Posted by awebguynow on 07/27/06 21:52

My Auth code works locally but not on my host, and I'm debugging it to
find out, why not.

Except where noted, I'll be referring to my webhost's configuration.
I'm using a .htaccess "AddHandler" directive, to force php5
I notice with the help of phpinfo(), I'm locally using "Apache 2
Handler" but my host uses CGI.
session.auto_start Off Off
I'm actually hosting this alpha site, wholly contained in a
subdirectory, but use relative references and links, so this should not
be an issue.
I do have access to logs.

The authentication will be used, for a business site, to determine the
user and which office and data they should have access to. Since my
host ruled out using "auto_prepend_file", I've come up with variation
that should be equally effective.

Structure is something like this:
Any file that has processing or reports that are office specific will
force authentication:
include('MyAccessControl.php"); //(MAC) which consists of alot of
mixed mode php/html

The purpose of MAC is as follows:
- If you have a session and a user, use minimal processing and get
through
- If you don't provide an auth form ( with action, back to
$_SERVER['PHP_SELF'] )
also, loop (restrict or exit) until user-password values match to
those in DB

MAC psuedo code
session_start();
$user = get from $_SESSION or from $_POST
if (!isset(user)) provide form, etc
the key of course is action=$_SERVER['PHP_SELF'] which is not MAC
but the file that included MAC, ie: MyOfficeReport.php (MOR)

I'm not getting back to MOR, but I'm not getting any error either.
I'm getting a minimal html page, basically empty html-head-body

Pre test: Noted when 1st seeing the auth form, source had
PHPSESSIONID=... Looked good
One test: print to a file the basename($_SERVER['PHP_SELF']) That
looked fine.
Two test: set up a session and user, then link to MOR, to see if it
would display correctly or show the Auth form ( it showed the auth
form ).

sorry for this explanation being long. Anyone have a suggestion on
this ? TIA

• Next in forum: Re: Apache Module of PHP on WindowsXP
• Prev in forum: Weird result?? php 4.4.0
• Thread view: session-based authentication code not working on shared host

[Reply to this message]