John Swartzentruber wrote:
Somehow my PHP 5.0.3 or something is configured incorrectly. When I try to get past an authentication input, nothing happens. For example, I have phpMyAdmin configured now to use mysqli, but when I enter the username and password, the screen doesn't change. In previous testing, I saw that an incorrect authentication was detected and reported, but a correct authentication had no affect.
Not sure if this is a phpMyAdmin bug or not, but you might try to clear out all cookies that your browser has from john.swartzentruber.us. For that matter you should see if you *have* any cookie set from john.swartzenruber.us. I'm not pointing fingers at phpMyAdmin, but just tossing out a possible solution.
My phpinfo() output is at http://john.swartzentruber.us/test.php
For example, I'm trying to use a simple file upload script called "file thingie" that is at http://www.solitude.dk/filethingie/download.php
I have edited the original file only to decrease the maximum file size to 500 bytes and limit uploads to text files. I hope no one here tries to be nasty. The user name is "USERNAME2" and the password is "PASSWORD".
Yeah... I wouldn't suggest putting user / pw combos onto the web even if you intend on changing it later. You just never know.
Well, if someone can get past the login page, at least someone is making progress :-)
Can anyone check this out and give me some clues or things to look into? Is there some setting that would cause _POST data to disappear? How would I go about debugging this?
Start by going to the form page's action page (since your test.php page only displays phpinfo() I'm not sure what this is going to be). We'll call this page action.php.
I forgot to mention that the page in question was http://john.swartzentruber.us/test.php I'm working on creating an even simpler script, but since I'm not that familiar with either HTML forms or PHP, it is taking some time. In these examples, the action page is the same page as original page (i.e., "filethingie.php"). When I look at the page source (i.e., the PHP output) in my browser, this is what the form looks like (sorry about the word wrapping):
<form action="filethingie.php" method="post">
<h1>Please Login</h1> <input type="hidden" name="log_lang" value="en" /> <div>
<label for="log_user">User: </label><input type="text" size="15" name="log_user" id="log_user" />
</div>
<div>
<label for="log_pass">Pass: </label><input type="password" size="15" name="log_pass" id="log_pass" />
<input type="hidden" name="action" value="login" />
<input type="submit" value="login" />
</div>
</form>The simplest way to debug this (but it's effective) is to var_dump($_POST) at the top of action.php. Insert this at the very top of the page (likely to cause a lot of errors :) and then gradually cut / paste that code throughout the action page. Do this until you narrow down the problem code.
Well, I've been trying print_r($_POST), and it is always empty. That's the problem.
Since this is a file upload script you are doing you will probably want to var_dump($_FILES) as well. Heck, if you're having *session* problems then you should be looking into the $_SESSION array and (possibly) the $_COOKIE array.
I'll try removing the session stuff to see if that is significant. It looks like $_SESSION is also empty, although I do see what appear to be session files created in /tmp, which is where they go.
To summarize, it appears that the problem is not with authentication per se, but is that $_POST is empty when the script is called from a form in the same file.
I'll try to test this using a different action script and see what happens. In the meantime, if you see anything or have any other ideas, please let me know. I appreciate you taking the time to help.
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
