php - My Website Keeps Logging Me Out When Clicking Link To Another Page -


i having issue website sessions. built website requires user log in view webpage. works perfect under domain, when uploaded files different server temporality let client preview web page on server issue stated in title. automatically says password incorrect. can still log in fine if try navigate page within site logs out 99% of time.

i using phpsecurepages login forms @ beginning of each of web pages have 

 <?php       // connect secure login       $cfgprogdir = 'phpsecurepages/';       include($cfgprogdir . "secure.php");

this secure.php looks like

// create constant can checked inside files included. // gives indication if secure.php has been loaded correctly. define('loaded_properly', true);  // check if secure.php has been loaded correctly if (isset($_get['cfgprogdir']) || isset($_post['cfgprogdir']) || isset($_get['languagefile']) || isset($_post['languagefile'])) {         echo "parsing of phpsecurepages has been halted!";         exit();         }  // include configuration require($cfgprogdir . 'config.php');  // https support if (getenv('https') == 'on') {         $cfgurl = 'https://';         } else {         $cfgurl = 'http://';         }  // getting other variables      $phpsp_message = false;  // include functions , variables if ( !defined("functions_loaded") ) {         // check if functions loaded         include($cfgprogdir . 'objects/functions.php');         } include($cfgprogdir . 'lng/' . $languagefile);   // choose between login or logout if (isset($logout) && !(isset($_get['logout']) || isset($_post['logout']))) {         // logout         include($cfgprogdir . 'objects/logout.php');         } else {         // starting login check         if ($nodetailedmessages == true) {                 $strusernotexist = $strusernotallowed = $strpwnotfound = $strpwfalse = $strnopassword = $strnoaccess;                 }          // make post variables global         if (isset($_post['entered_login'])) $entered_login = $_post['entered_login'];         if (isset($_post['entered_password'])) $entered_password = $_post['entered_password'];          // check if login necessary         include($cfgprogdir . "objects/checklogin.php");          // check if ip allowed (if using ip-restriced access)         if ($use_ip_restricted_access==true) {                 include($cfgprogdir . "objects/checklogin_ip.php");                 }          // check login database         if ($usedatabase == true) {                 include($cfgprogdir . 'objects/checklogin_db.php');                 }          // check login data         elseif ($usedata == true) {                 include($cfgprogdir . 'objects/checklogin_data.php');                 }

it checks php file (checklogin.php)

// check if login necessary  // check if secure.php has been loaded correctly if ( !defined("loaded_properly") || isset($_get['cfgprogdir']) || isset($_post['cfgprogdir'])) {         echo "parsing of phpsecurepages has been halted!";         exit(); }  if (!isset($entered_login) && !isset($entered_password)) {         // use data session         session_start();         // session hack make sessions on old php4 versions work         if (phpversion() > 4.0) {                 if (isset($_session['login'])) $login = $_session['login'];                 if (isset($_session['password'])) $password = $_session['password'];                 }         } else {         // use entered data         session_start();         // session hack make sessions on old php4 versions work         if (phpversion() <= 4.0) {                 session_unregister("login");                 session_unregister("password");                 }         // encrypt entered login & password         $login = $entered_login;         if ($passwordencryptedwithmd5 && function_exists(md5)) {                 $password = md5($entered_password);                 }         else {                 $password = $entered_password;                 }         // session hack make sessions on old php4 versions work         if (phpversion() > 4.0) {                 $_session['login'] = $login;                 $_session['password'] = $password;                 }         else {                 session_register("login");                 session_register("password");                 }         }  if (!isset($login)) {         // no login available         include($cfgprogdir . "interface.php");         exit;         }  if (!isset($password)) {         // no password available         $phpsp_message = $strnopassword;         include($cfgprogdir . "interface.php");         exit;         }  // login , password variables exist // continue checking them ?>


Comments

Post a Comment

Popular posts from this blog

toolbar - How to add link to user registration inside toobar in admin joomla 3 custom component -

im trying write component admin side , need add user creation. dont want duplicate existing codes add link. know how add task not simple link toolbar. thx help. if wanting button opens new user screen can try in component: $bar = jtoolbar::getinstance('toolbar'); $bar->appendbutton('link', 'users', 'new user','index.php?option=com_users&task=user.add'); you need add view.html.php file wherever you're creating toolbar. is need?
Read more

linux - disk space limitation when creating war file -

i have 1 gb disk space limitation hosting app , have used 700mb of it. however want create war file directory big (around 600mb) using command : jar -cvf root.war folderpath that's why encounter quota limitation , can't following. i'm looking way delete folder content when it's applying archive conserve disk space take note can't install zip tool in ssh shell ~ the code works on test directories, test first anyway, deletes files. it's not efficient. assumptions: 300mb free space, in destructively compress 600mb folderpath directory. none of files big -- if file in folderpath 300mb or larger, fail. notes: if ' $out ' file exists, nothing. first find pipes file list while , if ' $out ' doesn't exist in loop, create it, don't update -- if does exist, update it. each pass adds 1 more file, deletes unless file directory. after loop finishes delete empty directories too. unset u ; in=folderpath ; out=roo...
Read more