Sessions: PHP3/PHP4

[steve-t]

I'm pretty new to PHP but I've created a site that uses sessions. I tested it on a host that uses PHP4 and it worked great! I have now come to upload it to its new home with a host that uses PHP3 and it doesn't work.

Is there an alternative method to sessions that will work in PHP3? I really need to get this sorted asap so your help would be hugely appreciated!!

Thanks  :)

[trq]

Session handling was not added untill php4, php3 is ancient and long forgotten. Any reason your stuck with that?

[kenrbnsn]

Please post your current code. Sessions were done differently in PHP3 vs PHP4. I, personally, wouldn't use a PHP3 host, since PHP3 was much more insecure that the current versions of PHP.

Ken

[steve-t]

The site was designed for a friend. I tested it on my own host but when I ran a test on their server it showed as having PHP Version 3.0.18.

[steve-t]

[code]
<?php
session_start();
include("user.inc");
switch (@$_GET['do'])
{
case "login":
$connection = mysql_connect($host,$user,$password)
or die ("Couldn't connect to server");
$db = mysql_select_db($database,$connection)
or die ("Couldn't select database");
$sql = "SELECT loginName FROM Member WHERE loginName='$_POST[fusername]'";
$result = mysql_query($sql)
or die ("Couldn't execute query");
$num = mysql_num_rows($result);
if ($num == 1)
{
$sql = "SELECT loginName FROM Member WHERE loginName='$_POST[fusername]' AND password='$_POST[fpassword]'";
$result2 = mysql_query($sql)
or die ("Couldn't execute query 2");
$num2 = mysql_num_rows($result2);
if ($num2 > 0)
{
$_SESSION['auth']="yes";
header("Location: admin-home.php");
}
else
{
unset($_GET['do']);
$message="<p>The login name '$_POST[fusername]' exists but you have not entered the correct password. Please try again.</p>";
include("login_form.inc");
}
}
elseif ($num == 0)
{
unset($_GET['do']);
$message="<p>The login name you entered does not exist. Please try again.</p>";
include("login_form.inc");
}
break;

default:
include("login_form.inc");
}
?>
[/code]

[steve-t]

[quote author=kenrbnsn link=topic=115607.msg470776#msg470776 date=1163992965]
Please post your current code. Sessions were done differently in PHP3 vs PHP4. I, personally, wouldn't use a PHP3 host, since PHP3 was much more insecure that the current versions of PHP.

Ken
[/quote]
How were sessions done in PHP3?

[Jenk]

manually.

[steve-t]

So is there a solution to my problem or do I need to get them to upgrade to a defferent server? ???

[Jenk]

Best choice would be to upgrade, as already mentioned, php3 is very, very outdated. Official support for php3 was pulled years ago.

Failing that, you'll need to handle sessions manually. I.e. everything that the php engine does for you in php4+, you'll need to perform yourself. Everything from generating a unique session id, to storing session data.

[steve-t]

I tried taking out the code for the sessions to test if it worked without it. It doesn't. Any ideas how to make the following work in PHP3?

[code]
<?php
include("user.inc");
switch (@$_GET['do'])
{
case "login":
$connection = mysql_connect($host,$user,$password)
or die ("Couldn't connect to server");
$db = mysql_select_db($database,$connection)
or die ("Couldn't select database");
$sql = "SELECT loginName FROM Member WHERE loginName='$_POST[fusername]'";
$result = mysql_query($sql)
or die ("Couldn't execute query");
$num = mysql_num_rows($result);
if ($num == 1)
{
$sql = "SELECT loginName FROM Member WHERE loginName='$_POST[fusername]' AND password='$_POST[fpassword]'";
$result2 = mysql_query($sql)
or die ("Couldn't execute query 2");
$num2 = mysql_num_rows($result2);
if ($num2 > 0)
{
header("Location: admin-home.php");
}
else
{
unset($_GET['do']);
$message="<p>The login name '$_POST[fusername]' exists but you have not entered the correct password. Please try again.</p>";
include("login_form.inc");
}
}
elseif ($num == 0)
{
unset($_GET['do']);
$message="<p>The login name you entered does not exist. Please try again.</p>";
include("login_form.inc");
}
break;

default:
include("login_form.inc");
}
?>
[/code]

Thanks for everyone's help so far!  ;D

[trq]

[quote]Any ideas how to make the following work in PHP3?[/quote]
What do you meen by [i]work[/i]? Its not going to log them in without sessions because you have no way of making it persistant. php3 was way before my time, but Im assuming you would need to use cookies on the client and a datbase or some other data store on the server. Your going to need a pretty good grasp of how current sessions handling works, and try and build your own based on that.

[steve-t]

I've given up on the sessions. I just want to check the database for the login name and password and if correct redirect to the next page.

In theory I can't see why this script wont work. Am i correct or have I missed the point?

[trq]

Its a little bloated but looks kinda ok. What are the results? You need to explain what [i]not working[/i] means.

[steve-t]

Ok, well whenever you click the login button it just refreshes the page. No message appears such as "login name does not exist". The same result occurs no matter what you enter as the username and password.

[redbullmarky]

i apologise for being unconstructive, but i personally thing it'd be much easier to get your friend to find a host that uses at least PHP4, rather than trying to code for an ancient version. sessions (in this case) are just the start of your problem. i could only take a stab-in-the-dark guess that you're gonna have many more problems other than this if PHP3 is the only way to go.

[steve-t]

I completely agree and I think i have lots more problems but just taking one step at a time. I've done the programming for a friend who is a flash designer but doesn't do PHP etc. It is his client and its up to him to persuade them.

[steve-t]

Any thoughts on the login code anybody?