ID: 44119 Updated by: [EMAIL PROTECTED] Reported By: oluleke7 at yahoo dot com -Status: Open +Status: Bogus Bug Type: *Web Server problem Operating System: Unix PHP Version: 4.4.8 New Comment:
In PHP 4.2.0, the 'register_globals' setting default changed to 'off'. See http://www.php.net/release_4_2_0.php for more info. We are sorry about the inconvenience, but this change was a necessary part of our efforts to make PHP scripting more secure and portable. . Previous Comments: ------------------------------------------------------------------------ [2008-02-14 13:25:28] oluleke7 at yahoo dot com Description: ------------ worked on an existing website by developing a new content management system. I tested it offline n worked perfectly offline n my own server hosted by cpanel. But giving invalid username/password on the website host. What could be the reason. I have checked the code properly but seems not to be bug. Reproduce code: --------------- <?php $connect = mysql_connect("localhost", "user", "tpassword") or die ("Cannot connect, check your server connection."); mysql_select_db ("database_name"); ?> login.php code <?php session_start(); $_SESSION['logged'] = 0; include_once("lang.php"); if (isset($_POST['submit'])) { require ("myloginquery.php"); if ($_POST['username'] == "$thisusername" && $_POST['password'] == "$thispassword") { $_SESSION['logged'] = 1; header ("Refresh: 2; URL=" . $_POST['redirect'] . " "); echo "You are being redirected to your original page request<br>"; echo "(If your browser doesnt support this, <a href=\"" .$_POST['redirect']. "\">click here</a>)"; } else { ?> <html> <head> <title><? echo "$bk_website_name: Login"; ?></title> <link href="adminstyle.css" type="text/css" rel="stylesheet"> </head> <body> <center> <table width="750" border="1" cellspacing="0" cellpadding="0" bordercolor="#000000"> <tr> <td bgcolor="#ffffff"> <img src="admin_images/header.jpg" width="750" height="125" border="0" alt="Site Admin"></a> </td> </tr> <tr> <td bgcolor="#33FFFF" align=center> <br> Invalid Username and/or Password<br><br> <form action="login.php" method="post" autocomplete=off> <input type="hidden" name="redirect" value="<?php echo $_POST['redirect'];?>"> Username: <input type="text" name="username"><br> Password: <input type="password" name="password"><br><br> <input type="submit" name="submit" value="Login"> </form> </td> </tr> </table> </center> <?php } } else { ?> <html> <head> <title><? echo "$bk_website_name: Login"; ?></title> <link href="adminstyle.css" type="text/css" rel="stylesheet"> </head> <body> <center> <table width="750" border="1" cellspacing="0" cellpadding="0" bordercolor="#000000"> <tr> <td bgcolor="#ffffff"> <img src="admin_images/header.jpg" width="750" height="125" border="0" alt="Site Admin"></a> </td> </tr> <tr> <td bgcolor="#33FFFF" align=center> <br> You must be logged in to view this page<br><br> <form action="login.php" method="post" autocomplete=off> <input type="hidden" name="redirect" value="<?php echo $_GET['redirect']; ?>"> Username: <input type="text" name="username"><br> Password: <input type="password" name="password"><br><br> <input type="submit" name="submit" value="Login"> </form> </td> </tr> </table> </center> <?php } ?> </body> </html> mylogin.php code <? include_once("config.php"); $query = "SELECT * FROM admin WHERE user_name = '$username' AND user_pswd = '$password' LIMIT 1"; $result = mysql_query($query) or die(mysql_error()); while ($row = mysql_fetch_assoc($result)) { $myusername = $row["user_name"]; $mypassword = $row["user_pswd"]; } if (mysql_num_rows($result) == 1) { $thisusername = $myusername; $thispassword = $mypassword; } else { $thisusername = "xxxxxxxxxxxxxxxxxxxxxxx655555555748888888880333333333333333333949999999999999999999999999999999999999999995906p;.,q91qazKCnuhsgdytryxxxxxxxxxxxxxxxxxxxxxxxxxyyyyyyyyyyyyyyyyyyyyyyyyyyy"; $thispassword = "sssndhhhhhhhvnnnnnnnnnyfnnnnnnnnnnnbjuuuuuuuuuuuuugmmmmmmmmmmmmibbbbbbbbbbbbbbbbut47777777775999999999999999996666666666666666666697f77777777u44444444444gdyyyyyyyyyyyyyyyyyyyyyyfhtttttttttttttttttttttttjvgjjjjjjjjjjjjjjjjjjjjjjjjfkkkkkkkkkkkkkk"; } ?> Expected result: ---------------- Welcome! Main Web Page Manager Document Manager Changes Main Admin's Password Log Out Welcome, please use the navigation links to your left to perform neccessary action Name of the Site and the navigation menu 4 the cms Actual result: -------------- Navigation menu for the cms ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=44119&edit=1
