tmallen Posted November 30, 2007 Share Posted November 30, 2007 I have a fairly simple login script that won't work in Internet Explorer 6. Errors aren't returned for a false login, and correct logins don't work either: From login.php <form action="../scripts/login.php" method="post"> <fieldset> <ol> <li><label>Username: <em>*</em></label><input type="text" name="username" /></li> <li><label>Password: <em>*</em></label><input type="password" name="password" /></li> <?php if ($_SESSION['error']) { echo "<p class='clear alert'><strong>".$_SESSION['error']."</strong></p>"; session_destroy(); } ?> <p><input type="submit" value="Login" /></p> </ol> </fieldset> </form> The script this refers to is the other login.php: <?php $username = $_REQUEST['username']; $password = $_REQUEST['password']; session_start(); $_SESSION['uid'] = $username; $_SESSION['pass'] = $password; header("Location: "); // this redirects to the user's home URL on my site, and works fine. omitted for security ?> And the header.php section that checks for an authenticated session: if ($admin) { $users = array( // Array of usernames matched to passwords. Omitted for security reasons ); if ($_SESSION['pass'] == $users[$_SESSION['uid']]) { $passed = TRUE; } if ($passed != TRUE) { $_SESSION['error'] = 'Login incorrect'; header("Location: http://"); // returns user to login page. omitted for security } if (!$_SESSION['uid'] || !$_SESSION['pass']) { header("Location: http://"); //returns user to login page. omitted for security } } And any page that should require authentication has this in the top: <?php $admin = TRUE; ?> So why does this work in every browser except IE6? Seems odd. Link to comment https://forums.phpfreaks.com/topic/79535-login-script-that-depends-on-sessions-doesnt-work-in-ie6/ Share on other sites More sharing options...
revraz Posted November 30, 2007 Share Posted November 30, 2007 session_start(); needs to be the first line of code on every page. Link to comment https://forums.phpfreaks.com/topic/79535-login-script-that-depends-on-sessions-doesnt-work-in-ie6/#findComment-402915 Share on other sites More sharing options...
tmallen Posted November 30, 2007 Author Share Posted November 30, 2007 That can't happen. If I do that, the entire authentication system breaks down: <?php include '../includes/header.php'; $admin = TRUE; ?> The $admin flag is too late then, and they've already gained access. EDIT: Your advice unfortunately didn't work. I moved session_start() to the top of the pages I've been testing, and the login still fails in IE6. Link to comment https://forums.phpfreaks.com/topic/79535-login-script-that-depends-on-sessions-doesnt-work-in-ie6/#findComment-403066 Share on other sites More sharing options...
revraz Posted November 30, 2007 Share Posted November 30, 2007 You are relying on Sessions, if its not the first line, Sessions won't work. Link to comment https://forums.phpfreaks.com/topic/79535-login-script-that-depends-on-sessions-doesnt-work-in-ie6/#findComment-403071 Share on other sites More sharing options...
tmallen Posted November 30, 2007 Author Share Posted November 30, 2007 I tried sessions on the first line, and it still didn't work. Link to comment https://forums.phpfreaks.com/topic/79535-login-script-that-depends-on-sessions-doesnt-work-in-ie6/#findComment-403074 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.