issues with chapter 1- main.php not working on server

Boboneil · September 10th, 2010, 05:32 PM

For some mysterious reason, I could not get main.php to load from my web server, even though it worked just fine on my pc. The only way it would load was if I commented out the line to include 401.php. So that means I needed a workaround to keep unauthorized users away from the page. I used the following:

Code:

if (!isset($_SESSION['access']) || $_SESSION['access'] != true) {
  header('Location: 401.php');
}

This serves same purpose as including the 401.php at the beginning of the file. As I said, the code from the book worked fine on my windows pc with Apache, but not on my web host. Must be some kind of a quirk with my Unix server.
I wanted to post this in case anyone else runs into the same problem, so you won't have to waste half of your day trying to figure out what the problem is.
These forums are a great resource. Whenever I run into problems with the code from the book, I always check here first to see if someone has already posted a solution. This has saved me a lot of time and frustration, so when I find a solution that is not already posted, I try to come back and share it with others.

kenj · September 11th, 2010, 02:32 PM

Hi Boboneil,

I am on UNIX and 401.php is working for me.

You might want to check your php.ini file,
the setting session.save_path

session.save_path = "/usr/home/myname/www"

This is probably different from what you
were using on your pc.

If it is set to a directory that does not
exist that could be causing the problem.
You should see files in there with names
like sess_9ofdobonf7la2mfgdirvpj0ftiof784a

I would go back to using 401.php because
that way you are including session_start()
right at the beginning. session_start()
is very important.

I hope this helps.

Boboneil · September 11th, 2010, 04:33 PM

401.php works fine on my unix server. My problem was that if I include it in main.php, then main loads as a blank page. If I comment out the include statement, main.php loads the way it is supposed to, except I don't know if the user is authorized. So rather than putting 401.php in main as an include file, I check at the beginning of main.php to see if the user is logged in. If they are not logged in, then they are redirected to 401.php. It is just a different way of acheiving the same result.

kenj · September 12th, 2010, 12:59 PM

Hi Boboneil,

I read your problem description carefully.
I have some comments about the workaround.

The following two lines are needed for using
session data.

session_start();
header("Cache-control: private');

In the workaround, the check at the beginning
of main will always "pass" because
$_SESSION['access'] is not set.
This will be the case whether they are logged in or
not logged in.
Therefore, this code will always
fall into the if statement and execute the code
within the if statement which in this case is
header('Location: 401.php');

In other words, header('Location: 401.php') always
gets called.

If header('Location: 401.php') works, then, like you
say you may achieve the same result, but there is
no need to have the check in front of it.

It may be the case that header('Location: 401.php') works
and the include does not. I know you have been doing
a lot of work on this, but I would be curious why
the include did not work.

I hope this helps.

Boboneil · September 12th, 2010, 01:39 PM

I do have session_start() at the beginning of main, so that if I log in as a registered user I can get to the page.
As I mentioned in an earlier post, the code from the book works fine in the test environment on my pc. I didn't start having problems with main until I uploaded the code to my server.

ninjask · April 24th, 2011, 10:20 PM

I am having the same problem. I am running this on an apache server, and though this is helpful to me, it's not quite enough to solve my problem. I re-typed 401.php, main.php and login.php (I originally downloaded the code) and end up with this problem every time!