andyg666 Posted December 15, 2006 Share Posted December 15, 2006 I have adapted one of the user registration and login scripts i found here. I set it up months ago, and now I have a real project to apply it to. It was working fine many months ago, but now I'm getting the following error when i attempt to login:[quote]Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0[/quote]here is the code:[code]<?phpsession_start();require_once('connect.php');if(isset($_POST['login'])) { $error = ''; $username = $_POST['username']; $password = $_POST['password']; if($username == "" || $password == "") { $error .= 'A required field was left blank.<br />'; } $password = md5($password); if(get_magic_quotes_gpc()) { $username = $username; } else { $username = addslashes($username); } $result = mysql_query("SELECT * FROM users WHERE UserName='".$username."' AND UserPWD='".$password."'") or die(mysql_error()); $valid_login = mysql_num_rows($result); if($valid_login == 0) { $error .= "The supplied username and/or password was incorrect.<br />"; } if($error == "") { $data = mysql_fetch_array($result); $_SESSION['username'] = $data['username']; $utime = date("Y/m/d, H:i:s"); mysql_query("UPDATE users SET LastLogin='".$utime."' WHERE UserName='".$username."'"); echo '<meta http-equiv="Refresh" Content="5; URL=index.php"><BR> Thank you for logging in, '.$_SESSION['username'].'.'; die(); setcookie("user", $_SESSION['username'], time()+3600); } else{ echo 'The following errors were returned:<br />'.$error.'<br />'; echo $username.', '.$password; }}?><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><title>Log In</title><style type="text/css">.container { text-align: center; border: 1px solid #000000; width: 300px;}td { text-align: left;}</style></head><body><form action="login.php" method="post"><table class="container" align="center" cellspacing="0" cellpadding="0"> <tr> <td colspan="2" style="text-align:center;"><h1>Log In</h1></td> </tr> <tr> <td>Username:</td> <td><input type="text" name="username" maxlength="20" /></td> </tr> <tr> <td>Password:</td> <td><input type="password" name="password" /></td> </tr> <tr> <td colspan="2" style="text-align:center;"><input name="login" type="submit" value="Log In" /></td> </tr> <tr> <td colspan="2" style="text-align:center;"><a href="register.php">Register</a> | <a href="index.php">Index</a></td> </tr></table></form></body></html>[/code]it IS updating the lastlogin field. but it doesn't set the cookie. what global variable is it talking about? and how can i fix this? thanks. Quote Link to comment Share on other sites More sharing options...
complex05 Posted December 15, 2006 Share Posted December 15, 2006 remove die(); from your script. Quote Link to comment Share on other sites More sharing options...
andyg666 Posted December 15, 2006 Author Share Posted December 15, 2006 [quote author=complex05 link=topic=118746.msg485477#msg485477 date=1166200583]remove die(); from your script.[/quote]D'OH!! thanks. Quote Link to comment Share on other sites More sharing options...
andyg666 Posted December 15, 2006 Author Share Posted December 15, 2006 it's removed. now i get 2 errors...[quote]Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\xampplite\htdocs\thebeathub\login.php:38) in C:\xampp\xampplite\htdocs\thebeathub\login.php on line 39Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0[/quote] Quote Link to comment Share on other sites More sharing options...
complex05 Posted December 15, 2006 Share Posted December 15, 2006 the first line of your script, type ob_start(); Quote Link to comment Share on other sites More sharing options...
andyg666 Posted December 15, 2006 Author Share Posted December 15, 2006 ok, did that. the original error message is still there and it's not setting the cookie. this is weird because it was working in the past. all i didnt was change the database name in the connect.php file and some of the field names in the script itself. i'm wondering why it now requires all of this fixing...thanks for your help, by the way. Quote Link to comment Share on other sites More sharing options...
complex05 Posted December 15, 2006 Share Posted December 15, 2006 Are you hosting this file on a web server? It's possible that whoever is maintaining your server upgraded the version of PHP that may have a session bug in it.Your script appears to be fine and should work. Quote Link to comment Share on other sites More sharing options...
andyg666 Posted December 15, 2006 Author Share Posted December 15, 2006 no i'm using xxamplite. should i see if there are any upgrades or patches available? maybe it's a firewall problem?PHP Version 5.1.4 Quote Link to comment Share on other sites More sharing options...
complex05 Posted December 15, 2006 Share Posted December 15, 2006 No I don't think it's a firewall issue. Try reinstalling XAMP (and get the full version) and see if that helps. If not, I will continue to try to help you with this. Quote Link to comment Share on other sites More sharing options...
andyg666 Posted December 15, 2006 Author Share Posted December 15, 2006 thanks much! Quote Link to comment Share on other sites More sharing options...
andyg666 Posted December 15, 2006 Author Share Posted December 15, 2006 i fixed it like by getting rid of the $data and $result and just setting $_SESSION with the $username variable. it works, but is this a viable and secure solution?[code] if($error == "") { // $data = mysql_fetch_array($result); // $_SESSION['username'] = $data['username']; $_SESSION['username'] = $username; $utime = date("Y/m/d, H:i:s"); mysql_query("UPDATE users SET LastLogin='".$utime."' WHERE UserName='".$username."'"); echo '<meta http-equiv="Refresh" Content="20; URL=index.php"><BR> Thank you for logging in, '.$_SESSION['username'].'.'; setcookie("user", $_SESSION['username'], time()+3600); }[/code] Quote Link to comment Share on other sites More sharing options...
complex05 Posted December 15, 2006 Share Posted December 15, 2006 where is the $username variable coming from? Quote Link to comment Share on other sites More sharing options...
andyg666 Posted December 15, 2006 Author Share Posted December 15, 2006 an HTML form$username = $_POST['username']; Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.