logo-dw

Go Back   Dreamweaver Club Forums > Dreamweaver forums > Video Tutorials
Register FAQ Members List Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
Old 11-30-2010, 02:48 PM   #1
flytkjær
 
Join Date: Nov 2010
Posts: 2
Default PHP login script. security.php

Hi

When i follow the video tutorial part 3, and move the if statement to security.php i can't log in from the login page or i'm send back to the login page!

Code exsample from tutorial 3
Code:
<?php 
require_once("../config/config.php"); // database connection
require_once("../config/opendb.php"); // database connection
include("../includes/security.php");
session_start();
$id = $_SESSION['id'];
If i change it to this code it works!
Code:
<?php 
require_once("../config/config.php"); // database connection
require_once("../config/opendb.php"); // database connection
session_start();
include("../includes/security.php");
$id = $_SESSION['id'];
Does this change have any security issues? If not why do i have to move this line?

Best regards
Søren
flytkjær is offline   Reply With Quote
Old 11-30-2010, 05:39 PM   #2
davidj
davidj's Avatar
 
Join Date: Sep 2005
Location: The Toon (newcastle upon Tyne)
Posts: 8,256
Default

you will see in security.php that its using sessions so you have to call session_start() before that script
__________________
Would you like to learn PHP from me? Check out -> www.codezenith.co.uk
davidj is offline   Reply With Quote
Old 11-30-2010, 08:55 PM   #3
flytkjær
 
Join Date: Nov 2010
Posts: 2
Default PHP login script. security.php

Hi Davidj

Thanks for your quick reply to my question. I appriciate it a lot!!

If you have a look at tutorial 3. then you might observe that the author
cut and paste some text from the welcome.php file to the security.php file. Thereafter he insert the include statement above the session_start().

welcome.php before:
Code:
<?php 
require_once("../connections/connection.php"); // database connection
session_start();
if (! isset($_SESSION['id'])){ 
header("location:index.php");
exit;
}
$id = $_SESSION['id'];
security.php:
Code:
<?php 
if (! isset($_SESSION['id'])){ 
header("location:index.php");
exit;
}
?>
welcome.php after:
Code:
<?php 
require_once("../config/config.php"); // database connection
require_once("../config/opendb.php"); // database connection
include("../includes/security.php");
session_start();
$id = $_SESSION['id'];
Maybe i'm just a new newbee, but here the author did not copy the session_start () into the security.php file, nor does he insert the "include" after the session_start() line in welcome.php file.

And who would i bee, if i; who tries to learn from theses tutorials tells the author that he is wrong? (no answer required!)

This leaeves me to this question: i'm i supposed to copy the session_start() line into the security.php filer and remove it from welcome.php file? or do i have to insert the include after session_start() line?
flytkjær is offline   Reply With Quote
Old 12-01-2010, 06:52 AM   #4
davidj
davidj's Avatar
 
Join Date: Sep 2005
Location: The Toon (newcastle upon Tyne)
Posts: 8,256
Default

I will check that tutorial when working with sessions you have to declare a session_start before hand in order for the parser to prepare for sessions
__________________
Would you like to learn PHP from me? Check out -> www.codezenith.co.uk
davidj is offline   Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:27 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Copyright 2006 DreamweaverClub.com