Posted by Jochem Maas on 10/21/04 11:28
blackwater dev wrote:
> I have an old site which uses this code on login:
>
> //it does a query then
> if ($affected_rows>0){
> session_start(mysite);
is 'mysite' a constant? if not then that line should be:
session_start('mysite');
> session_register('admin');
> $wardadmin = yes;
notice that you register 'admin'
and then set $wardadmin to 'yes'
.... maybe that is the problem.
> header("location: admin.php");
> }
>
> and in the top of admin.php:
>
> session_start(mysite);
> if (@$admin != "yes")
> {
> header("location: login.php");
> exit;
> }
>
> The host recently upgraded to php 4.4 and now the login doesn't work.
> I do notice when I login that the page goes to admin the right back to
> login. Why doesn't admin see the session var?
probably because register_globals has been turned off.
also the use of session_register() is depreciated in favour of the
$_SESSION superglobal... so:
<?
// start the session before this bit.
if ($login_is_admin) { // <!-- psuedo var
$_SESSION['admin'] = 'yes';
} else {
$_SESSION['admin'] = 'no';
}
// and
if ('yes' == @$_SESSION['admin']) {
// your an admin
}
>
> Thanks!
>
[Back to original message]
|