Reply to Re: Windows to Unix text doc parsing problem — PHP Programming Language

Posted by Jerry Stuckle on 04/05/07 04:24

programming wrote:
> On Apr 5, 1:46 pm, Jerry Stuckle <jstuck...@attglobal.net> wrote:
>> programming wrote:
>>> Hi all,
>>> i have been having trouble with a login script that works on my
>>> windows machine, however when i upload it to the Unix server through
>>> VPN, the same script won't work! It won't parse member.txt properly i
>>> think. The password and usernames i am using are at the bottom of this
>>> post.
>>> Each time i go to login on the unix server, it clears the username and
>>> password field. I have been attempting to solve the problem, but have
>>> been baffled to see why there is such an issue. I have taken out the
>>> HTML, and just given you the PHP script that i am running. The
>>> original programming was done on Unix!.
>>> My question to people on here is why does my script run on Windows and
>>> not on Unix? How can i fix the problem?
>>> Here is the source code i have been looking at:
>>> \-------------------------------------------------------------------------------------------------------------------------------------------------------------------
>>> <?
>>> session_start();
>>> if ($userid && $password)
>>> {
>>> //listf stores a reference to the file itself
>>> $listf=fopen("username/member.txt","r");
>>> #read the file
>>> list($duserid,$dpassword)=fgetcsv($listf,1024,"|");
>>> $duserid=trim($duserid);
>>> $dpassword=trim($dpassword);
>>> //keep reading until the end of the file is reached
>>> while(!feof($listf)){
>>> if(($userid==$duserid)&&($password==$dpassword))
>>> {
>>> $_SESSION['valid_user']=$userid;
>>> break;
>>> }
>>> list($duserid,$dpassword)=fgetcsv($listf,1024,"|");
>>> $duserid=trim($duserid);
>>> $dpassword=trim($dpassword);
>>> }
>>> fclose($listf);
>>> }
>>> ?>
>>> ------HTML-------
>>> <?
>>> $tempstr=$_SESSION['valid_user'];
>>> if (isset($_SESSION['valid_user'])){
>>> echo "You are logged in as: $tempstr<br>";
>>> echo "<a href=\"admin_home.php\">Admin Home</a><br>";
>>> }
>>> else{
>>> if (isset($userid)) {
>>> // if they've tried and failed to log in
>>> echo "Could not log you in";
>>> }
>>> else{
>>> // they have not tried to log in yet or have logged out
>>> echo "<table border=0 width=\"600\" cellspacing=0 cellpadding=0
>>> border=0 valign=\"top\" align=\"center\">";
>>> echo "<tr><td>You are not logged in.<br></td>";
>>> echo "</table>";
>>> }
>>> // provide form to log in
>>> echo "<form method=post action=\"login.php\">";
>>> echo "<table border=0 width=\"600\" cellspacing=0 cellpadding=0
>>> border=0 valign=\"top\" align=\"center\">";
>>> echo "<tr><td>Userid:</td>";
>>> echo "<td><input type=text name=userid></td></tr>";
>>> echo "<tr><td>Password:</td>";
>>> echo "<td><input type=password name=password></td></tr>";
>>> echo "<tr><td colspan=2 align=right>";
>>> echo "<input type=submit value=\"Log in\">";
>>> //echo "<tr><td colspan=1 align=center>";
>>> echo "<input type=reset value=\"Reset\"></td></tr>";
>>> echo "</table></form>";
>>> }
>>> ?>
>>> --------------------------------------------------------------------------------------------------------------------------------------------------------------------
>>> Here is the Windows copy of the member.txt that only works with ASCII
>>> block terminator at the end of the file:
>>> ------------------------------------------------------------------------------------------------------------------------------------------------------------------
>>> admin|1234|School|Computing|bhk...@utas.edu.au|University of Tasmania|
>>> 1
>>> bhkang|abcd1234|Kang|ByeongHo|bhk...@utas.edu.au|Computing|2
>>> --------------------------------------------------------------------------------------------------------------------------------------------------------------------
>>> Cheers,
>>> Peri.
>> Peri,
>>
>> You have register_globals enabled on your Windows machine (VERY BAD) and
>> disabled on your Unix machine (VERY GOOD).
>>
>> --
>> ==================
>> Remove the "x" from my email address
>> Jerry Stuckle
>> JDS Computer Training Corp.
>> jstuck...@attglobal.net
>> ==================
>
> Ok Jerry thanks for the advice, it is strange that most of the code i
> have adapted here comes from some tutorial work i have been doing, and
> that
> it suppose to be tested initially on the Unix server. So, you are
> telling me that the problem is not in the program reading the text
> file, but a security
> problem that exists within the script and the PHP ini file has been
> set to off with register globals....
>

Yep. But it has nothing to do with Unix vs. Windows. register_globals
used to default to on (in fact in early releases of PHP you didn't have
a choice). More recent versions default to off, and it's the best way
to have it.

And there are a lot of bad PHP tutorials on the web - more than any
other language I've seen. Seems anyone with 2 weeks of PHP experience
(and no prior programming) considers them selves "expert" enough to
write tutorials.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация