Mahou Posted October 31, 2013 Share Posted October 31, 2013 I recently upgraded to PHP 5.3.3 from PHP 5.1.1. My Login session worked fine on PHP 5.1.1. After upgrading to PHP 5.3.3 the login session is not working. This is my login.php code : <?php require_once('conn/conn.php'); ?> <?php // *** Validate request to login to this site. session_unset(); session_start(); $loginFormAction = $_SERVER['PHP_SELF']; if (isset($accesscheck)) { $GLOBALS['PrevUrl'] = $accesscheck; session_register('PrevUrl'); } if (isset($_POST['staffid'])) { $loginUsername=$_POST['staffid']; $password=md5($_POST['password']); $MM_fldUserAuthorization = "accessid"; $MM_redirectLoginSuccess = "http://113.28.30.89/staff/st_admin.php"; $MM_redirectLoginFailed = "main.php?error=1"; $MM_redirecttoReferrer = false; mysql_select_db($database_conn, $conn); $LoginRS__query=sprintf("SELECT staffid, password, accessid FROM tbl_staff WHERE staffid='%s' AND password='%s'", get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); $LoginRS = mysql_query($LoginRS__query, $conn) or die(mysql_error()); $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $loginStrGroup = mysql_result($LoginRS,0,'accessid'); //declare two session variables and assign them $GLOBALS['MM_Username'] = $loginUsername; $GLOBALS['MM_UserGroup'] = $loginStrGroup; //register the session variables session_register("MM_Username"); session_register("MM_UserGroup"); if (isset($_SESSION['PrevUrl']) && false) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } header("Location: " . $MM_redirectLoginSuccess ); } else { header("Location: ". $MM_redirectLoginFailed ); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <link type="text/css" rel="stylesheet" href="css/style_new.css" /> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta content="© 2013 PCCW - Call Center Technical Support by Yosuke Ip | All Rights Reserved." name="copyright"> <title>PCCW - Training Program</title> </head> <body> <form name="login" method="POST" action="<?php echo $loginFormAction; ?>"><h2> <?php if (isset($_GET['error']) && ($_GET['error'] == 1)) { echo " Login Failed!!! "; } ?> </h2> <table width="323" height="341" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td height="55" colspan="5"><img src="Images/adminlogin_top.gif" width="323" height="55" alt="" /></td> </tr> <tr> <td width="22" rowspan="4" bgcolor="#00a1e1"> </td> <td height="25" colspan="2" align="center" valign="middle" bgcolor="#00a1e1"><h4 class="tab_content">Administration</h4></td> <td width="42" height="166" rowspan="4"><img src="Images/adminlogin_right1.gif" width="42" height="166" /></td> <td width="15" height="166" rowspan="4" > </td> </tr> <tr> <td width="100" height="35" bgcolor="#00a1e1" class="">User name :</td> <td width="144" align="left" bgcolor="#00a1e1"><input size="10" type="text" name="staffid"></td> </tr> <tr> <td height="35" bgcolor="#00a1e1" class="">Password :</td> <td align="left" bgcolor="#00a1e1"><input size="10" name="password" type="password"></td> </tr> <tr> <td height="24" bgcolor="#00a1e1"> </td> <th scope="row" align="left" bgcolor="#00a1e1"><input type="submit" name="Submit" value="Login"> </tr> <tr> <td height="84" colspan="5"><img src="Images/adminlogin_bottom.gif" alt="" width="323" height="84" /></td> </tr> <tr> <td height="52" colspan="5" align="left"><h6>Staff Session</h6></td> </tr> </table> </form> </body> </html> member.php <?php session_start(); $MM_authorizedUsers = ""; $MM_donotCheckaccess = "true"; // *** Restrict Access To Page: Grant or deny access to this page function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { // For security, start by assuming the visitor is NOT authorized. $isValid = False; // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. // Therefore, we know that a user is NOT logged in if that Session variable is blank. if (!empty($UserName)) { // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. // Parse the strings into arrays. $arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); if (in_array($UserName, $arrUsers)) { $isValid = true; } // Or, you may restrict access to only certain users based on their username. if (in_array($UserGroup, $arrGroups)) { $isValid = true; } if (($strUsers == "") && true) { $isValid = true; } } return $isValid; } /* $MM_restrictGoTo = "../login/login.php"; if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_SELF']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) $MM_referrer .= "?" . $QUERY_STRING; $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer); header("Location: ". $MM_restrictGoTo); exit; } */ ?> <?php require_once('../conn/conn.php'); ?> <?php if ( isset($_POST['staffid']) ) { $_GET['staffid'] = $_POST['staffid']; $_GET['staffid'] = $_GET['staffid'] * 1; if (is_integer($_GET['staffid']) ) { $maxRows_RsStaff = 1000000; $pageNum_RsStaff = 0; if (isset($_GET['pageNum_RsStaff'])) { $pageNum_RsStaff = $_GET['pageNum_RsStaff']; } $startRow_RsStaff = $pageNum_RsStaff * $maxRows_RsStaff; mysql_select_db($database_conn, $conn); $query_RsStaff = sprintf("SELECT * FROM tbl_staff WHERE staffid = %s", $_GET['staffid']); $query_limit_RsStaff = sprintf("%s LIMIT %d, %d", $query_RsStaff, $startRow_RsStaff, $maxRows_RsStaff); $RsStaff = mysql_query($query_limit_RsStaff, $conn) or die(mysql_error()); $row_RsStaff = mysql_fetch_assoc($RsStaff); }} ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <link href="../css/style_new.css" rel="stylesheet" type="text/css"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>PCCW - Training Program</title> </head> <body> <table width="419" border="0" align="right" cellpadding="0" cellspacing="1"> <tr> <td width="25" height="22" align="center" ><h4><?php echo $_session['staffid']; ?></h4></td> <td width="73" align="center" ><h4>Name : <?php echo $row_RsStaff['name']; ?></h4></td> <td width="98" align="center" ><h4>Team Code : <?php echo $row_RsStaff['teamcode']; ?></h4></td> <td width="65" align="center" ><h4>Skill : <?php echo $row_RsStaff['skill']; ?></h4></td> <td width="58" align="center" ><a href="logout.php" target="_self"><h4>Logout</h4></a></td> </tr> </table> <p> </p> <table width="866" border="0" align="center" cellpadding="0" cellspacing="1"> <h5> <tr> <td width="80" height="26" align="center" bgcolor="#dfdfdf">Course ID</td> <td width="213" align="center" bgcolor="#dfdfdf">Course Name</td> <td width="83" align="center" bgcolor="#dfdfdf">Class Status</td> <td width="164" align="center" bgcolor="#dfdfdf">Start Date</td> <td width="147" align="center" bgcolor="#dfdfdf">Finished Date</td> <td width="77" align="center" bgcolor="#dfdfdf">CCC</td> <td width="94" align="center" bgcolor="#dfdfdf">Venue</td> </tr> <tr> <td height="27" align="center" bgcolor="#e9e9e9"><?php echo $RsStaff['staffid']; ?></td> <td align="center" bgcolor="#e9e9e9"><?php echo $RsCourse['coursename']; ?></td> <td align="center" bgcolor="#e9e9e9"><?php echo $RsCourse['classstatus']; ?></td> <td align="center" bgcolor="#e9e9e9"><?php echo $RsCourse['startdate']; ?></td> <td align="center" bgcolor="#e9e9e9"><?php echo $RsCourse['enddate']; ?></td> <td align="center" bgcolor="#e9e9e9"><?php echo $RsCourse['ccc']; ?></td> <td align="center" bgcolor="#e9e9e9"><?php echo $RsCourse['venue']; ?></td> </tr> </h5> </table> </body> </html> I am really appreciated for your help. Link to comment Share on other sites More sharing options...
Ingolme Posted October 31, 2013 Share Posted October 31, 2013 You have some deprecated things, such as session_register(). Here's how sessions are used in newer versions of PHP: http://us1.php.net/manual/en/session.examples.basic.php Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now