabel ?></td><td class="signinlabel"><input type="text" size="30" name="user" /></td> </tr> <tr> <td class="signinlabel"><?php echo $passlabel ?></td><td class="signinlabel"><input type="password" size="30" name="password" /></td> </tr> <tr> <td> </td><td><input type="submit" value="<?php echo $signinlabel ?>" /></td> </tr> <tr> <td> </td><td class="errortext"><?php $loginfailed = $_GET['loginfailed']; if ($loginfailed == "true") { echo ("$failmsg"); } ?> </td> </tr> </table> </form> </div> </div> </div> <div id="footer"> <div class="footer_float"> COPYRIGHT </div> </div> <body> </body> </html> Config.php just sets a default language when there is none, and heading.php sets up the navigation. Within the code, I'm trying to force $lang (the selected language of the user) into the session by: $_SESSION['lang'] = $_GET['lang']; $lang = $_SESSION['lang']; Then I'm displaying it for debugging purposes right now within the visible portion of the page to make sure it's being set in the variable and in the session: <tr><td><?php echo $_SESSION['lang']; ?><br /><?php echo $lang ?></td></tr> These are both reporting correctly, as the URL is login.php?lang=eng and the page when rendered says: eng eng The restricted page is materials.php. Here is the code for that: <?php //initialize the session if (!isset($_SESSION)) { session_start(); } // ** Logout the current user. ** $_SESSION['lang'] = $_GET['lang']; $lang = $_SESSION['lang']; $logoutAction = $_SERVER['PHP_SELF']."?doLogout=true"; if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){ $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){ //to fully log out a visitor we need to clear the session variables $_SESSION['MM_Username'] = NULL; $_SESSION['MM_UserGroup'] = NULL; $_SESSION['PrevUrl'] = NULL; unset($_SESSION['MM_Username']); unset($_SESSION['MM_UserGroup']); unset($_SESSION['PrevUrl']); $logoutGoTo = "../login.php?lang=$lang"; if ($logoutGoTo) { header("Location: $logoutGoTo"); exit; } } ?> <?php if (!isset($_SESSION)) { session_start(); } $MM_authorizedUsers = "user,admin"; $MM_donotCheckaccess = "true"; // *** Restrict Access To Page: Grant or deny access to this page function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { // For security, start by assuming the visitor is NOT authorized. $isValid = False; // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. // Therefore, we know that a user is NOT logged in if that Session variable is blank. if (!empty($UserName)) { // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. // Parse the strings into arrays. $arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); if (in_array($UserName, $arrUsers)) { $isValid = true; } // Or, you may restrict access to only certain users based on their username. if (in_array($UserGroup, $arrGroups)) { $isValid = true; } if (($strUsers == "") && true) { $isValid = true; } } return $isValid; } $MM_restrictGoTo = "../login.php?lang=$lang"; if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_SELF']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) $MM_referrer .= "?" . $QUERY_STRING; $MM_restrictGoTo = $MM_restrictGoTo . $MM_qsChar . "accesscheck=" . urlencode($MM_referrer); $lang = $_GET['lang']; header("Location: ". $MM_restrictGoTo); exit; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <?php switch($lang) { case "eng": $lang = "eng"; break; default: $lang = "esp"; break; } if ( $lang == "eng" ) { include("../languages/eng.php"); } else { include("../languages/esp.php"); } ?> <title> <?php echo("COMPANY - $mattitle"); ?> </title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <?php require_once("../includes/heading.php"); ?> <style type="text/css"> .materials { background:url(<?php echo("/images/materials_bg_$lang.jpg"); ?>) top left; width:1000px; min-height:586px; } </style> <div id="content"> <div id="content_float"> <div class="materials"> <div class="mat_content_left"> <?php echo ("<h2>$mat_content_left_header</h2><p>$mat_content_left_text</p>"); ?> </div> <div id="logout"> <a href="<?php echo $logoutAction ?>" name="logout"><?php echo $logout ?></a> </div> <div class="mat_content_right"> A BUNCH OF LINKS </div> </div> </div> </div> <div id="footer"> <div class="footer_float"> ©2008 COMPANY All Rights Reserved. </div> </div> </body> </html> I am again trying to force the $lang variable into the session, since I'm a bit desperate at this point ??? The logout link actually works properly and maintains the variable setting through the next page. the switch at the top is because includes/config.php doesn't want to work correctly for me, even with "/includes/config.php" but that's ok for now. eng.php and esp.php are the language files. So with all that set, the debug code in to make sure the variables are being set, the best I can get when I submit a form is ?lang= with no value assigned. I'm sure I'm missing something small, and I would appreciate any assistance anyone can lend me! Quote Link to comment https://forums.phpfreaks.com/topic/114928-solved-dreamweaver-login-server-behavior-variable-in-login/ Share on other sites More sharing options...
MadTechie Posted July 15, 2008 Share Posted July 15, 2008 in the isAuthorized function you are using $QUERY_STRING change these to $_SERVER['QUERY_STRING']; that should fix the problem Quote Link to comment https://forums.phpfreaks.com/topic/114928-solved-dreamweaver-login-server-behavior-variable-in-login/#findComment-591085 Share on other sites More sharing options...
damianjames Posted July 15, 2008 Author Share Posted July 15, 2008 Thank you for such a quick response! I tried what you suggest: $MM_restrictGoTo = "../login.php?lang=$lang"; if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_SELF']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0) $MM_referrer .= "?" . $_SERVER['QUERY_STRING']; $MM_restrictGoTo = $MM_restrictGoTo . $MM_qsChar . "accesscheck=" . urlencode($MM_referrer); $lang = $_GET['lang']; header("Location: ". $MM_restrictGoTo); exit; in materials.php and am still receiving the same error. When authenticated, the URL is "/private/materials.php?lang=". When failed, the URL is "/login.php?lang=&loginfailed=true". Any other thoughts? Quote Link to comment https://forums.phpfreaks.com/topic/114928-solved-dreamweaver-login-server-behavior-variable-in-login/#findComment-591106 Share on other sites More sharing options...
MadTechie Posted July 15, 2008 Share Posted July 15, 2008 ahh yes, move $lang = $_GET['lang']; above $MM_restrictGoTo = "../login.php?lang=$lang"; in eth isAuthorized function $lang = $_GET['lang']; //here $MM_restrictGoTo = "../login.php?lang=$lang"; or even //change $MM_restrictGoTo = "../login.php?lang=$lang"; //to $MM_restrictGoTo = "../login.php?lang={$_GET['lang']}"; Quote Link to comment https://forums.phpfreaks.com/topic/114928-solved-dreamweaver-login-server-behavior-variable-in-login/#findComment-591110 Share on other sites More sharing options...
damianjames Posted July 15, 2008 Author Share Posted July 15, 2008 I'm sorry, I must be doing something else incorrectly, because it's doing the same thing. I really appreciate all your help, effort, and patience with me! $MM_restrictGoTo = "../login.php?lang={$_GET['lang']}"; Returns the same result, both in successful and failed auth from login.php. Quote Link to comment https://forums.phpfreaks.com/topic/114928-solved-dreamweaver-login-server-behavior-variable-in-login/#findComment-591119 Share on other sites More sharing options...
MadTechie Posted July 15, 2008 Share Posted July 15, 2008 okay lets try something more debugging based test 1 //change $MM_restrictGoTo = "../login.php?lang={$_GET['lang']}"; //to $MM_restrictGoTo = "../login.php?TEST=1234&lang={$_GET['lang']}"; post the URL assuming that has TEST=1234 in it test 2 //change $MM_restrictGoTo = "../login.php?lang={$_GET['lang']}"; //to $MM_restrictGoTo = "../login.php?TEST=1234&lang={$_GET['lang']}"; echo "Testing:~<pre>"; var_dump($_GET); var_dump($_SESSION); die("KILLED"); post from Testing:~ to KILLED Quote Link to comment https://forums.phpfreaks.com/topic/114928-solved-dreamweaver-login-server-behavior-variable-in-login/#findComment-591122 Share on other sites More sharing options...
damianjames Posted July 15, 2008 Author Share Posted July 15, 2008 ok test 1 - Changed to: $MM_restrictGoTo = "../login.php?TEST=1234&lang={$_GET['lang']}"; Failed URL: /login.php?lang=&loginfailed=true Succeeded URL: /private/materials.php?lang= Test 2 - Changed to: $MM_restrictGoTo = "../login.php?TEST=1234&lang={$_GET['lang']}"; echo "Testing:~<pre>"; var_dump($_GET); var_dump($_SESSION); die("KILLED"); Failed URL: /login.php?lang=&loginfailed=true Succeeded URL: /private/materials.php?lang= Dump: Testing:~ array(1) { ["lang"]=> string(0) "" } array(3) { ["lang"]=> string(0) "" ["MM_Username"]=> string(7) "user123" ["MM_UserGroup"]=> string(0) "" } KILLED Quote Link to comment https://forums.phpfreaks.com/topic/114928-solved-dreamweaver-login-server-behavior-variable-in-login/#findComment-591129 Share on other sites More sharing options...
MadTechie Posted July 15, 2008 Share Posted July 15, 2008 When you go to this page, do you have lang=somthing in ther url ? oow i just spotted something change $loginFormAction = $_SERVER['PHP_SELF']; to $loginFormAction = $_SERVER['PHP_SELF']."?lang=eng"; test then try $loginFormAction = $_SERVER['PHP_SELF']."?lang=$lang"; Quote Link to comment https://forums.phpfreaks.com/topic/114928-solved-dreamweaver-login-server-behavior-variable-in-login/#findComment-591135 Share on other sites More sharing options...
damianjames Posted July 16, 2008 Author Share Posted July 16, 2008 ok... leaving all the other code in place for now that we've changed. changed: loginFormAction = $_SERVER['PHP_SELF'] . "?lang=eng"; Failed URL: /login.php?lang=eng&loginfailed=true Succeeded URL: /private/materials.php?lang=eng Dump: Testing:~ array(1) { ["lang"]=> string(3) "eng" } array(3) { ["lang"]=> string(3) "eng" ["MM_Username"]=> string(7) "user123" ["MM_UserGroup"]=> string(0) "" } KILLED It's in the array now! Test 2 - Changed to: $loginFormAction = $_SERVER['PHP_SELF']."?lang=$lang"; Failed URL: /login.php?lang=eng&loginfailed=true Succeeded URL: /private/materials.php?lang=eng Dump: Testing:~ array(1) { ["lang"]=> string(3) "eng" } array(3) { ["lang"]=> string(3) "eng" ["MM_Username"]=> string(7) "cuadros" ["MM_UserGroup"]=> string(0) "" } KILLED I removed the debug statements and tried it again, and it works! Thank you so much! God bless you sir, have a great evening and thanks again for the help! Quote Link to comment https://forums.phpfreaks.com/topic/114928-solved-dreamweaver-login-server-behavior-variable-in-login/#findComment-591146 Share on other sites More sharing options...
MadTechie Posted July 16, 2008 Share Posted July 16, 2008 Yay.. its getting late and i am drained but wanted to end this thread lol.. can you click the topic solved button please Quote Link to comment https://forums.phpfreaks.com/topic/114928-solved-dreamweaver-login-server-behavior-variable-in-login/#findComment-591148 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.