Jump to content

Authentication

Ryflex

By Ryflex
in PHP Coding Help

 Share

Recommended Posts

Ryflex Member

Ryflex

Posted
Posted

Hi all,

 

I have an authentication part on my website that checks every page through a session variable if a user is logged in and which user it is.

When I test my code on my computer it works perfectly registration and login goes smooth but when someone on another computer tries it they get the acces denied page.... does anyone know why???

 

Greets Ryflex

 

 

 

Link to comment
Share on other sites
rwwd Member

rwwd

Posted
Posted

pop the code on that you think is erroneous and the good people here can then help you... I think the $_SESSION checker at the top of the page would be a god place to start, along with how the $_SESSION is getting set too.

 

Rw

Link to comment
Share on other sites
Ryflex Member

Ryflex

Posted
  • Author
Posted

 

reg.php (set the $_SESSION variable)

$qry2 = "SELECT * FROM members WHERE login = '$login' AND passwd = '".md5($_POST['password'])."'";
        $result2 = mysql_query($qry2);
        $array2 = mysql_fetch_array($result2);
        $member_ID = $array2['member_id'];
        $_SESSION['SESS_MEMBER_ID']     = $member_ID;

 

 

 

 

 

auth.php (checks the $_SESSION variable)

<?php
    //Start session
    session_start();
    
    //Check whether the session variable SESS_MEMBER_ID is present or not
    if(!isset($_SESSION['SESS_MEMBER_ID']) || (trim($_SESSION['SESS_MEMBER_ID']) == '')) {
        header("location: access-denied.php");
        exit();
    }
?>

 

first line of every page after login or register

 <?php require_once('auth.php'); ?>

Link to comment
Share on other sites
BlueSkyIS Newbie

BlueSkyIS

Posted
Posted

i'd go to basic troubleshooting. echo $member_id and make sure it's actually set.

 


        // Is the query working???
       $result2 = mysql_query($qry2) or die(mysql_error();

       // if we got here, the query is working. let's see what value we get.
       $member_ID = $array2['member_id'];
die("got member_ID: $member_ID"); // Does this produce a valid member_ID value? if so, remove this line and continue troubleshooting.
        $_SESSION['SESS_MEMBER_ID']     = $member_ID;

Link to comment
Share on other sites
Ryflex Member

Ryflex

Posted
  • Author
Posted

Hi all,

 

I checked it and it works perfectly until it goes to the frames page and then al frames go to the acces denied page.....

before it goes through 3 pages an passes the session variable just fine...

So now what??? I'm starting to lose my nerves here...

 

Thnx Ryflex

Link to comment
Share on other sites
Ryflex Member

Ryflex

Posted
  • Author
Posted

Ok found out through another forum.

 

When using $_SESSION variables check if your links are staying on the same domain.

www.example.com and example.com seems to be different. So make sure that when you start on example.com al your links stay on example.com/.... and not www.example.com/.... or backwards

 

Ryflex

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.