Jump to content

Recommended Posts

Well, my login works on Firefox, but not on IE, Safari, Opera, or Chrome.

 

I have my session start:

      function startSession()
      {
          session_start();
          
          $this->logged_in = $this->checkLogin();
          
          if (!$this->logged_in) {
              $this->username = $_SESSION['username'] = "Guest";
              $this->userlevel = 0;
              User::addActiveGuest($_SERVER['REMOTE_ADDR'], $this->time);
          } else {
              User::addActiveUser($this->username, $this->time);
          }
          
          User::removeInactiveUsers();
          User::removeInactiveGuests();
      }

 

Check Login:

      function checkLogin()
      {
          if (isset($_COOKIE['SITE_COOKIE']) && isset($_COOKIE['SITE_COOKIE_ID'])) {
              $this->username = $_SESSION['username'] = $_COOKIE['SITE_COOKIE'];
              $this->cookie_id = $_SESSION['cookie_id'] = $_COOKIE['SITE_COOKIE_ID'];
          }
          
          if (isset($_SESSION['username']) && isset($_SESSION['cookie_id']) && $_SESSION['username'] != "Guest") {
              if (User::confirmUserID($_SESSION['username'], $_SESSION['cookie_id']) != 0) {
                  unset($_SESSION['username']);
                  unset($_SESSION['cookie_id']);
                  return false;
              }
              
              $this->userinfo = User::getUserInfo($_SESSION['username']);
              $this->username = $this->userinfo['username'];
              $this->cookie_id = $this->userinfo['cookie_id'];
              $this->userlevel = $this->userinfo['userlevel'];
              return true;
          } else {
              return false;
          }
      }

 

Login:

      function login($uname, $upass, $uremember)
      {
          global $msgError;
          if (!$uname || strlen($uname = trim($uname)) == 0) {
              $msgError = "<span>Error!</span>Please enter valid username and password.";
          }
          
          if (!$upass) {
              $msgError = "<span>Error!</span>Please enter valid username and password.";
          }
          
          $uname = $this->sanitize($uname);
	  $upass = $this->sanitize($upass);
          $result = User::confirmUserPass($uname, $upass);
          
          
          if ($result == 0) {
              $msgError = "<span>Error!</span>Please enter valid username and password.";
          } elseif ($result == 2) {
              $msgError = "<span>Error!</span>Please enter valid username and password.";
          } elseif ($result == 3) {
              $msgError = "<span>Error!</span>Your user account has not been activated yet!";
          }
          
          if (empty($msgError)) {
		  $this->userinfo = User::getUserInfo($uname);
		  $this->id = $_SESSION['id'] = $this->userinfo['id'];
		  $this->username = $_SESSION['username'] = $this->userinfo['username'];
		  $this->cookie_id = $_SESSION['cookie_id'] = $this->generateRandID();
		  $this->userlevel = $this->userinfo['userlevel'];
              
		  User::updateUserField($this->username, "timestamp", $this->time);
              User::updateUserField($this->username, "cookie_id", $this->cookie_id);
              User::addActiveUser($this->username, $this->time);
              User::removeActiveGuest($_SERVER['REMOTE_ADDR']);
		  User::updateUserField($this->username, "ip", $_SERVER['REMOTE_ADDR']);
              
		  if ($uremember) {
			  setcookie("SITE_COOKIE", $this->username, time() + COOKIE_EXPIRE, COOKIE_PATH);
			  setcookie("SITE_COOKIE_ID", $this->cookie_id, time() + COOKIE_EXPIRE, COOKIE_PATH);
		  }
              return true;
          } else {
              return false;
          }
      }

 

 

This is in my Login.php:

  if ($session->logged_in)
      redirect("/admincp");
  
  if (isset($_POST['login']))
      : $result = $session->login($_POST['username'], $_POST['password'], isset($_POST['remember']));
  /* Login successful */
  if ($result)
      : redirect("/admincp");
  endif;
  endif;

 

And in the admin CP:

  if (!$session->logged_in)
      redirect("/admin");

 

 

This all works fine on Firefox, but when it comes to any other browser, no error is displayed, so it's definitely working. I think it's something to do with the sessions, but I have no idea what. I've been over and over the code and I can't figure it out. Perhaps a fresh set of eyes can help me out.

 

Any input is appreciated.

Generally speaking, when a login works on Firefox, but no others, it means your HTML form has errors. Firefox has a nasty habit of correcting these minor html tag problems, others do not.

 

Look at your html tags and make sure they are correct syntax and properly closed etc.

Here's my form:

      <form action="<?php htmlentities($_SERVER['PHP_SELF']);?>" name="lForm" id="lForm" method="post">
        <input type="hidden" name="login" value="1" />
        <table>
            <tr>
                  <td><label for="username">Username:</label></td><td><input name="username" type="text" class="inputbox" id="username" size="24" maxlength="20" /></td>
            </tr>
            <tr>      
                  <td><label for="username">Password:</label></td><td><input name="password" type="password" class="inputbox" id="password" size="24" maxlength="20" /></td>
            </tr>
        </table>
        <input name="remember" type="checkbox" class="checkbox" value="1" />
        Remember me<br />
        <button type="submit" class="button" id="submit" name="submit">Login</button>
        <br />
      </form>

 

Just tried this in login.php:

   if (isset($_POST['login']))
      echo '1';

 

And 1 does not get echoed.

if ($session->logged_in) redirect("/admincp");
      
if (isset($_POST['login'])) :
      echo '1'; // If this doesn't get shown when you dont get logged in, put exit; after the echo
      $result = $session->login($_POST['username'], $_POST['password'], isset($_POST['remember']));
      /* Login successful */
      if ($result) redirect("/admincp");
endif;

Karl,

 

It is your HTML form.

 

<button type="submit" class="button" id="submit" name="submit">Login</button>

 

I know has issues with IE etc. They do not like buttons nor do they recognize them. You have two choices. using the

 

<input type="submit" name="submit" class="button" value="Login" />  

 

Or by submitting the form with a "button" like design with Javascript. Also, you do not need to surround $_SERVER['PHP_SELF'] in the form action with the htmlentities, this is unnecessary.

Did you develop your code using FF? If so, you probably already have a cookie set. Try it in FF after you delete any cookies that match your domain/localhost name.

 

Edit: Actually I tried the form in IE8 and it submitted the expected POST variables, though it is true that IE and buttons generally need some javascropt to submit forms.

Did you develop your code using FF? If so, you probably already have a cookie set. Try it in FF after you delete any cookies that match your domain/localhost name.

 

Fair point, I just cleared my cache and it doesn't log in using firefox.

 

Karl,

 

It is your HTML form.

 

<button type="submit" class="button" id="submit" name="submit">Login</button>

 

I know has issues with IE etc. They do not like buttons nor do they recognize them. You have two choices. using the

 

<input type="submit" name="submit" class="button" value="Login" />  

 

Or by submitting the form with a "button" like design with Javascript. Also, you do not need to surround $_SERVER['PHP_SELF'] in the form action with the htmlentities, this is unnecessary.

Made no difference.

 

EDIT: I guess others noticed this as well while I was typing (or eating)  :P

 

Sort of a shot in the dark, but . . .  You may need to add a hidden field to validate form submission. I haven't tested this, but apparently IE and possibly some others interpret the value of buttons in a non-standard manner (big surprise, huh?). If that's what's happening, your if( isset($_POST['login']) ){ may be returning FALSE.

 

<button type ="submit" value="login" name="button">Press</button>
// Most browsers return "login" as the value, but apparently, IE would return "Press".

 

EDIT: I guess others noticed this as well while I was typing (or eating)  :P

 

Sort of a shot in the dark, but . . .  You may need to add a hidden field to validate form submission. I haven't tested this, but apparently IE and possibly some others interpret the value of buttons in a non-standard manner (big surprise, huh?). If that's what's happening, your if( isset($_POST['login']) ){ may be returning FALSE.

 

<button type ="submit" value="login" name="button">Press</button>
// Most browsers return "login" as the value, but apparently, IE would return "Press".

 

Well, after some testing. I've established it's not the form it's the checkLogin function that's causing it to redirect as it's returning false.

 

I know this because without the if (!$session->logged_in) redirect("/admin"); in admincp.php it will login and return to the control panel.

Think of it this way . . .  8)

 

<?php
$Optometrist = 'eye doctor';
$Optician = 'eyeglass maker';

if( $visit == $Optician ) {
     if( empty($Optometrist) ) {
          die( "Must first visit $Optometrist for eye exam!" );
     } else {
     $glasses = array( 
     0 => 'Money',
     1 => 'prescription' );
     }
}
?>

The sessions and cookies aren't being set properly, by the looks of it. (I've been working on this aswell foreveryone elses notice)

 

session_start is definately used at the top of pages too.. anyone know of a fix? My guess is with php.ini, because with some echo's.. it does all the right echo's, like it should be setting the sessions etc... but it just doesn't pass the value of the session across.. it makes no sense.

After a further test, of creating two pages.

test.php and test2.php, test2.php basically echo's the session. test.php sets it, and gives a link to test2.php, and this works.. O.O.

 

The only thing I can think of, is that its performaning an unexpected session_unset, or logout. - I's been changed so that it'll only go through checklogin if sessions are set. It doesn't go through the check login (we echo'd to test) and it doesn't. It is down to the sessions not being set. I don't get why. It's completely baffled us..

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.