Could it be that php files are not executed for POST method?
Michael T. Peterson wrote:
Per request, here are the two other source files that get executed prior to the invocation of validate_member_login.php, index.php and init.php.
But first, here's a simple restatement of the problem:
(1) Direct the browser to open index.php (2) init.php is included by index.php. (3) index.php dispatches user to member_login.htm. User fills in username and password fields and then presses the submit button. (4) <form action="validate_member_login.php" .../> is invoked. (5) The source code of validate_member_login.php is displayed in the browser rather then being executed.
However, when the invocation sequence is:
(1) Direct the browser directly to member_login.htm and fill in the username and password fields. (2) Press submit. (3) validate_member_login.php is executed properly.
Here's index.php. Its purpose is to check the session variables to determine whether the user is logged in. If not, the user is dispatched to member_login.php via redirct using header().
Now, here are the two php files of interest, index.php and init.php. First, index.php,
<?php include_once( 'init.php' );
/** * If member is already logged in, his/her username and password values will be available to us. */ if( isset( $HTTP_SESSION_VARS['session_id'] ) && isset( $HTTP_SESSION_VARS['username'] ) ) { $session_id = $HTTP_SESSION_VARS['session_id']; $username = $HTTP_SESSION_VARS['username'];
$result = authenticate_session( $username, $session_id ); if( $result != SUCCESS ) { if( $result == MEMBER_NOT_REGISTERED ) { header( 'Location: '.MEMBER_REGISTRATION_PAGE ); } else if( $result == PASSWORD_MISMATCH ) { header( 'Location: '.MEMBER_LOGIN_PAGE ); } else { die( $result ); } } header( 'Location: '.MEMBER_HOME_PAGE ); } header( 'Location: '.MEMBER_LOGIN_PAGE ); ?>
Here is init.php, the file that index.php includes (see above). This file just sets up the exectution environment.
<?php session_start(); /** * init.php * * Script that initializes the execution environment. */
// // Check whether this is running on a UNIX or a Windows operating system. // We need to know this to set the include_path separator character // character correctly. // $isWindows = false; $pathDelimiter = ':'; $operatingSystem = PHP_OS;
if( strcmp( $operatingSystem, 'WINNT' ) == 0 ) { $isWindows = true; $pathDelimiter = ';'; }
// Uncomment and use this symbol when publishing to the internet on ipowerweb. // Yields /home/mazamaso/public_html
$WWWROOT = $_SERVER['DOCUMENT_ROOT'];
// Set up the dev directory's environment variables. $PROJECT_DIR = $WWWROOT.'/northwest_steelheader'; $MEMBERS_DIR = $PROJECT_DIR.'/members'; $SCRIPTS_DIR = $PROJECT_DIR.'/scripts'; $DB_SCRIPTS_DIR = $SCRIPTS_DIR.'/db'; $UTILS_SCRIPTS_DIR = $SCRIPTS_DIR.'/utils'; $SESSION_SCRIPTS_DIR = $SCRIPTS_DIR.'/security'; $GRAPHICS_DIR = $SCRIPTS_DIR.'/jpgraphics';
$MEMBER_HOME_PAGE = $PROJECT_DIR.'/member_homepage.html'; $MEMBER_LOGIN_PAGE = $MEMBERS_DIR.'/member_login.htm'; $MEMBER_REGISTRATION_PAGE = $MEMBERS_DIR.'/member_registration_form.htm'; $MEMBER_LOGOUT_PAGE = $MEMBERS_DIR.'/member_logout.php';
$INCLUDE_PATH = '.'.$pathDelimiter.$PROJECT_DIR.$pathDelimiter.$DB_SCRIPTS_DIR.$pathDelimite r.$UTILS_SCRIPTS_DIR.$pathDelimiter.$GRAPHICS_DIR.$pathDelimiter.$SESSION_SC RIPTS_DIR;
// // Establish the site's environment variables // define( 'PROJECT_DIR', $PROJECT_DIR ); define( 'MEMBERS_DIR', $MEMBERS_DIR ); define( 'SCRIPTS_DIR', $SCRIPTS_DIR ); define( 'DB_DIR', $DB_SCRIPTS_DIR ); define( 'UTILS_DIR', $UTILS_SCRIPTS_DIR ); define( 'SESSION_DIR', $SESSION_SCRIPTS_DIR ); define( 'DEBUG', true ); define( 'MEMBER_HOME_PAGE', $MEMBER_HOME_PAGE ); define( 'MEMBER_LOGIN_PAGE', $MEMBER_LOGIN_PAGE ); define( 'MEMBER_REGISTRATION_PAGE', $MEMBER_REGISTRATION_PAGE ); define( 'MEMBER_LOGOUT_PAGE', $MEMBER_LOGOUT_PAGE );
if( strcmp( $WWWROOT, 'c:/program files/apache group/apache/htdocs' ) == 0 ) { define( 'DB_NAME', 'wwwwwwww' ); define( 'DB_ADMIN', 'aaaaaaaaa' ); define( 'DB_PASSWORD', 'bbbbbbbbb' ); } else { define( 'DB_NAME', 'wwwwwwww' ); define( 'DB_ADMIN', 'xxxxxxxx' ); define( 'DB_PASSWORD', 'yyyyyyyy' ); }
ini_set( 'include_path', $INCLUDE_PATH ); ini_set( 'session.save_path', $PROJECT_DIR.'session_stats');
// These are the base includes, i.e., that apply to every php file in the site include_once( 'print_utils.php' ); include_once( 'mz_error_handler.php' ); include_once( 'db_utils.php' ); include_once( 'passwords.php' ); include_once( 'date_utils.php' ); include_once( 'session_control_lib.php' );
set_error_handler( 'mz_error_handler' ); assert_options( ASSERT_ACTIVE, TRUE ); assert_options( ASSERT_BAIL, TRUE );
?>
<snip>
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php