From: "micro brew" <[EMAIL PROTECTED]>
> Here's my class. I start the session in the
> constructor and in later methods attempt to register
> session variables. You can see I've tried a couple
> different methods but none of them maintain the
> session variable values. Any suggestions?
Is register_globals ON or OFF? You shouldn't mix session_register() with
$_SESSION. Just use one other the other, but I recommend just using
$_SESSION.
$_SESSION['var'] = 'some value';
to set a session var, and
if(isset($_SESSION['var']))
to see if a variable is set.
Also, if you have a varible $foobar within a class method that you define as
a session var, you must make it global if you want to access it in other
methods. The same thing for HTTP_SESSION_VARS. I think you're just running
into a scope issue.
---John Holmes...
> Mike
>
> <?php
>
> class login {
>
> //This variable tells the browser where to redirect to
> the loginpage
> var
> $loginPage='http://www.somedomain.com/somepage.php';
> var
> $exitPage='http://www.somedomain.com/somepage.html';
> var $loggedIn;
> var $access;
> var $accesslevel;
>
> function login($loggedIn, $access, $accesslevel) {
>
> session_start();
> if ($loggedIn=='1') {
> $this->checkLogin();
> }
> if ($access=='1') {
> $this->checkAccess();
> }
> if ($access=='0' && $loggedIn=='0') {
> $this->authenticateLogin();
> }
> }
>
> function checkLogin() {
>
> if (session_is_registered('user')!='True') {
> session_register('unauthorizedaccess');
> $unauthorizedaccess="http://"; .
> $_SERVER['SERVER_NAME'] . $_SERVER['SCRIPT_NAME'];
> header("location: $this->loginPage");
> exit();
> }
> }
>
> function checkAccess() {
>
> if (session_is_registered('permission')=='True') {
> if
> ($HTTP_SESSION_VARS['permission']<$this->accesslevel)
> {
> session_destroy();
> header("location: $this->exitPage");
> exit();
> }
> }
> else {
> session_register('unauthorizedaccess');
> $unauthorizedaccess="http://"; .
> $_SERVER["SERVER_NAME"] . $_SERVER["SCRIPT_NAME"];
> header("location: $this->loginPage");
> exit();
> }
> }
>
> function authenticateLogin() {
>
> if ((!$HTTP_POST_VARS['un']) ||
> (!$HTTP_POST_VARS['pw'])) {
> session_register('loginError');
> header("Location: $this->loginPage");
> exit();
> }
>
> else {
>
> include("includes/db_connect.inc");
>
> //call db_connect function from db_connect.inc
> db_connect() or trigger_error("MySQL error #" .
> mysql_errno() . ":" . mysql_error());
>
> $query="select * from users where username=\"" .
> addslashes($HTTP_POST_VARS['un']) ."\" and
> password=\"" . addslashes($HTTP_POST_VARS['pw']) .
> "\"";
>
> $result=mysql_query($query) or trigger_error("MySQL
> error #" . mysql_errno() . ":" . mysql_error());
>
> $foundCount = mysql_num_rows($result);
>
> if ($foundCount==1) {
> session_register('user');
> session_register('permission');
> session_register('company');
> session_unregister('loginError');
> for ($i=0; $i < $foundCount; $i++) {
> $row=mysql_fetch_array($result);
> $_SESSION['user']=$row['userID'];
> $_SESSION['permission']=$row['permissionLevel'];
>
> $_SESSION['company']=$row['companyID'];
> }
> if
> (session_is_registered('unauthorizedaccess')=='True')
> {
>
> $location=$HTTP_SESSION_VARS['unauthorizedaccess'];
> session_unregister('unauthorizedaccess');
> header("Location: $location");
> exit();
> }
> }
> else {
> session_register('loginError');
> header("Location: $this->loginPage");
> exit();
> }
> }
> }
>
>
> //closes class
> }
>
> ?>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
