SalientAnimal Posted January 27, 2014 Share Posted January 27, 2014 Hi All, I have a bit of a problem with the site I have been working on. Originally I built it on my laptop, to later transfer over onto the "Intranet" server. On my laptop, everything was working perfectly and as intended. I then transferred it onto the server and when testing on the server it works perfectly as well. I then access the server using the web address and on Firefox it works perfectly, however on IE my slide down panel does not work. The slide down panel is where a user would login / register, so with that not working they aren't even able to register / login Here is the code of my index page, as I am not sure what other code to provide you with, maybe you can request any other info you would like to see? <!-- INCLUDING REQUIRED AUTHENTICATION FILES, DATABASE CONNECTIONS, FUNCTIONS. --> <?php include_once 'includes/db_connect.php'; include_once 'includes/functions.php'; include_once 'includes/register.inc.php'; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <!-- HEADER CONTENT OF PAGE - THIS CONTAINS ALL SCRIPT, CSS, AND META TAG RELATED INFORMATION FOR THE WEBPAGE --> <head> <title>TechDesignLab - Tracking Utility</title> <?php include 'includes/formatting.php'; ?> </head> <!-- BODY CONTENT OF THE WEBPAGE - THIS IS HOW THE PAGE WILL BE DISPLAYED TO THE USER --> <body> <!-- LOGIN / DROP DOWN PANEL START --> <?php if (login_check($mysqli) == true) : ?> <!-- LEFT SECTION OF THE LOGIN PANEL IS DEFINED HERE. THE SECTION BELOW IS WHAT WILL BE SEEN BY USERS WHO ARE LOGGED IN--> <div id="toppanel"> <div id="panel"> <div class="content clearfix"> <div class="left"> <h1>TechDesignLab Tracker Utility</h1> <h2>Welcome <?php echo htmlentities($_SESSION['username']); ?></h2> <!--<h2>You are currently logged <?php echo $logged?>.</h2><br> --> <p class="grey">You can put anything you want in this sliding panel: videos, audio, images, forms... The only limit is your imagination!</p> <h2>TechDesignLab Website</h2> <p class="grey">Click the link <a href="http://www.TechDesignLab.co.za" title="TechDesignLab Website">to visit the TechDesignLab Website »</a></p> </div> <div class="left"> <?php if (isset($_GET['error'])) { echo '<p class="error">Error Logging In! Please verify that you are using the correct username and password combination.</p>'; } ?> <!-- MIDDLE SECTION OF THE SLIDING PANEL - CONTROLS THE LOGIN OF A USER --> <form class="clearfix" action="includes/logout.php" method="post" name="logout_form"> <h1>Agent Logout</h1> <p class="grey">Click on the button to logout.</p> <div class="clear"></div> <input type="button" value="Logout" class="bt_login" onclick="form.submit()"/> </form> </div> <!-- RIGHT SECTION OF THE SLIDING PANEL - CONTROLS THE REGISTRATION OF A USER --> <div class="left"> <?php if (isset($_GET['error'])) { echo '<p class="error">Error Logging In! Please verify that you are using the correct username and password combination.</p>'; } ?> <!-- FAR RIGHT PANNEL - LOGS USERS OUT OF THE SYSTEM. --> <form class="clearfix" action="includes/logout.php" method="post" name="logout_form"> <h1>Agent Logout</h1> <p class="grey">Will add some nice information over here.</p> </form> </div> </div> </div> <!-- LOGIN AND REGISTRATION END --> <!-- DETAILS TO CONFIGURE THE LOGIN TAB --> <div class="tab"> <ul class="login"> <li class="left"> </li> <li>Nice to see you again</li> <li class="sep">|</li> <li id="toggle"> <a id="open" class="open" href="#"><?php echo htmlentities($_SESSION['username']);?>!</a> <a id="close" style="display: none;" class="close" href="#">Close Panel</a> </li> <li class="right"> </li> </ul> </div> <!-- / top --> </div> <!--panel --> <!-- LEFT SECTION OF THE LOGIN PANEL IS DEFINED HERE. THE SECTION BELOW IS WHAT WILL BE SEEN BY USERS WHO ARE NOT LOGGED IN--> <?php else : ?> <div id="toppanel"> <div id="panel"> <div class="content clearfix"> <!-- LEFT SECTION OF THE LOGIN PANEL IS DEFINED HERE. --> <div class="left"> <h1>TechDesignLab Tracker Utility</h1> <h2>You need to be logged in to view this content</h2> <p class="grey">You can put anything you want in this sliding panel: videos, audio, images, forms... The only limit is your imagination!</p> <h2>TechDesignLab Website</h2> <p class="grey">Click the link <a href="http://www.TechDesignLab.co.za" title="TechDesignLab Website">to visit the TechDesignLab Website »</a></p> </div> <div class="left"> <?php if (isset($_GET['error'])) { echo '<p class="error">Error Logging In! Please verify that you are using the correct username and password combination.</p>'; } ?> <!-- MIDDLE SECTION OF THE SLIDING PANEL - CONTROLS THE LOGIN OF A USER --> <form class="clearfix" action="includes/process_login.php" method="post" name="login_form"> <h1>Agent Login</h1> <form action="includes/process_login.php" method="post" name="login_form"> <label class="grey" for="username">Username:</label> <input class="field" type="text" name="username" id="username" value="" size="23"/> <label class="grey" for="password">Password:</label> <input class="field" type="password" name="password" id="password" size="23"/> <div class="clear"></div> <input type="button" value="Login" class="bt_login" onclick="formhash(this.form, this.form.password);"/> <a class="lost-pwd" href="#">Lost your password?</a> </form> </div> <!-- RIGHT SECTION OF THE SLIDING PANEL - CONTROLS THE REGISTRATION OF A USER --> <div class="left right"> <?php if (!empty($error_msg)) { echo $error_msg; } ?> <h1>New Agent Registration</h1> <form action="<?php echo esc_url($_SERVER['PHP_SELF']); ?>" method="post" name="registration_form"> <label class="grey" for="signup">Username:</label> <input class="field" type='text' name='username' id='username' value="" size="23"/> <label class="grey" for="email">Email:</label> <input class="field" type="text" name="email" id="email" size="23"/> <label class="grey" for="password">Password:</label> <input class="field" type="password" name="password" id="password"/><br> <label class="grey" for="password">Confirm Password:</label> <input class="field" type="password" name="confirmpwd" id="confirmpwd"/><br> <input class="bt_register" type="button" value="Register" onclick="return regformhash(this.form, this.form.username, this.form.email, this.form.password, this.form.confirmpwd);"/> </form> </div> </div> </div> <!-- LOGIN AND REGISTRATION END --> <!-- DETAILS TO CONFIGURE THE LOGIN TAB --> <div class="tab"> <ul class="login"> <li class="left"> </li> <li><span class="error">Click here to</span></li> <li class="sep">|</li> <li id="toggle"> <a id="open" class="open" href="#">Log In / Register</a> <a id="close" style="display: none;" class="close" href="#">Close Panel</a> </li> <li class="right"> </li> </ul> </div> <!-- / top --> </div> <!--panel --> <?php endif; ?> <div id="container"> <div id="content" style="margin-top:-45px;"> <img src="images/logo.png" alt="TechDesignLab"></img> <h1>Auxilium</h1> <h2>TechDesignLab - About Us</h2> <p>Company Overview</p> <p class="highlight"></p> <p>Company Profile </p> </div><!-- / content --> </div><!-- / container --> <div id="container"> <div id="footer" style="margin-top:10px;"> <footer style="background:#E5E5E5; height:20px"> <p>Copyright © TechDesignLab 2014 | <a href="mailto:leon.laassen@TechDesignLab.TechDesignLab.co.za">Contact Us</a>.</p> <img src="images/altron-footer-logo.png" alt="Altron Footer Logo" align="left"></img> <img src="images/TechDesignLab_bbbee.png" alt="TechDesignLab Level 2 BBEE" align="left"></img> </footer> </div><!-- / footer --> </div><!-- / container --> </body> </html> FUNCTIONS PAGE <!-- includes/functions.php --> <!-- ERROR CHECKING FUNCTIONS - ADD TO PAGES TO CHECK FOR POSSIBLE ERRORS var_dump(login_check($mysqli)); var_dump($_SESSION); exit; var_dump($_POST);exit; --> <?php include_once 'psl-config.php'; function sec_session_start() { $session_name = 'sec_session_id'; // Set a custom session name $secure = SECURE; // This stops JavaScript being able to access the session id. $httponly = true; // Forces sessions to only use cookies. if (ini_set('session.use_only_cookies', 1) === FALSE) { header("Location: ../error.php?err=Could not initiate a safe session (ini_set)"); exit(); } // Gets current cookies params. $cookieParams = session_get_cookie_params(); session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], $secure, $httponly); // Sets the session name to the one set above. session_name($session_name); session_start(); // Start the PHP session session_regenerate_id(); // regenerated the session, delete the old one. } function login($email, $password, $mysqli) { // Using prepared statements means that SQL injection is not possible. if ($stmt = $mysqli->prepare("SELECT id, username, password, email, level, salt FROM members WHERE username = ? LIMIT 1")) { $stmt->bind_param('s', $email); // Bind "$email" to parameter. $stmt->execute(); // Execute the prepared query. $stmt->store_result(); // get variables from result. $stmt->bind_result($user_id, $username, $db_password, $email, $level, $salt); $stmt->fetch(); // hash the password with the unique salt. $password = hash('sha512', $password . $salt); if ($stmt->num_rows == 1) { // If the user exists we check if the account is locked // from too many login attempts if (checkbrute($user_id, $mysqli) == true) { // Account is locked // Send an email to user saying their account is locked return false; } else { // Check if the password in the database matches // the password the user submitted. if ($db_password == $password) { // Password is correct! // Get the user-agent string of the user. $user_browser = $_SERVER['HTTP_USER_AGENT']; // XSS protection as we might print this value $user_id = preg_replace("/[^0-9]+/", "", $user_id); $_SESSION['user_id'] = $user_id; // XSS protection as we might print this value $username = preg_replace("/[^a-zA-Z0-9_\-]+/", "", $username); $_SESSION['username'] = $username; $_SESSION['login_string'] = hash('sha512', $password . $user_browser); $_SESSION['email'] = $email; $_SESSION['level'] = $level; $_SESSION['session_status'] = $session_status; $mysqli->query("SELECT * FROM login_success WHERE user_id = '$user_id'"); if (mysql_num_rows($mysqli) > 0) { $mysqli->query("UPDATE login_success SET time = NOW() WHERE user_id = '$user_id'"); } else { $mysqli->query("INSERT INTO login_success(user_id, time) VALUES ('$user_id', now()"); } //UPDATE login_success SET time = now() where user_id = '$user_id'"); // Login successful. return true; } else { // Password is not correct // We record this attempt in the database //$now = time(); $mysqli->query("INSERT INTO login_attempts(user_id, time) VALUES ('$user_id', now())"); return false; } } } else { // No user exists. return false; } } } function checkbrute($user_id, $mysqli) { // Get timestamp of current time $now = time(); // All login attempts are counted from the past 2 hours. $valid_attempts = $now - (2 * 60 * 60); if ($stmt = $mysqli->prepare("SELECT time FROM login_attempts <code><pre> WHERE user_id = ? AND time > '$valid_attempts'")) { $stmt->bind_param('i', $user_id); // Execute the prepared query. $stmt->execute(); $stmt->store_result(); // If there have been more than 5 failed logins if ($stmt->num_rows > 5) { return true; } else { return false; } } } function login_check($mysqli) { // Check if all session variables are set if (isset($_SESSION['user_id'], $_SESSION['username'], $_SESSION['login_string'], $_SESSION['email'], $_SESSION['level'] //$_SESSION['session_status'] )) { $user_id = $_SESSION['user_id']; $login_string = $_SESSION['login_string']; $username = $_SESSION['username']; $email = $_SESSION['email']; $level = $_SESSION['level']; //$status = $_SESSON['session_status']; // Get the user-agent string of the user. $user_browser = $_SERVER['HTTP_USER_AGENT']; if ($stmt = $mysqli->prepare("SELECT password FROM members WHERE id = ? LIMIT 1")) { // Bind "$user_id" to parameter. $stmt->bind_param('i', $user_id); $stmt->execute(); // Execute the prepared query. $stmt->store_result(); if ($stmt->num_rows == 1) { // If the user exists get variables from result. $stmt->bind_result($password); $stmt->fetch(); $login_check = hash('sha512', $password . $user_browser); if ($login_check == $login_string) { // Logged In!!!! //echo 'logged in'; return true; } else { // Not logged in echo 1; return false; } } else { // Not logged in echo 2; return false; } } else { // Not logged in echo 3; return false; } } else { // Not logged in //echo 4; return false; } } function esc_url($url) { if ('' == $url) { return $url; } $url = preg_replace('|[^a-z0-9-~+_.?#=!&;,/:%@$\|*\'()\\x80-\\xff]|i', '', $url); $strip = array('%0d', '%0a', '%0D', '%0A'); $url = (string) $url; $count = 1; while ($count) { $url = str_replace($strip, '', $url, $count); } $url = str_replace(';//', '://', $url); $url = htmlentities($url); $url = str_replace('&', '&', $url); $url = str_replace("'", ''', $url); if ($url[0] !== '/') { // We're only interested in relative links from $_SERVER['PHP_SELF'] return ''; } else { return $url; } } function crypto_rand_secure($min, $max) { $range = $max - $min; if ($range < 0) return $min; // not so random... $log = log($range, 2); $bytes = (int) ($log / + 1; // length in bytes $bits = (int) $log + 1; // length in bits $filter = (int) (1 << $bits) - 1; // set all lower bits to 1 do { $rnd = hexdec(bin2hex(openssl_random_pseudo_bytes($bytes))); $rnd = $rnd & $filter; // discard irrelevant bits } while ($rnd >= $range); return $min + $rnd; } function getToken($length=32){ $token = ""; $codeAlphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; $codeAlphabet.= "abcdefghijklmnopqrstuvwxyz"; $codeAlphabet.= "0123456789"; for($i=0;$i<$length;$i++){ $token .= $codeAlphabet[crypto_rand_secure(0,strlen($codeAlphabet))]; } return $token; } /* RESTRICTED ACCESS LEVEL MANAGEMENT */ function checkLoginLevel() { $allowed = array( '0' => array('register.info.php','index.php','index.html'), /* NEW REGISTRATION ACCESS LEVELS */ '1' => array('register.info.php','index.php','index.html','home.php','walkin_form.php','walkin_delete.php'), /* ACCESS LEVELS FROM RECEPTION */ '2' => array('register.info.php','index.php','index.html','home.php','first-page.php'), '3' => array('register.info.php','index.php','index.html','home.php','first-page.php', 'second-page.php'), '4' => array('register.info.php','index.php','index.html','home.php','premier_form.php', 'second-page.php', 'third-page.php'), /* SUPERVISOR ACCESS LEVELS */ '99' => true, /* ADMINISTRATION ACCESS LEVELS */ ); if(!isset($allowed[$_SESSION['level']])) { echo 'Your access level has not been set. Please return to the Login / Registration Page.'; exit; } if($_SESSION['level'] == 0) { header('Location:register.info.php'); exit; } if(is_array($allowed[$_SESSION['level']])) { $file = $_SERVER["PHP_SELF"]; $file = explode('/', $file); $file = end($file); if(!in_array($file, $allowed[$_SESSION['level']])) { echo 'You are not authorised to view this page. Please contact your manager to have your access level adjusted'; exit; } } if(is_bool($allowed[$_SESSION['level']])) { // you're allowed; } } FORMATTING PAGE: <link rel="shortcut icon" href="../favicon.ico?v=2"/> <meta name="description" content="Altech Autopage - Tracker Login Page" /> <meta name="keywords" content="login, register, login page, techdesignlab, tech design lab, computer, components, hardware, software, peripherals" /> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <!-- REFERNCE TO MAIN CORE OF jQUERY SCRIPT --> <script src="js/jquery-2.0.3.min.js" type="text/javascript"></script> <!-- REFERNCE TO MAIN CORE OF jQUERY SCRIPT OLD jQUERY SCRIPT <script src="js/jquery-1.3.2.min.js" type="text/javascript"></script> --> <!-- FORM FUNCTIONS - ACCORDION MENU jQUERY --> <script src="js/accordion.js" type="text/javascript"></script> <!-- MENU SLIDE EFFFECT --> <script src="js/slide.js" type="text/javascript"></script> <!-- SHA512 PASSWORD ENCRIPTION ALGORYTHM --> <script src="js/sha512.js" type="text/javascript"></script> <!-- FORM FUNCTIONS --> <script src="js/forms.js" type="text/javascript"></script> <!-- EXTERNAL SOURCE FOR jQUERY --> <!-- <script src="http://code.jquery.com/jquery-1.10.1.min.js"></script> <script src="http://code.jquery.com/jquery-migrate-1.2.1.min.js"></script> --> <!-- CALENDAR SETTINGS --> <!-- <link rel="stylesheet" href="datepicker/css/reset.css" type="text/css"> --> <link rel="stylesheet" href="datepicker/css/metallic.css" type="text/css"> <link rel="stylesheet" href="datepicker/css/style.css" type="text/css"> <link type="text/css" rel="stylesheet" href="datepicker/css/shCoreDefault.css"> <script type="text/javascript" src="datepicker/javascript/XRegExp.js"></script> <script type="text/javascript" src="datepicker/javascript/shCore.js"></script> <script type="text/javascript" src="datepicker/javascript/shLegacy.js"></script> <script type="text/javascript" src="datepicker/javascript/shBrushJScript.js"></script> <script type="text/javascript" src="datepicker/javascript/shBrushXML.js"></script> <script type="text/javascript" src="datepicker/javascript/zebra_datepicker.js"></script> <script type="text/javascript" src="datepicker/javascript/core.js"></script> <script type="text/javascript"> SyntaxHighlighter.defaults['toolbar'] = false; SyntaxHighlighter.all(); </script> <!-- REFERENCING FOR ALL STYLE SHEETS --> <link rel="stylesheet" href="css/style.css" type="text/css" media="screen"/> <link rel="stylesheet" href="css/slide.css" type="text/css" media="screen"/> <link rel="stylesheet" href="menu2/menu.css" type="text/css" media="screen"/> <link rel="stylesheet" href="css/form_template.css" type="text/css" media="screen"/> <link rel="stylesheet" href="css/result.css" type="text/css" media="screen"/> <!--<link rel="stylesheet" href="css/accordian2.css" type="text/css" media="screen"/> --> Here is the CSS code for the slide down panel. /***** clearfix *****/ .clear { clear: both; height: 0; line-height: 0; } .clearfix:after { content: "."; display: block; height: 0; clear: both; visibility: hidden; } .clearfix { display: inline-block; } /* Hides from IE-mac \*/ * html .clearfix { height: 1%; } .clearfix { display: block; } /* End hide from IE-mac */ .clearfix { height: 1%; } .clearfix { display: block; } /* Panel Tab/button */ .tab { background: url(../images/tab_b.png) repeat-x 0 0; height: 42px; position: relative; top: 0; z-index: 999; } .tab ul.login { display: block; position: relative; float: right; clear: right; height: 42px; width: auto; font-weight: bold; line-height: 42px; margin: 0; right: 150px; color: white; font-size: 80%; text-align: center; } .tab ul.login li.left { background: url(../images/tab_l.png) no-repeat left 0; height: 42px; width: 30px; padding: 0; margin: 0; display: block; float: left; } .tab ul.login li.right { background: url(../images/tab_r.png) no-repeat left 0; height: 42px; width: 30px; padding: 0; margin: 0; display: block; float: left; } .tab ul.login li { text-align: left; padding: 0 6px; display: block; float: left; height: 42px; background: url(../images/tab_m.png) repeat-x 0 0; } .tab ul.login li a { color: #ED1C24; } .tab ul.login li a:hover { color: #FFFFFF; } .tab .sep {color:#001B54} .tab a.open, .tab a.close { height: 20px; line-height: 20px !important; padding-left: 30px !important; cursor: pointer; display: block; width: 100px; position: relative; top: 11px; } .tab a.open {background: url(../images/bt_open.png) no-repeat left 0;} .tab a.close {background: url(../images/bt_close.png) no-repeat left 0;} .tab a:hover.open {background: url(../images/bt_open.png) no-repeat left -19px;} .tab a:hover.close {background: url(../images/bt_close.png) no-repeat left -19px;} /* DEFINE THE PROPERTIES OF THE SLIDE DOWN PANNEL FOR A USER WHO IS LOGGED IN*/ /* sliding panel */ #toppanel { /*position: absolute; /*Panel will overlap content */ position: relative; /*Panel will "push" the content down */ top: 0; width: 100%; z-index: 999; text-align: center; margin-left: auto; margin-right: auto; } #panel { width: 100%; height: 300px; color: #FFFFFF; background: #001B54; overflow: hidden; position: relative; z-index: 3; display: none; } #panel h1 { font-size: 1.6em; padding: 5px 0 10px; margin: 0; color: white; } #panel h2{ font-size: 1.2em; padding: 10px 0 5px; margin: 0; color: white; } #panel p { margin: 5px 0; padding: 0; } #panel a { text-decoration: none; color: #ED1C24; font-weight: bold; } #panel a:hover { color: white; } #panel a-lost-pwd { display: block; float: left; } #panel .content { width: 960px; margin: 0 auto; padding-top: 15px; text-align: left; font-size: 0.85em; } #panel .content .left { width: 280px; float: left; padding: 0 15px; border-left: 1px solid grey; } #panel .content .right { border-right: 1px solid grey; } #panel .content form { margin: 0 0 10px 0; } #panel .content label { float: left; padding-top: 8px; clear: both; width: 280px; display: block; } #panel .content input.field { border: 1px #1A1A1A solid; background: #FFFFFF; margin-right: 5px; margin-top: 0px; width: 200px; color: black; height: 20px; } #panel .content input:focus.field { background: #C9C9C9; color: #ED1C24; } /* BUTTONS */ /* Login and Register buttons */ #panel .content input.bt_login, #panel .content input.bt_register { display: block; float: left; clear: left; height: 25px; text-align: center; cursor: pointer; border: none; font-weight: bold; margin: 10px 0; } #panel .content input.bt_login { width: 74px; background: transparent url(../images/bt_login.png) no-repeat 0 0; } #panel .content input.bt_register { width: 94px; color: white; background: transparent url(../images/bt_register.png) no-repeat 0 0; } #panel .lost-pwd { display: block; float:left; clear: right; padding: 15px 5px 0; font-size: 0.95em; text-decoration: underline; } And the sliding panel javascript: $(document).ready(function() { // Expand Panel $("#open").click(function(){ $("div#panel").slideDown("slow"); }); // Collapse Panel $("#close").click(function(){ $("div#panel").slideUp("slow"); }); // Switch buttons from "Log In | Register" to "Close Panel" on click $("#toggle a").click(function () { $("#toggle a").toggle(); }); }); Please let me know if there is any additional information that you may require. Quote Link to comment Share on other sites More sharing options...
Solution SalientAnimal Posted January 29, 2014 Author Solution Share Posted January 29, 2014 Wanted to update this thread that I finally managed to get it to work correctly. I fixed this by adding this at the top of each page. My document mode was not set correctly. A quick fix was to add the below to each page: <!doctype html> <meta http-equiv="X-UA-Compatible" content="IE=Edge"> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.