session problem in localhost

nevland · #1 (**permalink**) 01-10-2003, 05:18 PM

aku pakai apache 2.0.47
mysql 4.014b
dan php 4.3.3
dlm winXP

aku nak tanya pasal this command:

session.save_path = C:/php/foldersimpansession

apsal bila aku set ni dlm php.ini aku still bila test
pakai phpinfo() tu dia masih keluar /tmp (yg default)

mmm... sapa2 leh tolong aku.. tima kasih

lcf · #2 (**permalink**) 01-10-2003, 06:00 PM

something to do with Apache httpd ?

nevland · #3 (**permalink**) 01-10-2003, 07:47 PM

i don't think it got stg to do with apache httpd.conf

sufyan · #4 (**permalink**) 01-10-2003, 08:59 PM

Can you set a session? In other words, does sessions work?

nevland · #5 (**permalink**) 01-10-2003, 11:51 PM

no.. the session doesn't work.. that's why i'm asking this question..
when i upload to my paid server... it works fine....

sufyan · #6 (**permalink**) 02-10-2003, 09:17 AM

Hey,

There are a few thing that you could do to try fix this:

1) Make sure that C:/php/foldersimpansession exists then change your php.ini session.save_path to: C://php//foldersimpansession or C:\\php\\foldersimpansession
(Note the double slash)
-- OR --
2) Make a tmp directory on the root of C, so C:/tmp and change your php.ini to: session.save_path = \tmp
(It doesn't have to be tmp, could be anything really)

This problem is not very common, because I have a box running the exact same version - Apache 2.47 and PHP 4.3.3 and the default save_path is C:\PHP\sessiondata

But try one of those two (or both) and see if it helps.

nevland · #7 (**permalink**) 02-10-2003, 11:55 AM

thanks sufyan for your help..

last night got it working already..
i did what u told me before... it just doesnt work..
and i found out that when i put php.ini into my c:\windows
then it works..
before it was only in my c:\windows\system32\

sufyan · #8 (**permalink**) 02-10-2003, 04:10 PM

Ah, that why... no problems...

nevland · #9 (**permalink**) 07-10-2003, 11:41 PM

need helps.. / opinions.

currently i've two tables one is for users login info = users
the other is users' profile = profile

users login would have username & password and id fields

profile would have more info about users.

id in table users is set to be primary.

my question.. do i really need to have two tables or just dump the whole things in one table? if i have two, i need to have a field in table profile that refer to table 1 = users.. am i right?

ok, let's say i want to authenticate using the users table then redirect to display user profiles from profile table.. how do i do that..?

tq. so much.

sufyan · #10 (**permalink**) 08-10-2003, 02:25 PM

Hi there,

It depends on how your designing your system/how you want it to work. If each user only has ONE profile, the best thing to have is only one table. If the user may have more than one profile, you would need two seperate tables.

Each of your tables should have a key and you can use these keys to indentify the record and what it belongs to. So for example, you have a user, Jim, with the ID# 1 in the user table, the other table (profiles) will use that key as reference. So if you want to view Jim's profile you would select it from the database where UserID = 1.

Quote:

ok, let's say i want to authenticate using the users table then redirect to display user profiles from profile table.. how do i do that..?

Just use the regular login script - make the script create a session with the ID key from the user table. Once you have that session, you can get directed to the profile page (or any other page) and view the profile from there. To get the profile, just select from the database using something like:

SELECT * FROM Users WHERE ID=" . $_SESSION["UserID"]

After that just use your regular code to print/display the profile once it has been selected.

nevland · #11 (**permalink**) 08-10-2003, 04:15 PM

thanks man..

here have a look with my authentication script..

sape2 yg terror tolong tgk coding ni..

Quote:

PHP Code:


			
<?

/* authenticate script */

session_start();  // Start Session



include 'db_config.php';

// Conver to simple variables

$username = $_POST['username'];

$password = $_POST['password'];



if((!$username) || (!$password)){

    echo "Please enter ALL of the information! <br />";

    include 'enter.html';

    exit();

}



// Convert password to md5 hash

$password = md5($password);



// check if the user info validates the db

$sql = mysql_query("SELECT * FROM myprofile WHERE username='$username' AND password='$password'");

$login_check = mysql_num_rows($sql);



if($login_check > 0){

    while($row = mysql_fetch_array($sql)){

        foreach( $row AS $key => $val ){

            $$key = stripslashes( $val );

        }

        // Register some session variables!

        session_register('username');

        $_SESSION['username'] = $username;

        header("Location: profile.php");

    }

} else {

    echo "You could not be logged in! Either the username and password do not match!<br />

    Please try again!<br />";

    include 'enter.html';

}

?>

nama file ni aku bagi auth.php
dekat form html aku yg ada login info (username, password) aku taruk lah form action ="auth.php" ...

what do you think..? i havent' got this work though..

sufyan · #12 (**permalink**) 08-10-2003, 04:32 PM

hey there...

just one question... in your database are the password md5 encrypted? If not... that's you problem.

By the way, that script is terrible. There is a very obvious backdoor. If I knew a user name to your site, for example 'jim' was a registered user, i could type:

Username: jim'"); //
and typed anything in the password field and it would accept it.

When thats done, your *effective* script looks smthing like this:

$sql = mysql_query("SELECT * FROM myprofile WHERE username='jim'"); //' AND password='$password'");

See what it does... it comments out ' AND password='$password'"); bypassing the password check making your *authenticate* script useless.

nevland · #13 (**permalink**) 08-10-2003, 05:18 PM

yeah.. my db is md5 encrypted..

so.. what do you think it supposed to be..?
coz it just doesn't go to the next page: profile.php

sufyan · #14 (**permalink**) 08-10-2003, 06:01 PM

hey, i think it would be easier if u zipped & attached the whole script (with the sql dump), because i don't see anything wrong with the code.

white_neck · #15 (**permalink**) 09-10-2003, 11:46 AM

caya la sufyan... sbijik cam aku buat...
huhauhuhhahhahahha....
explain terbaik camtu pun nevland tak paham....
aku rasa nevland ader buat silap skit ler kat coding dier...
try to fix it... aku pun tak paham gak nevland nyer masalah..

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode	Rate This Thread:

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Install PHP-Nuke Dalam Localhost	cangssithra	Website Programming	6	26-04-2008 11:20 AM
localhost machine software	calvynlee	Mamak Stall	12	20-11-2006 02:57 PM
Session Problem	koisempoi	Website Programming	6	22-12-2005 05:27 PM
can't connect to mysql server on localhost	nurulmajdi	Website Programming	6	16-02-2004 03:57 PM
Does we need iis to set php as my localhost server	Syazwan	Website Programming	15	07-10-2003 08:30 PM

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)