Jump to content

PHP program - Works at school but not at home

DensetsuAE86

By DensetsuAE86
in PHP Coding Help

 Share

Recommended Posts

DensetsuAE86 Newbie

DensetsuAE86

Posted
Posted

Hey guys, i'm facing a bit of a problem here. At school I wrote a PHP application for a project and it worked fine on the teachers server. But when I took it home and uploaded it to my web server it does'nt.

 

Basically, this code is at the top of the page

<?php
session_start();
if (!isset($_SESSION['valid_user']))
  {
    header('Location:index.php');
  }
?>

For some reason it doesn't even try to test the "IF" statement, it basically does nothing.  Can you guys help me? Thanks

 

Heres the whole code

<?php
session_start();
if (!isset($_SESSION['valid_user']))
  {
    header('Location:index.php');
  }
?>
<html>
<LINK href="zengarden-sample.css" rel="stylesheet" type="text/css">
<body>
<?php
//$userid = $_GET['userid'];
$userid = $_SESSION['valid_user'];
include "connect.php";	
include "links.php";


$sql = "select * from mail WHERE username='".$userid."' Order By date desc";

$proverbs_query = mysql_query($sql);
if(!$proverbs_query)
{
echo "Query failed";
exit;
}


$html = "<br />";
$html .= "<br />";
$html .= "<center>INBOX</center>";
$html .= "<table border='1' align='center' cellpadding='8'>";
$html .= "<th>Sender</th><th>Subject</th><th>Date</th>";	
while($row = mysql_fetch_assoc($proverbs_query))
{
$html .= "<tr>";
    $html .= "<td>".$row["sender"]."</td>";
$html .= "<td><a href=viewzmail.php?id=".$row['id'].">".$row["subject"]."</td>";
$html .= "<td>".$row["date"]."</td>";

$html .= "</tr>";

}
$html .= "</table>";
echo $html;

mysql_free_result($proverbs_query);
?>

</body>
</html>

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

You need an exit; statement following your header() redirect to prevent the remainder of the code on the page from being execuited while the browser performs the redirect. For the posted code, all a hacker would need to do is ignore the header() redirect and he can still access the content on your page.

 

You also need to be debugging your code on a system with error_reporting set to E_ALL and display_errors set to ON (preferably set in your master php.ini, but alternatevely set immediately after your first opening <?php tag) so that all php detected errors will be displayed. You likely have a problem with your session or with a header being sent.

 

Are you sure the code that is setting the session variable is working?

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.