[SOLVED] login works for firefox but not internet explorer

[silverglade]

hi my form login works for firefox but brings me back to the login page in internet explorer, any help greatly appreciated. thanks. derek.

when i try to login, it brings back the echo of "naughty naughty" so hack is being set to Y for some reason.

 

 

here is the login script

 

<?php
include("connect1.php");

session_start();  
$u = $_POST['username'];
$p = $_POST['password'];  
$logoff = $_GET['logoff']; 
$hack = $_GET['hack'];  


  



if($logoff){

    
   unset($_SESSION['userid']);
   
    

   $message = "You have been logged off";  

    
     

         }

  
if($hack){    

   $message = "Naughty Naughty!  "; // COOL

    }


// escape username and password for use in SQL//person said on board "looks fine" like this
//to prevent sql injections
$u = mysql_real_escape_string($u);
$p = mysql_real_escape_string($p);


// if fields username and password have contents, then...
if(isset($u) && isset($p) && !empty($u) && !empty($p)){ ///changed from if ($u && $p)
   
   $query = mysql_query("SELECT * FROM table2 WHERE username = '$u' AND password = '$p'");

   $result = mysql_fetch_array($query);  
                                       
                                            
   if($result['username']){ // if username is set, go on...username is a key for $result, and a field in the table.
      
      $message = "You have been logged in";
       
      
      $_SESSION['userid'] = $result['username'];
   
      header("Location:old.mainsite.php"); // this will redirect them to the application.php page. and exit the script here.
      exit;
   
   
   }else{
      
      $message = "You do not exist on the system";
      
   }
   
   

}
?>
<?php
//IP BANNING CODE START HERE
$s=$_SERVER["REMOTE_ADDR"];
//draws IP address of visitor
$ipbancheck="SELECT * from banip where IP='$s'";
$ipbancheck2=mysql_query($ipbancheck);
while($ipbancheck3=mysql_fetch_array($ipbancheck2))
{
$IPBANNED=$ipbancheck3[iP];
}
//above lines check to see if user Ip is in banned IPs
if ($IPBANNED)
{
header('Location: http://derekvanderven.com/hacker.html');
//print "You have been banned ";

}
else
{

}
?>

 

here is the "bouncer " code i use to redirect unauthorized people from pages

 

<?php

session_start();// this is a session start declaration call. to let us know we are using sessions on this page.
                  // when you create a session you create an actual file on server that it writes to.

if(!isset($_SESSION["userid"])){ // why would they be on this page if session is not set!!!! this code is a bouncer..a cop.

header("Location:index.php?hack=y"); // if it hasnt been set and they are on this page, hack=y and redirect them back with the naught naughty message.


exit;
}

?>

 

and here is the code to the page im trying to get to

 

<?php
include("connect1.php");
include("bouncer.php"); // kicks the person off if session is not set, its the bouncer, big and fat man. ooooh.






?>

 

thanks. derek

[cags]

Is your page ran in a frame? Frame forwarding on the URL included?

[silverglade]

no my page isnt run in a frame. also , here is the form code for the login. maybe thats the problem.

 

<form id="form1" name="form1" method="post" action="">
  <p> </p>
  <table width="200" border="1" align="center">
    <tr>
      <td><span class="style2">Login to the secret pages</span></td>
    </tr>
    <tr>
      <td><label for="username"> User name </label>
      <input type="text" name="username" id="username" /></td>
    </tr>
    <tr>
      <td><label for="password"> Password </label>
      <input type="text" name="password" id="password" /></td>
    </tr>
    <tr>
      <td height="44"><input type="submit" name="submit" id="submit" value="Submit" /></td>
    </tr>
  </table>
</form>

[cags]

In bouncer.php place the following code directly below session_start() and see what you get in both browsers.

 

echo '<pre>';
print_r($_SESSION);
echo '</pre>';
exit;

 

Edit: I meant see what you get when logged in (obviously).

[mrMarcus]

Is your page ran in a frame? Frame forwarding on the URL included?

haha, quick flashback to a couple weeks ago, eh?

[cags]

Is your page ran in a frame? Frame forwarding on the URL included?

haha, quick flashback to a couple weeks ago, eh?

 

Yer, lol, it sounded like the exact problem I had.

[silverglade]

thanks for helping, here is what i got in firefox for that output.

 

Array
(
    [loginHASH] => d3c4b380bc4993123d8da7b41e278bde
    [userid] => brendansite2
)

 

firefox is the login that works.

 

and here is the output i got in internet explorer

 

Array
(
)

[cags]

Sessions aren't working on Internet Explorer, which is most likely a security issue todo with the cookie on the client end. Do your security settings have cookies disabled? If not, then it does sound like the same problem I had which was todo with my URL forwarding in FRAME mode. Internet Explorer neglected to accept cookies from sites ran inside a frame.

[silverglade]

HAHAHAHAA cags you are a GENIUS mwahahaha. it WORKS now. GOD, i was messing with that for an hour and a half on my own. i just reset my internet explorer settings and it worked like magic. sweett. thank you so much!!!! now i can relax. one thing i learned about writing code tonight is, BE CAREFUL adding new functionality to already working code, and 2, if it aint broke, dont fix it. LMAO.

[MadTechie]

Clear cache cookies etc

 

http://www.phpfreaks.com/forums/index.php?topic=244252.0

 

EDIT: a little slow!!