Posted by Jerry Stuckle on 02/01/08 12:27

white lightning wrote:
> On Feb 1, 12:46 pm, Jerry Stuckle <jstuck...@attglobal.net> wrote:
>
>> OK, that should help. It means the session isn't being destroyed - but
>> it is being lost.
>>
>
> how come it works on my localhost and not on the hosting server?
> different php version issue (perhaps)?
>

Not necessarily. There are a lot of different options in PHP, and
several could cause problems. But I'm still trying to figure out if any
session values work.

>> BTW - I just noticed - you should NEVER set $_SESSION to array() (or
>> anything else). Just set the items within the array. When you set
>> $_SESSION itself to something, it loses it's superglobal status.
>> Rather, you should unset() the elements you no longer need.
>>
>> And you shouldn't destroy the session - it may very well have
>> information from other parts of your code. Maybe not now, but later.
>>
>
> thanks for the tip.. yes i did realise that but i destroyed the
> session as an easy solution.. anyway, advice taken..
>
>>>> Also, did you enable the E_NOTICE errors display?
>>> when i add "error_reporting(E_ALL);" or "error_reporting(E_NOTICE);"
>>> in my code, I get the following error after I press the "login"
>>> button.. but normal browsing is ok..
>>> Error 405 Method Not Allowed
>>> The requested method POST is not allowed for URL
>> OK, that's a start. What page are you trying to post to?
>
> This is how my "post" looks like:
> <form action="<?php echo $_REQUEST['PHP_SELF']; ?>" method="post"
> enctype="multipart/form-data" name="login_form">
> <div>
> <div id="member-login">Member Login:</div>
> <div id="username">Username:</div>
> <div id="username"><input name="username" type="text"
> size="25" maxlength="20" /></div>
> <div id="password">Password:</div>
> <div id="password"><input name="password" type="password"
> size="25" maxlength="20" /></div>
> <div id="login"><input name="login" type="submit"
> value="login" /></div>
> </div>
> </form>
>
> the <form> tags is the "LOGIN BOX" I referred to in my code snippets i
> attached the day before yesterday.
>
>

Well, PHP_SELF isn't real safe and can be hacked, but otherwise I don't
see a problem with this.

Just want to make sure - this is a .php file, right (I just don't see
any PHP code here and don't want to go down the wrong path).

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

• Next in forum: PHP forms completely blank
• Prev in forum: Re: login problem
• Thread view: Re: login problem

[Reply to this message]