|
|
 |
|
|
Thread Tools | Display Modes |
Feb 19th, 2008, 11:19 PM
|
#11 |
|
Programmer
Join Date: Sep 2005
Location: Nanaimo, BC, Canada
Posts: 97
Rep Power: 0
  |
Re: Sessions Problem
Thanks for the tip, I'll keep that in mind... care to explain why that's not such a great thing?
I suppose it's not secure against hackers and such? (SQL injection, etc.) |
|
|
|
Feb 20th, 2008, 12:21 AM
|
#12 |
|
Programmer
Join Date: Sep 2005
Location: Nanaimo, BC, Canada
Posts: 97
Rep Power: 0
|
Re: Sessions Problem
For some reason I can't edit... so sorry for the double post...
I just read Ooble's post about wanting to see the code before this segment.. so i will show you the code. The login script is actually in a separate php file that I include into the index file. if (!empty($_POST['user']) && !empty($_POST['pass'])) {
//if the user has sent a new user name and password, assign them to new variables
$new_user = $_POST['user'];
$new_password = sha1($_POST['pass']);
$sqlCon = mysql_connect($db_host, $db_user, $db_password);
//connect to the database
$myDB = mysql_select_db($db_name, $sqlCon);
//select the appropriate database
$sql = 'SELECT * FROM `users`';
//setup the sql
$query = mysql_query($sql, $sqlCon);
//send the query and then check for errors
if (!$query) {
die('Error: ' . mysql_error());
}I have another included file at the top of my index file that starts the session too: <?php
session_start();
$_SESSION['user_name'] = $_COOKIE['user_name'];
$_SESSION['password'] = $_COOKIE['password'];
if (!empty($_SESSION['user_name']) && !empty($_SESSION['password'])) {
$user=$_SESSION['user_name'];
$password=$_SESSION['password'];
}
?>I don't really think any of this is messing up making the cookies, but I could be wrong. I'm using this script on a subdomain (bcssa.andrewsmythe.net)... this wouldn't be messing things up would it? |
|
|
|
|
Feb 20th, 2008, 11:16 PM
|
#13 |
|
Programmer
Join Date: Sep 2005
Location: Nanaimo, BC, Canada
Posts: 97
Rep Power: 0
|
Re: Sessions Problem
I found out my problem... thanks for your help everyone!
|
|
|
|
|
Feb 21st, 2008, 11:13 PM
|
#14 |
|
I eat cake for breakfast.
 
Join Date: Jul 2004
Location: In my box.
Posts: 4,434
Rep Power: 9
|
Re: Sessions Problem
Congrats.
Dameon's right: you shouldn't be pulling all the users out of the database in order to find one. It's slow and not necessary. Try this: ...
$sql = 'SELECT * FROM `users` WHERE username = \'' . mysql_real_escape_string($user) . '\'';
...
$result = mysql_fetch_array($query);
if ($result && ($new_user == $result['username']) && ($new_password == $result['password'])) {
... |
|
|
|
|
Feb 23rd, 2008, 1:34 AM
|
#15 |
|
Programmer
Join Date: Sep 2005
Location: Nanaimo, BC, Canada
Posts: 97
Rep Power: 0
|
Re: Sessions Problem
Alright, I'll try to implement that into my code.
Thanks for the help guys! |
|
|
|
|
| Bookmarks |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Challenging Programming Problem - "Pinball Ranking" | Sane | Coder's Corner Lounge | 38 | Jan 15th, 2008 5:16 PM |
| Problem solving | ReggaetonKing | Software Design and Algorithms | 7 | Jan 4th, 2008 1:49 PM |
| Storing BLOBs in a database - problem | jonyzz | Other Programming Languages | 8 | Jan 31st, 2007 4:38 AM |
| Changing icons problem | Pedja | C# | 8 | Mar 25th, 2006 8:03 AM |
| cgi/perl script + IE problem | joyceshee | Perl | 2 | Jan 24th, 2006 11:10 AM |
Linear Mode
