* Thus wrote Justin Kozuch ([EMAIL PROTECTED]):
> Hi All,
>
> ...
>
> Here is the code that I have on the login form, called index.php
>
> <?php require_once('Connections/verspeeten.php'); ?>
> <?php
Breaking in and out of php is pointless, and can cause potential
problems with session_start(), "headers sent error" etc..
> mysql_select_db($database_verspeeten, $verspeeten);
> $query_rs_authlevel = "SELECT tbl_users.id_authlevel FROM tbl_users";
> $rs_authlevel = mysql_query($query_rs_authlevel, $verspeeten) or
> die(mysql_error());
> $row_rs_authlevel = mysql_fetch_assoc($rs_authlevel);
> $totalRows_rs_authlevel = mysql_num_rows($rs_authlevel);
I'm not exactly sure why this is all here, besides there
potentially being more than one row, it's never used again.
> ?>
> <?php
> // *** Register the variable named id_authlevel
> session_start();
Luckily php is nice and doesn't consider the you're php/html break
above should have had a carriage return sent.
> session_register("id_authlevel");
Is register globals on? this will only work if it is on.
> $id_authlevel = "id_authlevel";
Again, not entirely sure what this is for. I'm assuming you're
really wanting to do something with your $rs_authlevel here. But
I'm not entirely sure what that would be.
>
> $loginFormAction = $_SERVER['PHP_SELF'];
> if (isset($accesscheck)) {
Where is $accesscheck comming from?
> $GLOBALS['PrevUrl'] = $accesscheck;
> session_register('PrevUrl');
>
> ...
>
> if (isset($_SESSION['PrevUrl']) && false) {
Using $_SESSION, leads me to believe you havn't read the manual
page about session_register(). Excpecially the parts with the
bolded 'Warning'.
> $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
> }
> header("Location: " . $MM_redirectLoginSuccess );
> }
> else {
> header("Location: ". $MM_redirectLoginFailed );
The script wont end with these header() calls; it will continue on
and send the form to the client. If you have any session stuff
pass this point it will be executed as well.
> }
> }
>
> ...
>
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
> <html xmlns="http://www.w3.org/1999/xhtml";>
> <head>
> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
> <title>.:. Verspeeten Computer Systems - Help Desk Mainframe .:.</title>
> </head>
>
> <body>
>
> <?php
> if ($id_authlevel == 1) {
> echo "admin";
> } elseif ($id_authlevel == 2) {
> echo "manager";
> } elseif ($id_authlevel == 3) {
> echo "tech";
> }
> ?>
- No session_start()
- is register globals on?
- are you mixing $_SESSION and session_register() together?
- If your sessions do work $id_authlevel will be none of those
values but "id_authlevel"
Curt
--
"I used to think I was indecisive, but now I'm not so sure."
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
