enter-music Posted May 6, 2010 Share Posted May 6, 2010 Hi, I have a simple login script using php and mysql. Registering, logging in, and viewing pages where you have to be logged in all works as it should, the problem comes when trying to access a page in a different directory. For example, www.blaa.com/page01.php is a secure page (user must be logged in), www.blaa.com/page02.php is also a secure page - everything works fine and session data is available on both pages with no user authentication errors. If i moved page02.php to blaa.com/folder/page02.php and updated all links to the new locations, it redirects to my "access denied" page, but with page02.php displayed underneath, if the user is logged in (which they are) the "access denied" page should not be displayed at all, and if the user is not logged in page02.php should not be displayed underneath the access denied page. Ive read through some stuff about php.ini but im not too sure what to actually do or if php.ini will help solve the problem. Any ideas anyone? heres some code: This is my auth page, its required at the start of every page where a user has to be logged in <?php //Start session session_start(); //Check whether the session variable SESS_MEMBER_ID is present or not if(!isset($_SESSION['SESS_MEMBER_ID']) || (trim($_SESSION['SESS_MEMBER_ID']) == '')) { header("location: http://www.my_site.com/access-denied.php"); exit(); } ?> This is a page outside my main directory where i want to be able to view only when a user is logged in <?php require_once('http://www.my_site.com/auth.php'); ?> <html> <head> ... ... ... Im guessing it has something to do with these pages but I literally have no idea whats going on so any help will be much appreciated! Thanks Oh by the way, to get to www.my_site.com/folder/page02.php there is a link on the page www.my_site.com/page01.php - the code is as follows: <a href="http://www.my_site.com/profile">page02</a> Page01.php also has... <?php require_once('auth.php'); ?> ...at the top and it works as it should (if you need to know any more info just let me know!) Quote Link to comment Share on other sites More sharing options...
litebearer Posted May 6, 2010 Share Posted May 6, 2010 Similar threads have indicated that www.site.com and site.com may contibute to that problem Quote Link to comment Share on other sites More sharing options...
xeross Posted May 6, 2010 Share Posted May 6, 2010 Also if the following is actual code it would also be part of your problem <?php require_once('http://www.my_site.com/auth.php'); ?> And yes the www problem might also be a valid one, make sure to check your urls. Quote Link to comment Share on other sites More sharing options...
enter-music Posted May 7, 2010 Author Share Posted May 7, 2010 aah thanks i will try that and let you know how it goes! Cheers everyone! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.