Hello,

I am rewriting currently a login script and I encountered a problem with
sessions.  While reading the two pages

    <http://php.net/manual/de/function.session-start.php>
    <http://bugs.php.net/bug.php?id=14636>

I have not found a solution for my problem:

----8<------------------------------------------------------------------
function fncLogin($user, $pass, $redirect, $type='pam') {

  if ($user != '' and $pass != '') {

    $TEXT  = "<FONT size=\"+2\" color=\"red\"><B>Error</B></FONT><br />\n";
    $TEXT .= "<HR size=\"3\" noshade=\"noshade\">\n";
    $TEXT .= "The username does not exist or the password is wrong.<p />\n";
    $TEXT .= "<p />\n";
    $TEXT .= "Please go <a href=\"" . $_SERVER['HTTP_REFERER'] . "\">back</a> 
and try it again.\n";

    if ($type == 'pam') {

      if (pam_auth($user, $pass, &$PAM_ERR) === FALSE) {
        fncError('2', $TEXT, $errpage='false');
        exit();
      }

    } elseif ($type == 'shadow') {

      $shadow_file = DIR_HOST . "/.shadow";
      if (is_file($shadow_file)) {

        $SHADOW = exec("grep \"^" . $user . ":\" " . DIR_HOST . "/.shadow |cut 
-d: -f2");
        if (empty($SHADOW)) {
        }

        $SALT=exec("grep \"^$user:\" " . DIR_HOST . "/.shadow |cut -d: -f2 |cut 
-d$ -f1-3");
        $ENCRYPTED=crypt($pass, $SALT);
        if ($SHADOW != $ENCRYPTED) {
          fncError('2', $TEXT, $errpage='false');
          exit();
        }

      } else {
        $TEXT  = "<FONT size=\"+2\" color=\"red\"><B>Error</B></FONT><br />\n";
        $TEXT .= "<HR size=\"3\" noshade=\"noshade\">\n";
        $TEXT .= "This is a system error. I can not authenticate du to a 
missing config.\n";
        $TEXT .= "<p />\n";
        $TEXT .= "Please inform the <a href=\"" . SYSAMIN . "\">sysadmin</a> 
and try it later again.\n";
        fncError('1', $TEXT, $errpage='false');
        exit();
      }
    }

    session_register('sess_user');
    session_register('sess_timeout');
    $sess_user    = $user;
    $sess_timeout = time() + 900;
    session_write_close();
    header("Location: " . $redirect);
  }
  exit();
}
----8<------------------------------------------------------------------

which call the following page correctly, but the two vars $sess_user and
$sess_timeout are empty.

Can someone please tell me how to do this?

Thanks, Greetings and nice Day/Evening
    Michelle Konzack

-- 
##################### Debian GNU/Linux Consultant ######################
   Development of Intranet and Embedded Systems with Debian GNU/Linux

itsyst...@tdnet France EURL       itsyst...@tdnet UG (limited liability)
Owner Michelle Konzack            Owner Michelle Konzack

Apt. 917 (homeoffice)
50, rue de Soultz                 Kinzigstra├če 17
67100 Strasbourg/France           77694 Kehl/Germany
Tel: +33-6-61925193 mobil         Tel: +49-177-9351947 mobil
Tel: +33-9-52705884 fix

<http://www.itsystems.tamay-dogan.net/>  <http://www.flexray4linux.org/>
<http://www.debian.tamay-dogan.net/>         <http://www.can4linux.org/>

Jabber linux4miche...@jabber.ccc.de

Linux-User #280138 with the Linux Counter, http://counter.li.org/

Attachment: signature.pgp
Description: Digital signature

Reply via email to