p2p.wrox.com Forums

p2p.wrox.com Forums (http://p2p.wrox.com/index.php)
-   Beginning PHP (http://p2p.wrox.com/forumdisplay.php?f=95)
-   -   $_SESSION error in login.php (http://p2p.wrox.com/showthread.php?t=68354)

Mind Games May 24th, 2008 12:25 PM

$_SESSION error in login.php
 
Hello,

I'm using the 'Beginning PHP5,Apache,And MySQL Web development' and on pages 55-56, you develop a login page for you movies site, every time I try to login I get this error message. it's supposed to load another page up, but doesn't and loads this error message. The lines in the message refer to:
$_SESSION['username'] = $_POST['user']; // line 5
$_SESSION['userpass'] = $_POST['pass']; // line 6


Welcome to my movie review site!
Today is May 24, 2008

Notice: Undefined index: user in C:\wamp\www\PHP_files\movie1.php on line 5

Notice: Undefined index: pass in C:\wamp\www\PHP_files\movie1.php on line 6
Sorry, but you don't have permission to view this page, you loser!

Thanks for any help


philip_cole June 2nd, 2008 03:43 PM

I haven't got the book, but I think I've found the source code you are using:
<?php
session_start();
$_SESSION['username'] = $_POST['user'];
$_SESSION['userpass'] = $_POST['pass'];
$_SESSION['authuser'] = 0;

//Check username and password information
if (($_SESSION['username'] == 'Joe') &&
    ($_SESSION['userpass'] == '12345')) {
  $_SESSION['authuser'] = 1;
} else {
  echo "Sorry, but you don't have permission to view this page, you loser!";
  exit();
}
?>

When you run this page, PHP will look for POSTed (form textbox) values named user and pass. If you run it directly without going via login.php, these obviously will not exist, and so you will get the error above.
Also double check that your login.php has <form method="post"> as opposed to method="get" and that the names of the fields correspond to the ones you are using in movie1.php (user and pass).

As an aside, you can add a simple check to make sure the POST values are set before you use them:
<?php
session_start();

<?php
session_start();

if(isset($_POST['user'])) {
  // if the index 'user' is set (exists) in the $_POST array, then use it
  $_SESSION['username'] = $_POST['user'];
}
else {
  // was not set, so set to a empty value
  $_SESSION['username'] = '';
}

// do the same for password
if(isset($_POST['pass'])) {
  $_SESSION['userpass'] = $_POST['pass'];
}
else {
  $_SESSION['userpass'] = '';
}

$_SESSION['authuser'] = 0;

//Check username and password information as before ...

HTH
Phil


All times are GMT -4. The time now is 06:50 AM.

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.