Jump to content

Strange Error

duncan_cowan

By duncan_cowan
in PHP

 Share

Recommended Posts

duncan_cowan Member

duncan_cowan

Posted
Posted

hi i am getting a strange error in some script.when i run it it comes up with a "500 internal server error" but when i delete "$time = time();" from it it shows the page.here is the script:

<?php/* check login script, included in db_connect.php. */$time = time();$last_active = $_SESSION['last_active'];session_start();if (!isset($_SESSION['username']) || !isset($_SESSION['password'])) {	$logged_in = 0;	return;} else {	if($last_active<$time) {	   $timeout = 1;	   require "logout.php";	}	// remember, $_SESSION['password'] will be encrypted.	if(!get_magic_quotes_gpc()) {		$_SESSION['username'] = addslashes($_SESSION['username']);	}	// addslashes to session username before using in a query.	$pass = $db_object->query("SELECT password FROM users WHERE username = '".$_SESSION['username']."'");	if(DB::isError($pass) || $pass->numRows() != 1) {		$logged_in = 0;		unset($_SESSION['username']);		unset($_SESSION['password']);		// kill incorrect session variables.	}	$db_pass = $pass->fetchRow();	// now we have encrypted pass from DB in	//$db_pass['password'], stripslashes() just incase:	$db_pass['password'] = stripslashes($db_pass['password']);	$_SESSION['password'] = stripslashes($_SESSION['password']);	//compare:	if($_SESSION['password'] == $db_pass['password']) { 		// valid password for username		$logged_in = 1; // they have correct info					// in session variables.	} else {		$logged_in = 0;		unset($_SESSION['username']);		unset($_SESSION['password']);		// kill incorrect session variables.	}}// clean upunset($db_pass['password']);$_SESSION['username'] = stripslashes($_SESSION['username']);?>

please could someone helpthanks.

Link to comment
Share on other sites
thibo1025 Member

thibo1025

Posted
Posted

w3schools says you need to put the sessions on the top...So maybe you could go like this:

<?php/* check login script, included in db_connect.php. */$last_active = $_SESSION['last_active'];session_start();if (!isset($_SESSION['username']) || !isset($_SESSION['password'])) {	$logged_in = 0;	return;} else {	if($last_active<$time) {	   $timeout = 1;	   require "logout.php";	}	// remember, $_SESSION['password'] will be encrypted.	if(!get_magic_quotes_gpc()) {		$_SESSION['username'] = addslashes($_SESSION['username']);	}	// addslashes to session username before using in a query.	$pass = $db_object->query("SELECT password FROM users WHERE username = '".$_SESSION['username']."'");	if(DB::isError($pass) || $pass->numRows() != 1) {		$logged_in = 0;		unset($_SESSION['username']);		unset($_SESSION['password']);		// kill incorrect session variables.	}	$db_pass = $pass->fetchRow();	// now we have encrypted pass from DB in	//$db_pass['password'], stripslashes() just incase:	$db_pass['password'] = stripslashes($db_pass['password']);	$_SESSION['password'] = stripslashes($_SESSION['password']);	//compare:	if($_SESSION['password'] == $db_pass['password']) { 		// valid password for username		$logged_in = 1; // they have correct info					// in session variables.	} else {		$logged_in = 0;		unset($_SESSION['username']);		unset($_SESSION['password']);		// kill incorrect session variables.	}}// clean upunset($db_pass['password']);$_SESSION['username'] = stripslashes($_SESSION['username']);$time = time();?>

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...