Login With Sessions

freeups · 11-12-2004, 02:04 PM

In Login With Sessions by sde which is great. It works with one annoying error message. I keep getting the following error message
I have PHP 5.02

Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0

I have been trying to read on how to fix it. It seems to be something in auth.php in the tutorial (below). After doing some research it seems to be something to do with the following statements.

session_register("username");
session_register("password");

I am probably wrong. Anyway the full code is below. Any help is appreciated.

<?
// Login & Session example by sde
// auth.php

// start session
session_start();

// convert username and password from _POST or _SESSION
if($_POST["username"])
{
$username=$_POST["username"];
$password=$_POST["password"];
}
elseif($_SESSION["username"])
{
$username=$_SESSION["username"];
$password=$_SESSION["password"];
}

// start and register session variables
session_register("username");
session_register("password");

// connect to database
include("connect.php");

// query for a user/pass match
$result=mysql_query("select * from users
where username='" . $username . "' and password='" . $password . "'");

// retrieve number of rows resulted
$num=mysql_num_rows($result);

// print login form and exit if failed.
if($num < 1){
session_destroy();
echo "You are not authenticated. Please login.<br><br>

<form method=POST action=index.php>
username: <input type=text name=\"username\">
password: <input type=password name=\"password\">
<input type=submit>
</form>";

exit;
}
?>

sde · 11-12-2004, 05:57 PM

yeah, starting and using sessions now is a lot easier: example:

PHP Code:


			
session_start();

$_SESSION['username'] = "sde";

$_SESSION['password'] = "123";

you don't need to use session_register() anymore. i need to update the tutorial.

Kernel_Killer · 11-12-2004, 07:18 PM

On this note, how would you go about using a UNIX user login?

sde · 11-12-2004, 07:24 PM

could you write a shell script to validate if a user / pass sent to it is valid? if so, make the script output 0 or 1, and then you can have php execute that script and use the output as a pass/fail indicator.

other than that, i have no clue.

Kernel_Killer · 11-12-2004, 09:05 PM

That could work. I'll try it later, and let you know how it goes.