p2p.wrox.com Forums

p2p.wrox.com Forums (http://p2p.wrox.com/index.php)
-   BOOK: Beginning PHP, Apache, MySQL Web Development ISBN: 978-0-7645-5744-6 (http://p2p.wrox.com/forumdisplay.php?f=123)
-   -   Ch 2 Page 53: Undefined index: authuser (http://p2p.wrox.com/showthread.php?t=14969)

Airidh July 3rd, 2004 09:37 AM

Ch 2 Page 53: Undefined index: authuser
 
Help! I am running under Windows 98,and PHP and Apache are installed on the E: partition of my first disk. When clicking on the link in movie1.php I get the following message:

Notice: Undefined index: authuser in e:\apache\apache\test\moviesite.php on line 4
Sorry, but you don't have permission to view this page

I have read all the posts that seemed relevant in the forum, including those pointed to by Richard York, but I still can't make it work. I've probably made a stupid mistake, but can't see it. Up to Page 51 everything has worked fine.

----------------------------------------------------------------------

Here's the code:

(movie1.php)
<?php
session_start();
$_SESSION['username']="Joe12345";
$_SESSION['authuser']=1;
?>
<HTML>
<HEAD>
<TITLE>Find my favourite movie!</TITLE>
</HEAD>
<BODY>
<?php
   $myfavmovie=urlencode("Life of Brian");
    echo "<a href='http://localhost/moviesite.php?favmovie=$myfavmovie'>";
    echo "Click here to see information about my favourite movie!";
    echo "</a>"
?>
</BODY>
</HTML>

(moviesite.php)
<?php
session_start();
// check to see if user has logged in with a valid password
   if ($_SESSION['authuser']!=1);
   {
        echo "Sorry, but you don't have permission to view this page";
        exit();
   }
?>
<HTML>
<HEAD>
<TITLE>My Movie Site - <?php echo $_REQUEST['favmovie'] ?> </TITLE>
</HEAD>
<BODY>
<?php
    echo "Welcome to our site";
    echo $_SESSION['username'];
    echo "! <br>";
    echo "My favourite movie is ";
     echo $_REQUEST['favmovie'];
     echo "<br>";
     $movierate=5;
     echo "My movie rating for this movie is: ";
     echo $movierate;
?>
</BODY>
</HTML>

----------------------------------------------------------------------

So I commented out lines 4 - 8 of moviesite.php, and the message became:

Welcome to our site
Notice: Undefined index: username in e:\apache\apache\test\moviesite.php on line 17
!
My favourite movie is Life of Brian
My movie rating for this movie is: 5

----------------------------------------------------------------------

Here is a selection of directives from C:\windows\php.ini:

output_buffering=Off
error_reporting= E_ALL; display all errors, warnings and notices
display_errors=On
display_startup_errors=Off
log_errors=On
error_log=E:\PHP\err.log
mysql.allow_persistent=On
session.save_handler=files
session.save_path=E:\PHP\tmp
session.use_cookies=1

----------------------------------------------------------------------
The folder E:\PHP\tmp does exist (I created it) but contains nothing. It looks as if the variables are never stored by movie1.php, but I can't see what's wrong.

Any help will be appreciated! Thanks

Edna




richard.york July 3rd, 2004 05:18 PM

The problem is with this line:

if ($_SESSION['authuser']!=1)

PHP is complaining because you have used a variable before it has been created. There are a couple of ways around this.

The first is to flip your authentication in the script itself so that the script first checks for an authenticated user.

if (isset($_SESSION['authuser']) && $_SESSION['authuser'] == 1) {

    // Do member's only content here

} else {

    // The variable doesn't exist or does not contain a value of 1.

}

This works because I've used a special language construct called isset(), which checks for a variable's existence, because it checks for a variable's existence it doesn't throw the NOTICE level error.

"Undefined index" refers to the index of an associative array, as in $_SESSION['authuser'] $_SESSION is the array and 'authuser' is the indice.

From what I've seen on the forum the authors reserved discussion about these types of errors for its own chapter.. since discussion of errors, error supression and troubleshooting would have bloated the content of the book.

Let us know if you have any more questions.

Regards,
Rich

::::::::::::::::::::::::::::::::::::::::::
The Spicy Peanut Project
http://www.spicypeanut.net
::::::::::::::::::::::::::::::::::::::::::

richard.york July 3rd, 2004 05:21 PM

The other method (which I forgot to mention) is to give $_SESSION['authuser'] a value if it doesn't exist.

if (!isset($_SESSION['authuser'])) {
    $_SESSION['authuser'] = 0;
}

Add this before you use $_SESSION['authuser'] and after the call to session_start(). IMO, both are equally valid ways around the error.


Regards,
Rich

::::::::::::::::::::::::::::::::::::::::::
The Spicy Peanut Project
http://www.spicypeanut.net
::::::::::::::::::::::::::::::::::::::::::

Airidh July 4th, 2004 05:07 AM

Thank you, Richard, for your quick reply. I will try that and let you know how I get on.




Airidh July 4th, 2004 01:19 PM

Hi, Richard, I did what you said, and of course the message disappeared. However, this has not solved the problem.

As I see it, the point of session_start(), and indeed of the exercise on page 53, is to pass variables between the two scripts. The variables are initialised in movie1.php and should be picked up by moviesite.php, only they aren't. I poked about in the folders created along with PHP, and found one called sessiondata, which looked promising; so I opened one of the files and lo! there was all the data that was supposed to be being passed. For each file containing data there was one containing nothing, so it looks as if moviesite.php instead of reading data is creating a new file of its own.

I went back to php.ini and changed session.save_path to E:\PHP1\sessiondata, but this didn't make any difference. So maybe there is another directive in php.ini I should change? You may notice that sessiondata is in folder E:\PHP1, not E:\PHP (don't know how that happened, but the movie1.php seems to have found it all right).

Thanks.

Edna


richard.york July 4th, 2004 02:40 PM

Are you saying that the data isn't getting transferred between the two pages?? An undefined variable error doesn't say that. For some reason I thought you were just accessing moviesite.php directly to see what someone not logged in sees. If you have warning errors that say unable to start session.. blah blah blah then you might have a problem with retrieving your session data from the session_data directory. If the session.save_path directive was not E:\PHP1\sessiondata when you changed it you should have been having all kinds of errors. If you opened up E:\PHP1\sessiondata and your session files were there then session.save_path should have already had that value. If you did change the value of the directive you would need to apply read / write permissions to that directory too, this would have applied for your original E:\PHP\tmp directory as well.

Here's an article I wrote on permissions:
http://p2p.wrox.com/topic.asp?TOPIC_ID=11962

Secondly intializing the variable on the first page won't take care of that error on the second page if the user tries to access that page directly without being logged in. Though I understand the purpose is a simple demonstration of what sessions can do.

Quote:

quote:
I went back to php.ini and changed session.save_path to E:\PHP1\sessiondata, but this didn't make any difference. So maybe there is another directive in php.ini I should change? You may notice that sessiondata is in folder E:\PHP1, not E:\PHP (don't know how that happened, but the movie1.php seems to have found it all right).
At this point I'm having a hard time following along with what you're saying.. I need to know about all of the errors that you're seeing. You should be seeing more than undefined variable notices if data isn't getting saved. It sounds like you're doing a good job of troubleshooting.. though I don't know where you got the directory PHP1.. if this doesn't really exist your script won't work.



Regards,
Rich

::::::::::::::::::::::::::::::::::::::::::
The Spicy Peanut Project
http://www.spicypeanut.net
::::::::::::::::::::::::::::::::::::::::::

richard.york July 4th, 2004 02:42 PM

Also.. if you change directives in php.ini.. don't forget to restart Apache after every change! If PHP is installed as an Apache module, then directive changes don't take affect until Apache is restarted.

Regards,
Rich

::::::::::::::::::::::::::::::::::::::::::
The Spicy Peanut Project
http://www.spicypeanut.net
::::::::::::::::::::::::::::::::::::::::::

richard.york July 4th, 2004 02:52 PM

Something else painfully obvious that just occured to me is make sure that you have cookies enabled in your browser. For the session data to persist the session id must be passed between the scripts, this is done with cookies by default.

In Mozilla:
Edit->Preferences->Privacy & Security ->Cookies->Allow Cookies Based On Privacy Settings->View->Allow First Party Cookies->OK

In Internet Exploder:
Tools->Internet Options->Privacy->Advanced->Override Automatic Cookie Handling->Accept First Party Cookies->Block third-party cookies->Always allow session cookies -> OK

Most people also hard code the session id into the url so that cookies don't have to be enabled.
    echo "<a href='http://localhost/moviesite.php?favmovie=$myfavmovie&amp;PHPSESSID=" .session_id()."'>";

What I just did here can also be done via the session.use_trans_sid directive in php.ini and PHP will automagically insert the session id in all urls on the page as well as in all forms as a hidden field.


Regards,
Rich

::::::::::::::::::::::::::::::::::::::::::
The Spicy Peanut Project
http://www.spicypeanut.net
::::::::::::::::::::::::::::::::::::::::::

Airidh July 4th, 2004 07:17 PM

Thanks again. I'll check all that out.

Edna


Airidh July 5th, 2004 03:16 AM

Richard, I do appreciate the trouble you are taking to help me; won't be able to concentrate on it until the weekend, but will keep you updated :-(



All times are GMT -4. The time now is 12:41 PM.

Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.