Ryflex Posted October 16, 2010 Share Posted October 16, 2010 Hi all, I have an authentication part on my website that checks every page through a session variable if a user is logged in and which user it is. When I test my code on my computer it works perfectly registration and login goes smooth but when someone on another computer tries it they get the acces denied page.... does anyone know why??? Greets Ryflex Quote Link to comment https://forums.phpfreaks.com/topic/216001-authentication/ Share on other sites More sharing options...
rwwd Posted October 16, 2010 Share Posted October 16, 2010 pop the code on that you think is erroneous and the good people here can then help you... I think the $_SESSION checker at the top of the page would be a god place to start, along with how the $_SESSION is getting set too. Rw Quote Link to comment https://forums.phpfreaks.com/topic/216001-authentication/#findComment-1122698 Share on other sites More sharing options...
Ryflex Posted October 16, 2010 Author Share Posted October 16, 2010 reg.php (set the $_SESSION variable) $qry2 = "SELECT * FROM members WHERE login = '$login' AND passwd = '".md5($_POST['password'])."'"; $result2 = mysql_query($qry2); $array2 = mysql_fetch_array($result2); $member_ID = $array2['member_id']; $_SESSION['SESS_MEMBER_ID'] = $member_ID; auth.php (checks the $_SESSION variable) <?php //Start session session_start(); //Check whether the session variable SESS_MEMBER_ID is present or not if(!isset($_SESSION['SESS_MEMBER_ID']) || (trim($_SESSION['SESS_MEMBER_ID']) == '')) { header("location: access-denied.php"); exit(); } ?> first line of every page after login or register <?php require_once('auth.php'); ?> Quote Link to comment https://forums.phpfreaks.com/topic/216001-authentication/#findComment-1122700 Share on other sites More sharing options...
ignace Posted October 16, 2010 Share Posted October 16, 2010 reg.php also needs session_start() at the top. Quote Link to comment https://forums.phpfreaks.com/topic/216001-authentication/#findComment-1122746 Share on other sites More sharing options...
Ryflex Posted October 16, 2010 Author Share Posted October 16, 2010 it has al pages do. it's just the stupid thing that it works on my computer fine but on others it has problems... Ryflex Quote Link to comment https://forums.phpfreaks.com/topic/216001-authentication/#findComment-1122816 Share on other sites More sharing options...
Ryflex Posted October 17, 2010 Author Share Posted October 17, 2010 is anyone able to help??? Thnx Ryflex Quote Link to comment https://forums.phpfreaks.com/topic/216001-authentication/#findComment-1123019 Share on other sites More sharing options...
BlueSkyIS Posted October 17, 2010 Share Posted October 17, 2010 i'd go to basic troubleshooting. echo $member_id and make sure it's actually set. // Is the query working??? $result2 = mysql_query($qry2) or die(mysql_error(); // if we got here, the query is working. let's see what value we get. $member_ID = $array2['member_id']; die("got member_ID: $member_ID"); // Does this produce a valid member_ID value? if so, remove this line and continue troubleshooting. $_SESSION['SESS_MEMBER_ID'] = $member_ID; Quote Link to comment https://forums.phpfreaks.com/topic/216001-authentication/#findComment-1123021 Share on other sites More sharing options...
Ryflex Posted October 18, 2010 Author Share Posted October 18, 2010 Hi all, I checked it and it works perfectly until it goes to the frames page and then al frames go to the acces denied page..... before it goes through 3 pages an passes the session variable just fine... So now what??? I'm starting to lose my nerves here... Thnx Ryflex Quote Link to comment https://forums.phpfreaks.com/topic/216001-authentication/#findComment-1123447 Share on other sites More sharing options...
meltingpoint Posted October 18, 2010 Share Posted October 18, 2010 Do the pages that you are passing inside the I-Frame also have session_start() at the top of each page and also have the authentication confirmation script in them? Quote Link to comment https://forums.phpfreaks.com/topic/216001-authentication/#findComment-1123591 Share on other sites More sharing options...
Ryflex Posted October 19, 2010 Author Share Posted October 19, 2010 found one session start on one of the pages added comment slashes and let my brother try when home from work. thnx Ryflex Quote Link to comment https://forums.phpfreaks.com/topic/216001-authentication/#findComment-1123714 Share on other sites More sharing options...
Ryflex Posted October 19, 2010 Author Share Posted October 19, 2010 ok my brother just checked and he still gets acces denied page.... any other possibility's??? Ryflex Quote Link to comment https://forums.phpfreaks.com/topic/216001-authentication/#findComment-1123889 Share on other sites More sharing options...
Ryflex Posted October 20, 2010 Author Share Posted October 20, 2010 anyone??? Quote Link to comment https://forums.phpfreaks.com/topic/216001-authentication/#findComment-1124388 Share on other sites More sharing options...
Ryflex Posted October 24, 2010 Author Share Posted October 24, 2010 Ok found out through another forum. When using $_SESSION variables check if your links are staying on the same domain. www.example.com and example.com seems to be different. So make sure that when you start on example.com al your links stay on example.com/.... and not www.example.com/.... or backwards Ryflex Quote Link to comment https://forums.phpfreaks.com/topic/216001-authentication/#findComment-1125827 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.