Forum Moderators: coopster
So, three days ago, I learned how to program in PHP, how to use a MySQL database and how to mix both. All this from 3dbuzz website's video lessons.
After that, I started to make a blog from zero. After 4 hours of straight work I couldn't believe what I had already achieved! The next day I started to implement new features like login and logout and post remove etc., as I mention in each post I've been creating with all the news.
You can check it at <snip>
It's running on my machine with WAMP but that's ok.
Now, the big "problem" I have is not much as a problem, it's more like a "warning". When someone registers and then tries to login, after a failed login it echoes the error [created by me], but if the login is correct [both username and password], it echoes '"username" logged' but also echoes an error ["Warning"] from mysql that I quote here:
"Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0"
Can't clean this warning or even fully understand it. Could some one give a hand? Thanks.
[edited by: dreamcatcher at 6:24 am (utc) on July 16, 2007]
[edit reason] no urls as per T.O.S [webmasterworld.com].Thanks [/edit]
<?php
require($_SERVER["DOCUMENT_ROOT"] . "/config/db_config.php");
$connection = @mysql_connect($db_host, $db_user, $db_password) or die("Error connecting");
mysql_select_db($db_name, $connection);
session_start();
$username = $_POST["username"];
if(session_is_registered("username"))
echo '<center><p style="font-family:verdana;font-size:10pt;color:green">
<b>'.$_SESSION["username"].'</b> logged</p></center>';
//echo $username."<br>";
$username_len = strlen($username);
$password = $_POST["password"];
//echo $password."<br>";
$password_len = strlen($password);
$password_encrypt = md5($password);
//echo $password_encrypt."<br>";
$query = "SELECT * FROM userlist WHERE username = '$username' and password = '$password_encrypt'";
$result = @mysql_query($query, $connection);
$rows = @mysql_num_rows($result);
if ($username_len > 0 && $password_len > 0)
{
//echo $rows;
if ($rows == 1)
{
session_register("username");
session_register("password");
}
else
{
echo '<center><p style="font-family:verdana;font-size:10pt;color:red">
Wrong username or password</p></center>';
}
//ob_end_flush();
}
?>
<html>
<head>
<title>Login</title>
</head>
<body >
<div align="center">
<table border="0" width="0%" cellspacing="0" cellpadding="10">
<tr>
<td valign="middle" bgcolor="#EEEEEE">
<form action="<?php echo $_SERVER["PHP_SELF"];?>" method="POST">
<font face="arial" size="2">
<b>Username:</b> <input type="text" name="username"><br>
<b>Password:</b> <input type="password" name="password"><br>
<input type="submit" value="Login">
</font>
</form>
</td>
</tr>
</table>
</div>
</body>
</html>
[edited by: mwm_PT at 3:36 pm (utc) on July 16, 2007]
Before PHP 4.3.0, if you are using $_SESSION and you have disabled register_globals, don't use session_register(), session_is_registered() or session_unregister(). Disabling register_globals is recommended for both security and performance reasons.
[php.net...]
What version of php are you running and have you disabled register_globals?
<edit>
instead of those functions listed above, try such examples as:
if(isset($_SESSION["username"]))
echo '<center><p style="font-family:verd....
[edited by: darrenG at 3:44 pm (utc) on July 16, 2007]
EDIT:
Just changed this and worked:
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
instead of:
session_register("username");
session_register("password");
Thanks guys.
[edited by: mwm_PT at 6:02 pm (utc) on July 16, 2007]
