Wrox Programmer Forums
Go Back   Wrox Programmer Forums > PHP/MySQL > Beginning PHP
| Search | Today's Posts | Mark Forums Read
Beginning PHP Beginning-level PHP discussions. More advanced coders should post to the Pro PHP forum.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Beginning PHP section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old August 2nd, 2004, 12:30 AM
Registered User
 
Join Date: Aug 2004
Location: , , .
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default Php login session problem

Hi everybody

I'm having a weird problem. I have a site and in that site i have a password protected section. I'm using php/mySql. Now I can log in without any problem... and I can see all the records but if I refresh that page.. it throws me out.. to the main page....

i'm not sure why its happening

below is the code for the page where i get kicked out... if i refresh.. any help would be great

<?php require_once('Connections/autoCON.php'); ?>
<?php
session_start();
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";

// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
  // For security, start by assuming the visitor is NOT authorized.
  $isValid = False;

  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
  // Therefore, we know that a user is NOT logged in if that Session variable is blank.
  if (!empty($UserName)) {
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
    // Parse the strings into arrays.
    $arrUsers = Explode(",", $strUsers);
    $arrGroups = Explode(",", $strGroups);
    if (in_array($UserName, $arrUsers)) {
      $isValid = true;
    }
    // Or, you may restrict access to only certain users based on their username.
    if (in_array($UserGroup, $arrGroups)) {
      $isValid = true;
    }
    if (($strUsers == "") && true) {
      $isValid = true;
    }
  }
  return $isValid;
}

$MM_restrictGoTo = "index.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
  $MM_qsChar = "?";
  $MM_referrer = $_SERVER['PHP_SELF'];
  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
  if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
  $MM_referrer .= "?" . $QUERY_STRING;
  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
  header("Location: ". $MM_restrictGoTo);
  exit;
}
?>
<?php
$currentPage = $_SERVER["PHP_SELF"];

$maxRows_carsRC = 10;
$pageNum_carsRC = 0;
if (isset($_GET['pageNum_carsRC'])) {
  $pageNum_carsRC = $_GET['pageNum_carsRC'];
}
$startRow_carsRC = $pageNum_carsRC * $maxRows_carsRC;

$colname_carsRC = "";
if ( ! isset( $make ))
    $make = "";
if ( ! isset( $model ))
    $model = "";
if ( ! isset( $options ))
    $options = "";
if ( ! isset( $features ))
    $features = "";
if ( ! isset( $year ))
    $year = "";
if ( ! isset( $km ))
    $km = "";
if ( ! isset( $price ))
    $price = "";
if ( ! isset( $column ))
    $column = "";
if ( ! isset( $order ) )
    $order = "ASC";

if (isset($search) )
{
    $make = (get_magic_quotes_gpc()) ? $_POST['make'] : addslashes($_POST['make']);
    $model = (get_magic_quotes_gpc()) ? $_POST['model'] : addslashes($_POST['model']);
    $options = (get_magic_quotes_gpc()) ? $_POST['options'] : addslashes($_POST['options']);
    $features = (get_magic_quotes_gpc()) ? $_POST['features'] : addslashes($_POST['features']);
    $year = $_POST['year'];
    $km = $_POST['km'];
    $price = $_POST['price'];
}

$sortparams = "make=$make&model=$model&options=$options&features =$features&year=$year&km=$km&price=$price";

mysql_select_db($database_autoCON, $autoCON);
$query_carsRC = sprintf("SELECT * FROM cars WHERE make LIKE '%%%s%%' and model LIKE '%%%s%%' and options LIKE '%%%s%%' and features LIKE '%%%s%%'", $make, $model, $options, $features );
if( $year != "" )
    $query_carsRC .= " and year > $year";
if ( $km != "" )
    $query_carsRC .= " and km < $km";
if ( $price != "" )
    $query_carsRC .= " and price < $price";
if ( $column != "" )
{
    $query_carsRC .= " order by $column";
        if ( $order != "" )
            $query_carsRC .= " $order";
}
$query_limit_carsRC = sprintf("%s LIMIT %d, %d", $query_carsRC, $startRow_carsRC, $maxRows_carsRC);
$carsRC = mysql_query($query_limit_carsRC, $autoCON) or die(mysql_error());
$row_carsRC = mysql_fetch_assoc($carsRC);

if (isset($_GET['totalRows_carsRC'])) {
  $totalRows_carsRC = $_GET['totalRows_carsRC'];
} else {
  $all_carsRC = mysql_query($query_carsRC);
  $totalRows_carsRC = mysql_num_rows($all_carsRC);
}
$totalPages_carsRC = ceil($totalRows_carsRC/$maxRows_carsRC)-1;

$queryString_carsRC = "";
if (!empty($_SERVER['QUERY_STRING'])) {
  $params = explode("&", $_SERVER['QUERY_STRING']);
  $newParams = array();
  foreach ($params as $param) {
    if (stristr($param, "pageNum_carsRC") == false &&
        stristr($param, "totalRows_carsRC") == false) {
      array_push($newParams, $param);
    }
  }
  if (count($newParams) != 0) {
    $queryString_carsRC = "&" . htmlentities(implode("&", $newParams));
  }
}
$queryString_carsRC = sprintf("&totalRows_carsRC=%d%s", $totalRows_carsRC, $queryString_carsRC);
?>
<html>
<head>
<title>ASC cars manager</title>
<meta http-equiv="Content-Type" content="text/html;">
<LINK type="text/css" rel="stylesheet" href="styles.css">
<script language="JavaScript">
<!--
<!-- hide
function MM_swapImage() { //v3.0
  var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
   if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}
function MM_swapImgRestore() { //v3.0
  var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}

// stop hiding -->

function MM_preloadImages() { //v3.0
  var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
    var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
    if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}

function MM_findObj(n, d) { //v4.01
  var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;
}
//-->
</script>
<style type="text/css">
<!--
.style4 {color: #eeeeee;
    font-weight: bold;
}
.style5 { color: #CCCCCC;
    font-family: Arial, Helvetica, sans-serif;
    font-size: xx-small;
}
.style8 {font-family: Verdana, Arial, Helvetica, sans-serif; font-size: xx-small; }
.style11 {font-family: Verdana, Arial, Helvetica, sans-serif}
.style15 {font-family: Verdana, Arial, Helvetica, sans-serif; font-size: xx-small; font-weight: bold; }
.style18 {font-size: xx-small}
-->
</style>
</head>
<body bgcolor="#ffffff" onload="MM_preloadImages('images/index_r5_c2_f2.jpg','images/index_r7_c2_f2.jpg','images/index_r8_c2_f2.jpg','images/index_r10_c2_f2.jpg','images/index_r6_c2_f2.jpg')" topmargin="0" leftmargin="0" marginheight="0" marginwidth="0">

<table width="776" border="0" align="center" cellpadding="0" cellspacing="0">

  <script language="JavaScript">
  <!-- hide
  if (document.images) {
  index_r5_c2_f2 = new Image(158 ,34); index_r5_c2_f2.src = "images/index_r5_c2_f2.jpg";
  index_r5_c2_f1 = new Image(158 ,34); index_r5_c2_f1.src = "images/index_r5_c2.jpg";
  index_r6_c2_f2 = new Image(158 ,34); index_r6_c2_f2.src = "images/index_r6_c2_f2.jpg";
  index_r6_c2_f1 = new Image(158 ,34); index_r6_c2_f1.src = "images/index_r6_c2.jpg";
  index_r7_c2_f2 = new Image(158 ,34); index_r7_c2_f2.src = "images/index_r7_c2_f2.jpg";
  index_r7_c2_f1 = new Image(158 ,34); index_r7_c2_f1.src = "images/index_r7_c2.jpg";
  index_r8_c2_f2 = new Image(158 ,34); index_r8_c2_f2.src = "images/index_r8_c2_f2.jpg";
  index_r8_c2_f1 = new Image(158 ,34); index_r8_c2_f1.src = "images/index_r8_c2.jpg";
  index_r10_c2_f2 = new Image(158 ,34); index_r10_c2_f2.src = "images/index_r10_c2_f2.jpg";
  index_r10_c2_f1 = new Image(158 ,34); index_r10_c2_f1.src = "images/index_r10_c2.jpg";
  index_r11_c2_f2 = new Image(158 ,34); index_r11_c2_f2.src = "images/index_r11_c2_f2.jpg";
  index_r11_c2_f1 = new Image(158 ,34); index_r11_c2_f1.src = "images/index_r11_c2.jpg";
  }
  // stop hiding -->
  </script>
  <tr>
   <td><img src="images/spacer.gif" width="16" height="1" border="0"></td>
   <td><img src="images/spacer.gif" width="158" height="1" border="0"></td>
   <td><img src="images/spacer.gif" width="602" height="1" border="0"></td>
   <td><img src="images/spacer.gif" width="1" height="1" border="0"></td>
  </tr>

  <tr>
   <td colspan="3"><img name="topbar" src="images/topbar.jpg" width="776" height="36" border="0"></td>
   <td><img src="images/spacer.gif" width="1" height="36" border="0"></td>
  </tr>
  <tr>
   <td rowspan="10"><img name="index_r2_c1" src="images/index_r2_c1.jpg" width="16" height="464" border="0"></td>
   <td rowspan="2" valign="top"><img name="navlogo" src="images/navlogo.jpg" width="158" height="105" border="0"><br> <img name="index_r4_c2" src="images/index_r4_c2.jpg" width="158" height="14" border="0"><br> <a href="index.php" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('index_r5_c2','','images/index_r5_c2_f2.jpg',1);" ><img name="index_r5_c2" src="images/index_r5_c2.jpg" width="158" height="34" border="0"></a><br> <a href="cars.php" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('index_r6_c2','','images/index_r6_c2_f2.jpg',1);" ><img name="index_r6_c2" src="images/index_r6_c2.jpg" width="158" height="34" border="0"></a><br>
     <a href="creditapp.php" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('index_r7_c2','','images/index_r7_c2_f2.jpg',1);" ><img name="index_r7_c2" src="images/index_r7_c2.jpg" width="158" height="34" border="0"></a><br>
     <a href="location.php" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('index_r8_c2','','images/index_r8_c2_f2.jpg',1);" ><img name="index_r8_c2" src="images/index_r8_c2.jpg" width="158" height="34" border="0"></a><br> <a href="contact.php" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('index_r10_c2','','image s/index_r10_c2_f2.jpg',1);" ><img name="index_r10_c2" src="images/index_r10_c2.jpg" width="158" height="34" border="0"></a><br> <img name="index_r11_c2" src="images/index_r11_c2.jpg" width="158" height="34" border="0"><br>
    <img name="navcar" src="images/navcar.jpg" width="158" height="141" border="0"></td>
   <td rowspan="10" valign="top"> <form action="carsmanager.php" method="post" name="search" id="search">
     <table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
       <tr>
         <td width="70%" colspan="2" scope="row">
           <table width="96%" border="0" align="center" cellpadding="3" cellspacing="1">
             <tr>
               <td colspan="2" bgcolor="#eeeeee" scope="row"><div align="left" class="style11 style18"><strong>Make:</strong>
                       <input name="make" type="text" class="button" id="make" size=14 value="<? echo $make; ?>">
                       <strong>Model:</strong>
                       <input name="model" type="text" class="button" id="model" size=14 value="<? echo $model; ?>">
                       <strong>Options</strong>:
                       <input name="options" type="text" class="button" id="options" size=14 value="<? echo $options; ?>">
                       <strong>Features:</strong>
                       <input name="features" type="text" class="button" id="features" size=14 value="<? echo $features; ?>">
               </div></td>
             </tr>
             <tr>
               <td bgcolor="#eeeeee" scope="row"><div align="left" class="style11 style8"><strong>Year &gt;</strong>
                       <input name="year" type="text" class="button" id="year" size="4" value="<? echo $year; ?>">
                       <strong>Km &lt;</strong>
                       <input name="km" type="text" class="button" id="km" size="9" value="<? echo $km; ?>">
                       <strong>Price &lt;</strong>
                       <input name="price" type="text" class="button" id="price" size="9" value="<? echo $price; ?>">
               </div></td>
               <td bgcolor="#eeeeee" scope="row"><div align="center"><span class="style11 style8">
                     <input name="search" type="submit" class="button" id="search6" value="Go Search">
               </span></div></td>
             </tr>
             <tr>
               <td scope="row"><span class="style8">to view more info about a car click on its id or picture </span></td>
               <td scope="row">&nbsp;</td>
             </tr>
         </table></td>
       </tr>
     </table>
   </form>
      <table width="90%" border="0" align="center" cellpadding="0" cellspacing="0">
     <tr>
       <td scope="row"><a href="addcar.php">add new car</a></td>
       <td align="left" valign="top" scope="row">&nbsp;</td>
     </tr>
     <tr>
       <td scope="row"><span class="style8">Records <strong><?php if ( min($startRow_carsRC + $maxRows_carsRC, $totalRows_carsRC) == 0 ) $startRow_carsRC = -1; echo ($startRow_carsRC + 1) ?></strong> to <strong><?php echo min($startRow_carsRC + $maxRows_carsRC, $totalRows_carsRC) ?></strong> of <?php echo $totalRows_carsRC ?></span></td>
       <td width="70%" align="left" valign="top" scope="row"><table width="50%" border="0" cellpadding="0" cellspacing="0">
         <tr>
           <td width="23%" align="center">
             <?php if ($pageNum_carsRC > 0) { // Show if not first page ?>
             <a href="<?php printf("%s?pageNum_carsRC=%d%s", $currentPage, 0, $queryString_carsRC); ?>"><img src="First.gif" border=0></a>
             <?php } // Show if not first page ?>
           </td>
           <td width="31%" align="center">
             <?php if ($pageNum_carsRC > 0) { // Show if not first page ?>
             <a href="<?php printf("%s?pageNum_carsRC=%d%s", $currentPage, max(0, $pageNum_carsRC - 1), $queryString_carsRC); ?>"><img src="Previous.gif" border=0></a>
             <?php } // Show if not first page ?>
           </td>
           <td width="23%" align="center">
             <?php if ($pageNum_carsRC < $totalPages_carsRC) { // Show if not last page ?>
             <a href="<?php printf("%s?pageNum_carsRC=%d%s", $currentPage, min($totalPages_carsRC, $pageNum_carsRC + 1), $queryString_carsRC); ?>"><img src="Next.gif" border=0></a>
             <?php } // Show if not last page ?>
           </td>
           <td width="23%" align="center">
             <?php if ($pageNum_carsRC < $totalPages_carsRC) { // Show if not last page ?>
             <a href="<?php printf("%s?pageNum_carsRC=%d%s", $currentPage, $totalPages_carsRC, $queryString_carsRC); ?>"><img src="Last.gif" border=0></a>
             <?php } // Show if not last page ?>
           </td>
         </tr>
       </table></td>
     </tr>
   </table>
     <table width="96%" border="1" align="center" cellpadding="0" cellspacing="0" bgcolor="#eeeeee">
       <tr>
         <td scope="row"><div align="left">
             <table width="100%" border="0" cellpadding="3" cellspacing="1">
               <tr bgcolor=#cccccc>
                 <td bgcolor="#cccccc"><span class="style15"><a href="carsmanager.php?<? echo $sortparams; echo "&order=".$o = ($order=="ASC")?"DESC":"ASC"; ?>&column=id">id</a></span></td>
                 <td bgcolor="#cccccc"><span class="style15"><a href="carsmanager.php?<? echo $sortparams; echo "&order=".$o = ($order=="ASC")?"DESC":"ASC"; ?>&column=year">year</a></span></td>
                 <td bgcolor="#cccccc"><span class="style15"><a href="carsmanager.php?<? echo $sortparams; echo "&order=".$o = ($order=="ASC")?"DESC":"ASC"; ?>&column=make">make</a></span></td>
                 <td bgcolor="#cccccc"><span class="style15"><a href="carsmanager.php?<? echo $sortparams; echo "&order=".$o = ($order=="ASC")?"DESC":"ASC"; ?>&column=model">model</a></span></td>
                 <td bgcolor="#cccccc"><span class="style15"><a href="carsmanager.php?<? echo $sortparams; echo "&order=".$o = ($order=="ASC")?"DESC":"ASC"; ?>&column=km">km</a></span></td>
                 <td bgcolor="#cccccc"><span class="style15"><a href="carsmanager.php?<? echo $sortparams; echo "&order=".$o = ($order=="ASC")?"DESC":"ASC"; ?>&column=color">color</a></span></td>
                 <td bgcolor="#cccccc"><span class="style15"><a href="carsmanager.php?<? echo $sortparams; echo "&order=".$o = ($order=="ASC")?"DESC":"ASC"; ?>&column=price">price</a></span></td>
                 <td bgcolor="#cccccc"><span class="style15"><a href="#">picture</a></span></td>
               </tr>
               <?php
               if ( $row_carsRC['id'] != "" )
               do { ?>
               <tr bgcolor="#FFFFFF">
                 <td bgcolor="#FFFFFF"><span class="style8"><a href="cardetails.php?carid=<?php echo $row_carsRC['id']; ?>"><?php echo $row_carsRC['id']; ?></a></span></td>
                 <td><span class="style8"><?php echo $row_carsRC['year']; ?></span></td>
                 <td><span class="style8"><?php echo $row_carsRC['make']; ?></span></td>
                 <td><span class="style8"><?php echo $row_carsRC['model']; ?></span></td>
                 <td><span class="style8"><?php echo $row_carsRC['km']; ?></span></td>
                 <td><span class="style8"><?php echo $row_carsRC['color']; ?></span></td>
                 <td bgcolor="#FFFFFF"><span class="style8">$<?php echo $row_carsRC['price']; ?></span></td>
                 <td align="center" valign="middle"><a href="cardetails.php?carid=<?php echo $row_carsRC['id']; ?>" class="style8"><img src="<?php echo $row_carsRC['picture']; ?>" name="car" width="32" height="32" border="0"></a></td>
               </tr>
               <?php } while ($row_carsRC = mysql_fetch_assoc($carsRC)); ?>
             </table>
         </div></td>
       </tr>
    </table>
     </td>
  </tr>
</table>

<div align="center"></div>
</body>
</html>
<?php
mysql_free_result($carsRC);
?>

Can somebody tell me whats going on?? how to solve this issue..
Thanks
programmer
 
Old August 3rd, 2004, 03:57 AM
Registered User
 
Join Date: Jul 2004
Location: Delhi, Delhi, India.
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi,
  Please let me know what r u passing thru "QUERY_STRING" in the previous page? if posssible send the "Login page" from where this page is fired.

Regards,
Sharad




Similar Threads
Thread Thread Starter Forum Replies Last Post
login php Case Problem saifi4u PHP How-To 3 March 7th, 2007 12:58 AM
PHP Login script problem columbo1977 Beginning PHP 1 May 21st, 2006 10:47 PM
Login Authentication: session start( ) Problem!! jivogxf BOOK: Beginning PHP5, Apache, and MySQL Web Development ISBN: 978-0-7645-7966-0 0 August 18th, 2005 11:42 PM
Odd PHP Session Problem moajosh Beginning PHP 2 February 24th, 2005 03:15 PM
login and session sahabat_id2000 Beginning PHP 1 July 9th, 2003 03:24 PM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.