Forum Moderators: coopster
This is the code:
session_start();
// include function files for this application
require_once('markbook_fns.php');//create short variable names
$username = $HTTP_POST_VARS['username'];
$passwd = $HTTP_POST_VARS['passwd'];
if ($username && $passwd)
// they have just tried logging in
{
if (login($username, $passwd))
{
// if they are in the database register the user id
$HTTP_SESSION_VARS['valid_user'] = $username;
$HTTP_SESSION_VARS['cohort'] = $cohort;
}
else
{
// unsuccessful login
do_html_header('Problem:');
echo 'You could not be logged in.
You must be logged in to view this page.';
do_html_url('login.php', 'Login');
do_html_footer();
exit;
}
}
do_html_header('Home');
check_valid_user();
//create short variale name for logged on user
$myname=$HTTP_SESSION_VARS['valid_user'];
Anyone have any ideas?
daisho.
CautionIf you are using $_SESSION (or $HTTP_SESSION_VARS), do not use session_register(), session_is_registered(), and session_unregister().
When you say doesn't work are there errors or nothing happens or something else? Have you looked through the settings in php.ini? (depending on what is and isn't happening)
daisho:
No not Stronghold.
Help my understanding here.
This is from [php.net...]
If register_globals is enabled, then each global variable can be registered as session variable. Upon a restart of a session, these variables will be restored to corresponding global variables. Since PHP must know which global variables are registered as session variables, users need to register variables with session_register() function. You can avoid this by simply setting entries in $_SESSION.Caution
If you are using $_SESSION and disable register_globals, do not use session_register(), session_is_registered() and session_unregister(), if your scripts shall work in PHP 4.2 and earlier. You can use these functions in 4.3 and later.If you enable register_globals, session_unregister() should be used since session variables are registered as global variables when session data is deserialized. Disabling register_globals is recommended for both security and performance reasons.
Example 4. Registering a variable with register_globals enabled<?php
if (!session_is_registered('count')) {
session_register("count");
$count = 0;
}
else {
$count++;
}
?>If register_globals is enabled, then the global variables and the $_SESSION entries will automatically reference the same values which were registered in the prior session instance.
My guess is that Ironfist has register_globals is on.
My understanding is the HTTP_SESSION_VARS is not an autoglobal and therefore will have to be registered. So just doing
$HTTP_SESSION_VARS['valid_user'] = $username;
$HTTP_SESSION_VARS['cohort'] = $cohort;
will not do anything since the variable is not registered yet.
I replaced
$HTTP_SESSION_VARS['valid_user'] = $username;
$HTTP_SESSION_VARS['cohort'] = $cohort;
with
$valid_user = $username;
session_register('valid_user') ;
session_register('cohort');
and it works fine. Thanks!
