On Tuesday 04 January 2011, Michelle Konzack <linux4miche...@tamay-dogan.net> wrote:
> Hello, Hello... > > I am rewriting currently a login script and I encountered a problem with > sessions. While reading the two pages > > <http://php.net/manual/de/function.session-start.php> > <http://bugs.php.net/bug.php?id=14636> Well, probably this is not a problem of PHP. You must try looking at your page errors. The PHP session mechanism tries to write some headers with the session ID (a cookie). > > I have not found a solution for my problem: > > ----8<------------------------------------------------------------------ > function fncLogin($user, $pass, $redirect, $type='pam') { > > if ($user != '' and $pass != '') { > > $TEXT = "<FONT size=\"+2\" color=\"red\"><B>Error</B></FONT><br > />\n"; $TEXT .= "<HR size=\"3\" noshade=\"noshade\">\n"; > $TEXT .= "The username does not exist or the password is wrong.<p > />\n"; $TEXT .= "<p />\n"; > $TEXT .= "Please go <a href=\"" . $_SERVER['HTTP_REFERER'] . > "\">back</a> and try it again.\n"; > > if ($type == 'pam') { > > if (pam_auth($user, $pass, &$PAM_ERR) === FALSE) { > fncError('2', $TEXT, $errpage='false'); > exit(); > } > > } elseif ($type == 'shadow') { > > $shadow_file = DIR_HOST . "/.shadow"; > if (is_file($shadow_file)) { > > $SHADOW = exec("grep \"^" . $user . ":\" " . DIR_HOST . "/.shadow > |cut -d: -f2"); if (empty($SHADOW)) { > } > > $SALT=exec("grep \"^$user:\" " . DIR_HOST . "/.shadow |cut -d: > -f2 |cut -d$ -f1-3"); $ENCRYPTED=crypt($pass, $SALT); > if ($SHADOW != $ENCRYPTED) { > fncError('2', $TEXT, $errpage='false'); > exit(); > } > > } else { > $TEXT = "<FONT size=\"+2\" color=\"red\"><B>Error</B></FONT><br > />\n"; $TEXT .= "<HR size=\"3\" noshade=\"noshade\">\n"; > $TEXT .= "This is a system error. I can not authenticate du to a > missing config.\n"; $TEXT .= "<p />\n"; > $TEXT .= "Please inform the <a href=\"" . SYSAMIN . > "\">sysadmin</a> and try it later again.\n"; fncError('1', $TEXT, > $errpage='false'); > exit(); > } > } > > session_register('sess_user'); > session_register('sess_timeout'); > $sess_user = $user; > $sess_timeout = time() + 900; > session_write_close(); > header("Location: " . $redirect); > } > exit(); > } > ----8<------------------------------------------------------------------ > > which call the following page correctly, but the two vars $sess_user and > $sess_timeout are empty. > > Can someone please tell me how to do this? Did you tried working with error_reporting(E_ALL) and looking if you have the well known warning "headers already sent"?. Try to work with error_reporting(E_ALL), instead of hiding errors. If you get that warning or error means that the cookie for session id was not written, so you can't handle the session id on the next page... Try using session_start() as the very first call or session.auto_start = 1 in your php.ini (which is not recommended). > > Thanks, Greetings and nice Day/Evening > Michelle Konzack Best regards, -- Daniel Molina Wegener <dmw [at] coder [dot] cl> System Programmer & Web Developer Phone: +56 (2) 979-0277 | Blog: http://coder.cl/
signature.asc
Description: This is a digitally signed message part.
