my login session not working on web host

[misheck]

I have a login that has been working well on my test machine but now I have uploaded my site onto bluehost but its not working. Here is a copy of the php files

<?php
/* Created by Adam Khoury @ www.developphp.com */

$error_msg = "";
if ($_POST['username']) {

$username = $_POST['username'];
$password = $_POST['password'];
// Simple hard coded values for the correct username and password
$admin = "myname";
    $adminpass = "mypassword";
    // connect to mysql here if you store admin username and password in your database
    // This would be the prefered method of storing the values instead of hard coding them here into the script
    if (($username != $admin) || ($password != $adminpass)) {
	$error_msg = ': <font color="#FF0000">Your login information is incorrect</font>';
} else {
	session_register('admin');
        $_SESSION['admin'] = $username;
	require_once "index.php";
	exit();
}

}// close if post username

?>
<?php include('../includes/header.php');?>

<?php
if ($_SESSION['admin'] != "myname") {
    echo '<h3>Only the administrator can view this directory</h3><br />

<table width="340" border="0">
<form action="admin_check.php" method="post" target="_self">
  <tr>
    <td colspan="2">Please Log In Here' . $error_msg . '</td>
  </tr>
  <tr>
    <td width="96">Username:</td>
    <td width="234"><input type="text" name="username" id="username" style="width:98%" /></td>
  </tr>
  <tr>
    <td>Password:</td>
    <td><input type="password" name="password" id="password" style="width:98%" /></td>
  </tr>
  <tr>
    <td colspan="2" align="center"><input type="submit" name="button" id="button" value="Log In Now" /></td>
  </tr>
</form> 
</table>
<br />
<br />
<br />

<a href="../index.php">Or click here to head back to the homepage</a>';
exit();
}
?>
<?php include('../includes/footer.php'); ?>

 

here is the create_page.php for creating the a new webpage when I try to access it it just refers me back to the the admin_check.php

<?
// You may copy this PHP section to the top of file which needs to access after login.
session_start(); // Use session variable on this page. This function must put on the top of page.
if(!session_is_registered("admin")){ // if session variable "username" does not exist.
header("location:index.php"); // Re-direct to index.php
}
?>
<?php include('../includes/header.php');?>
<script type="text/javascript" src="formfieldlimiter.js">

/***********************************************
* Form field Limiter v2.0- © Dynamic Drive DHTML code library (www.dynamicdrive.com)
* This notice MUST stay intact for legal use
* Visit Project Page at http://www.dynamicdrive.com for full source code
***********************************************/

</script>

<script type="text/javascript">

function validate_form ( ) { 
    valid = true;
    if ( document.form.heading.value == "" ) { 
alert ( "Please enter the heading." ); 
valid = false;
} else if ( document.form.description.value == "" ) { 
alert ( "Please enter description for the story." ); 
valid = false;
} else if ( document.form.pagebody.value == "" ) { 
alert ( "Please enter some info into the page body." ); 
valid = false;
}
return valid;
}
</script>
<script language="JavaScript" type="text/javascript" src="scripts/wysiwyg.js"></script> 
<script language="JavaScript" type="text/javascript" src="scripts/wysiwyg-settings.js"></script> 
<script language="javascript1.2">
   // attach the editor to all textareas of your page.
   //WYSIWYG.attach('all'); 
   
   // attach the editor to the textarea with the identifier 'textarea1'.
   WYSIWYG.attach('pagebody');
</script> 

<table width="100%" border="0" cellpadding="8">
<form id="form" name="form" method="post" action="page_new_parse.php" onsubmit="return validate_form ( );">
  <tr>
    <td><h3>Creating a New Page  •   <a href="index.php">Admin Home</a>   •  <a href="../" target="_blank">View Live Website</a></h3></td>
  </tr>
  <tr>
    <td>Be sure to fill in all fields, they are all required.<br /></td>
  </tr>
  <tr>
    <td>
    <fieldset>
    
<table width="100%" border="0" cellpadding="5">
    <form id="form" name="form" method="post" action="page_new_parse.php" onsubmit="return validate_form ( );">
  <tr>
  		<td align="right">Heading:</td>
  		<td><input type="text" id="heading" name="heading" /></td>  		
  </tr>
  <tr>
  		<td align="right">Short Description :</td>
  		<td><textarea type="text" name="description" style="width:300px" id="description" rows="8"></textarea>
<div id="description-status"></div></td>  		
  </tr>
  <tr>
  		<td align="right">Category:</td>
  		<td><select id="category" name="category">	<option>News</option>
							  					<option>Politics</option>
							  					<option>Entertainment</option>
							  					<option>Sports</option>
							  					<option>Health</option>
							  					<option>Religion</option>
			</select>
	  </td>  		
  </tr>
  <tr>
  		<td align="right">Country:</td>
  		<td><select id="country" name="country"><option>Zimbabwe</option>
  					<option>Kenya</option>
  					<option>Ghana</option>
  					<option>Nigeria</option>
  					<option>Zambia</option>
  					<option>Gambia</option>
  					<option>South Africa</option>
			</select>
	  </td>  		
  </tr>
   <tr>
  		<td align="right">News :</td>
  		<td><textarea id="pagebody" name="pagebody" rows="20" style="width:500px" ></textarea></td>  		
  </tr>
   <tr>
  		<td align="right">keywords:</td>
  		<td><input type="text" id="keywords" name="keywords" /></td>  		
  </tr>
  <tr><td colspan="2"><center><input type="submit" value="Add News"/></center></td></tr>
  
  </form>
</table>
</fieldset>
    
    </td>
  </tr>
  </form>
  
</table>
<!--
<form name="sampleform"">

<input type="text" name="george" style="width:250px" />
<div id="george-status"></div>

</form>
-->

<script type="text/javascript">

fieldlimiter.setup({
thefield: document.form.description, //reference to form field
maxlength: 160,
statusids: ["description-status"], //id(s) of divs to output characters limit in the form [id1, id2, etc]. If non, set to empty array [].
onkeypress:function(maxlength, curlength){ //onkeypress event handler
    //define custom event actions here if desired
}
})

</script>
<?php include('../includes/footer.php');?>

[premiso]

session_register has been depreciated. You should assign values using $_SESSION['key'] = 'value'.

 

Also I do not see you calling session_start at the top of the script(s). As without calling that no session should work.

[misheck]

I have tried changing the session_register() to session_start() but I am still being redirected back to my admin check. I think the problem might be elsewhere not the files I have posted because I proceed to the next page where the create_php is which I should not be able to access if the admin check is not correct.  The $_SESSION['key'] = 'value' is it not the same as I have done here session_register('admin');        $_SESSION['admin'] = $username;. Also how come session_register is working on PHP Version 5.2.5 but not on PHP Version 5.2.11, because the PHP Version 5.2.5 is whats working on my laptop and the other on the host server.

[trq]

Do you have register_globals enabled? session_register() will not work with register_globals disabled and register_globals should never be enabled or relied upon.

[PFMaBiSmAd]

I have tried changing the session_register() to session_start()

No one said to do that, it has no meaning.

 

Also how come session_register is working on PHP Version 5.2.5

Because who ever configured that system did not follow recommend php.ini settings. register_globals were turned off by default in April of the year 2002.

[misheck]

I have checked both php.ini files and in both of them the register_globals turned off.

[PFMaBiSmAd]

What are the actual settings shown in a phpinfo(); output? Most of the xAMP packages cause a different php.ini to be used than the one you think.

[misheck]

Thanks for the help. I have changed the top section of the create_page.php from if(!session_is_registered('admin')) to if(!session_name('admin')) and that has solved my problem. I am not using an Xamp or a AMP package on localhost but I am not sure about the host server. I guess I need to study more on sessions.

[trq]

Thanks for the help. I have changed the top section of the create_page.php from if(!session_is_registered('admin')) to if(!session_name('admin')) and that has solved my problem. I am not using an Xamp or a AMP package on localhost but I am not sure about the host server. I guess I need to study more on sessions.

 

Sorry but that makes little sense. If you want to check whether or not a key exists within the session array use....

 

if (isset($_SESSION['admin'])) {

 

session_name gets or sets the name of the current session and is not at all related to the data that exists within the $_SESSION array. Calling if (session_name('admin')) will always return true, even if $_SESSION['admin'] does not exist.

[PFMaBiSmAd]

Did you even bother doing this -

What are the actual settings shown in a phpinfo(); output?

[PFMaBiSmAd]

Just an FYI, session_register() does actually do something when register_globals are OFF (php.net really really screwed up when they did not correct and then permanently disable all the behind the scenes code when register_globals are off.) It causes the normal variable that is being registered to take priority over any $_SESSION variable by the same name and the value from the normal variable is written to the session data file when the script ends, but it does not update the $_SESSION variable by the same name within the script.

[misheck]

I had already checked the register globals on both server and also the session handlers using phpinfo() and they both seem the same. The only difference I have on the servers is the version of php.

 

The method I had tried for session_name will always result to a true value as mentioned so I will try the isset. I am at work now so will only try in 8 hrs.

 

Please note that I have already used the phpinfo and know that the register globals are turned off on both servers.

[misheck]

I have tried everything I can to set the session but I just cant seem to be getting anywhere so what can you suggest I put here

if (($username != $admin) || ($password != $adminpass)) {
	$error_msg = ': <font color="#FF0000">Your login information is incorrect</font>';
} else {
	session_register('admin');
        $_SESSION['admin'] = $username;
	require_once "index.php";
	exit();

because I have tried everything. I have added the session_start() at the top of the script. I have also tried to remove the session_register('admin'); My version of php that is giving problems is PHP Version 5.2.9-1.

[trq]

You need to remove the session_register() then explain your current problem.

[misheck]

I have removed the session_register(), I had tried that before but that didnt solve the problem the only thing I didnt do was try the site in any other browser now that I have tried it in firefox and flock its working but it is still not working on IE8. I have tried turning errors on but still thats not showing any errors. I have also tried to check for errors in firefox but there is nothing showing.

[trq]

You still haven't really described your actual problem. Simply stating session don't work isn't really helpful. What happens when you attempt a login?

[misheck]

I am not able to login into my site in IE8 its just redirecting back to the login page even though I have entered the correct details and I have set a session. It works Ok in Firefox. I have put a redirect in php on the script to redirect the user back to the login page if there is an error but its seems like in IE its just redirecting irregardless of the session is set or not.

[trq]

Can we see the (current) code in question?