Jump to content


Photo

hiding a backend processing file?


  • Please log in to reply
2 replies to this topic

#1 tomfmason

tomfmason
  • Staff Alumni
  • Advanced Member
  • 1,696 posts
  • Locationstealing your wifi

Posted 05 July 2006 - 10:26 AM

As I have said in previous posts. I am creating a membership system and am wanting to hide the processing file.

Say a user logs in. The login form posts to process.php?action=login. The problem with this is with the way that I have the errors handled  here is an example.

if(!$_SESSION['username']){
	if($error){
		echo $error;
		include("index.php");
	}else{
		echo "You are logged in.";
		include("../account.php");
	  }
    }else{
		echo "<html><head><title>Welcomce Back</title></head>Welcome back ". $_SESSION['username'] .".<a href=index.php>Click here</a> to proceed."; 
	}

I thought, for a brief moment, that a javascript redirect would be best. After some research I know now that is retarded..lol

I want to hide the process.php from the end user. If there is an error the login.php is included with the echoed error and the user sees the process.php in there browser. I would rather redirect them back to the login.php file and use an if statement to print what ever error there may be.

Also, I want to do the same thing with a sucessful login. I want to redirect the user to account.php

At first, I thought using some if statements with header() would be best. This will work fine for the error handling. Here is a brief example

   if ($error=='username') {
   header('Location: http://www.owpt.biz/home/login.php?showerror=username');
} else ($error=='password') {
   header('Location: http://www.owpt.biz/home.login.php?showerror=password');
}
Note untested.

However, after further research it would make it difficult for me to pass session variables this way for a sucessful login. This is what the manual had to say about this issue

Note: Session ID is not passed with Location header even if session.use_trans_sid is enabled. It must by passed manually using SID constant.

Now I am looking for a better way of acheiveing this. Any suggestions would be great.


Traveling East in search of instruction, and West to propagate the knowledge I have had gained.

current projects: pokersource

My Blog | My Pastebin | PHP Validation class | Backtrack linux


#2 heckenschutze

heckenschutze
  • Members
  • PipPipPip
  • Advanced Member
  • 257 posts
  • LocationAustralia

Posted 05 July 2006 - 11:02 AM

whats wrong with posting the SID constant then ?

#3 tomfmason

tomfmason
  • Staff Alumni
  • Advanced Member
  • 1,696 posts
  • Locationstealing your wifi

Posted 05 July 2006 - 11:06 AM

I know nothing about SID constant and the only mention mention that I saw in the manual was the one that I referred to in the post. Could you possibley point me to where I can read more on this.

Traveling East in search of instruction, and West to propagate the knowledge I have had gained.

current projects: pokersource

My Blog | My Pastebin | PHP Validation class | Backtrack linux





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users