flin
Posts: 5
|
| Posted: 01/23/2004, 8:27 AM |
|
Hi,
i am working on this problem the whole day now and i am completely lost, out of my mind and already swearing like a dockworker.
The Problem:
I cant login into restricted pages and get redirected to the login.php page.
Finally I found out that during the process 4 session files are generated in the Apache session directory. First one when opening login.php, the other 3 when submitting the form. One of them has correct user_id and group_id values.
So I wonder why the first statement in my commons.php file is start_session(); . Shouldnt that be some kind of control structure, checking, whether a session exists ? I tried to write a few if statements, but none worked, since i am quite a php-noob. Can anyone help me with that, please ?
Oh, before you ask, in the php.ini file register_globals = on.
System:
win2000
Apache 2.0.48
PHP 4.3.4
CodeCharge Studio 2.2.3.60
Thank you very much for your help, i am completely lost and out of ideas.
Take care,
Jan 'Flin' Nebendahl
|
 |
 |
lvalverdeb
Posts: 299
|
| Posted: 01/23/2004, 11:42 AM |
|
How about the session_save_path variable in php.ini? Is it set to a directory that is valid?
_________________
lvalverdeb
CR, GMT-6
XAMPP/Ubuntu/CCS3.2/4 |
|
|
|
peterr
Posts: 5971
|
| Posted: 01/23/2004, 12:25 PM |
|
Since sessions are created in your session directory then everything looks good, though I would still check the permissions on that folder. Otherwise possibly this issue is not related to sessions, therefore please let us know the symptoms. What is happening when you try to login? Is the login page refreshed? Any error messages?
Also please try specifying the destination page in the "Return Page" properties of the Login form, and of the "Login" button.
_________________
Peter R.
YesSoftware Forums Moderator
For product support please visit http://support.yessoftware.com |
|
|
|
flin
Posts: 5
|
| Posted: 01/25/2004, 3:08 AM |
|
Thank you for the replies.
Session.save_path goes to a valid directory. Session files are created. The problem is that the session somehow doesn't keep the session parameters. I assume it is because of common.php, which starts a new session every time it is called.
Login Page has a return page called tsta_vesta_list.ccp .
Login works. I use a table from a MySQL DB for userrights.
I can log in, providing wrong usernames or passwords leads to correct Error messages above the login form (looks correct).
If i login and proceed to a restricted page (tsta_vesta_list.ccp) it throws me back to login and the adresspage in the browser (which accepts cookies btw) looks like this:
http://127.0.0.1/login.php?ret_link=%2Ftsta_vesta_list.php&type=notLogged
The first few lines of my common.php (which i changed, i think, because there were error messages complaining that start_session() wasnt the first existing output):
---------------------------------
<?php
//Include Files @0-6CA7C540
include(RelativePath . "/Classes.php");
include(RelativePath . "/db_mysql.php");
//End Include Files
//Initialize Common Variables @0-F4D6B96D
start_session();
header('Pragma: ');
header('Cache-control: ');
header('Expires: ');
---------------------------
|
|
|
|
peterr
Posts: 5971
|
| Posted: 01/25/2004, 1:06 PM |
|
Quote :I assume it is because of common.php, which starts a new session every time it is called.
Keep in mind that all CCS users use Common.php and it works OK.
You can learn about session_start() (not start_session() ) at http://www.google.com/search?q=session_start
You will find an example that explains that session_start() "Works if session cookie was accepted". Thus if you disable session cookies in your browser then you may have problems.
You may also need to change start_session(); to session_start(); in your modified code.
Otheriwse looks like your issue is not related to sessions since your login works OK. It is however standard behavior that if you don't have sufficient permissions to access a restricted page then you will be thrown back to the login page. This happens when you're logged in and your Group ID is not matching the groups specified in the page restrictions.
Please check that you specified correct restriction settings for your page, or "Security Groups" in Project -> Settings.
You can also post your settings here and possibly someone can help you analyze what may be wrong. Our support link is also shown below.
_________________
Peter R.
YesSoftware Forums Moderator
For product support please visit http://support.yessoftware.com |
|
|
|
Nicole
Posts: 586
|
| Posted: 01/26/2004, 5:30 AM |
|
Also make sure that time set both client and server is correct , otherwise it could make cookies expire before they arrive. And check the session duration settings. You may handle session time by changing the value of session.cache_expire in php.ini. The default value is 180 min.
_________________
Regards,
Nicole |
|
|
|
flin
Posts: 5
|
| Posted: 01/26/2004, 9:32 AM |
|
Thanks to all for the help...
Since I still couldn't implement a working login, I just decided to use a access control on operating system basis, which works.
I will try to tackle the problem when I dont have 5 teams otu there entering data.
Thanks again,
Take care
Jan 'Flin' Nebendahl
|
|
|
|
Daniel
|
| Posted: 01/28/2004, 6:03 AM |
|
I had the same symptomes in my project, and finally it was due to the facts that I used IE6 which didn't support server names that contained underscores (malformed URL bug) like srv_rd.mycompany.com . I renamed the server and the problem was gone...
|
|
|
|
|
