Hello,
I'm a newbie working through the book one page at a time, and so far everything is going great. However, something is happening that I don't understand, and I'm hoping someone could kindly explain. I'm up to the "Try It Out" on page 59. For the most part, it's working great, but check this out.
After loading login.php and logging in, movie1.php opens as it should. From there, I click on the link and moviesite.php also opens as it should. However, if I click the "Back" button on the browser to return to the movie1.php page, an error page displays "This page cannot be displayed." Well, if I Refresh the page, then I get, "Sorry, but you don't have permission to view this page, you loser!" from the 'if' statement on movie1.php.
So, that's what happens when I'm running the code on my laptop with Windows XP Home(SP2) w/ firewall turned off, Apache 2.0.52, PHP 4.3.9.9, and Internet Explorer 6.0.2900.2180.
When I try the same thing on my desktop computer with Windows XP Pro(SP1), Apache 2.0.52, PHP 4.3.9.9, and Internet Explorer 6.0.2800.1106, it all works just the same except that the error page says, "Warning: Page has expired." But to the contrary, I'm able to rrefresh and reload the page properly.
Does this make sense to anyone? Why is this happening in the first place? How can I correct this? And last, why is there a difference between the two systems?
Here are the scripts I'm using:
(login.php)
<?php
session_unset();
?>
<html>
<head>
<title>Please Log In</title>
<body>
<form method="post" action="http://localhost:8080/movie1.php">
<p>Enter your username:
<input type="text" name="user">
</p>
<p>Enter your password:
<input type="password" name="pass">
</p>
<p>
<input type="submit" name="submit" value="Submit">
</p>
</form>
</body>
</html>
(movie1.php)
<?php
session_start();
$_SESSION['username']=$_POST['user'];
$_SESSION['userpass']=$_POST['pass'];
$_SESSION['authuser']=0;
//Check username and password information
If (($_SESSION['username']=='Joe') AND ($_SESSION['userpass']=='12345'))
{
$_SESSION['authuser']=1;
}
else
{
echo "Sorry, but you don't have permission to view this page, you loser!";
exit();
}
?>
<html>
<head>
<title>Find my Favorite Movie!</title>
</head>
<body>
<?php
$myfavmovie=urlencode("Life of Brian");
echo "<a href='http://localhost:8080/moviesite.php?favmovie=$myfavmovie'>";
echo "Click here to see information about my favorite movie!";
echo "</a>";
?>
</body>
</html>
(moviesite.php)
<?php
session_start();
//check to see if user has logged in with a valid passowrd
if ($_SESSION['authuser']!=1) {
echo "Sorry, but you don't have permission to view this page, you loser!";
exit();
}
?>
<html>
<head>
<title>My Favorite Site - <?php echo $_REQUEST['favmovie'] ?></title>
</head>
<body>
<?php
echo "Welcome to our site, ";
echo $_SESSION['username'];
echo "! <br>";
echo "My favorite movie is ";
echo $_REQUEST['favmovie'];
echo "<br>";
$movierate=5;
echo "My movie rating for this movie is: ";
echo $movierate;
?>
</body>
</html>
session expiring?
