|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2002-03-04 09:48 UTC] sontor at todotobe dot de
I use output buffering at a page start, if I start a session and do session_destory(),e.g. authentication failure, the the dll hangs with an win32 page fault. I use PHP as CGI on an apache on an wamp system. The Session Destroy is capsuled in an loginclass, PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2023 The PHP GroupAll rights reserved. |
Last updated: Sat Jun 10 22:03:36 2023 UTC |
Only the login function that is capsuled in the class. called on one page the session start is before the constructor of the class... if the login failed it passes the session_destroy... the do login function is called after a post form... hope that helps.. what do you mean with caps.... --- function doLogin($pseudo,$pw){ global $s_userAuthorisation; global $s_loginRetries; if ($this->DEBUG) { echo "<br> doLogin($pseudo,$pw)";} $loginOk=false; $s_userData=array(); if (!isset($s_loginRetries)){ session_register("s_loginRetries"); $s_loginRetries=0; } // count the retris $s_loginRetries++; // check pseudo $userid=$this->getUserIdFromPseudo($pseudo); if ($userid==0) { if ($s_loginRetries<3) { // nothing to do as no timeout to set if ($this->DEBUG) {echo "<br>Loginretries ".$s_loginRetries;} $this->ErrorMsg="Login inkorrekt"; } else { $this->ErrorMsg="10sec. Timeout<br> 3 fehlerhafte Loginversuche"; if ($this->DEBUG) { echo "<br> 10sec. Timeout<br> 3 fehlerhafte Loginversuche";} flush(); sleep(10); $s_loginRetries=0; } } // pseudo exist so check the login else{ // perform the login check $qstring = "select * "; $qstring = $qstring." from ".$this->tablename; $qstring = $qstring." where vch_pseudo ='".$pseudo."' "; $qstring = $qstring." and vch_pw ='".$pw."' "; $qstring = $qstring." and ".$this->activeRecord; $queryst = sprintf($qstring); $this->query($queryst); // only one row allowed if ($this->num_Rows()!=0) { while($this->next_record()) { $loginOk=true; if ($this->DEBUG) { echo "DOLOGINQUERYRESULT<br>"; echo "sUserId:".$this->f("i_id")." <br>"; echo "sSalutationId" .$this->f("i_salutation_id")." <br>"; echo "sUserName" . $this->f("vch_pseudo")." <br>"; echo "sUniqueId". $this->f("vch_unique")." <br>"; echo "sEmail". $this->f("vch_email")." <br>"; echo "sFirstName". $this->f("vch_first_name")." <br>"; echo "sLastName". $this->f("vch_last_name")." <br>"; echo "sLastLogin". $this->f("dt_last_login")." <br>"; echo "sLoginSince". date("H:i:s")." <br>"; } $s_userAuthorisation=array("sUserId" =>$this->f("i_id"), "sSalutationId" =>$this->f("i_salutation_id"), "sUserName" => $this->f("vch_pseudo"), "sUniqueId" => $this->f("vch_unique"), "sEmail" => $this->f("vch_email"), "sFirstName" => $this->f("vch_first_name"), "sLastName" => $this->f("vch_last_name"), "sLastLogin" => $this->f("dt_last_login"), "sLoginSince" => date("H:i:s")); session_register("s_userAuthorisation"); if ($this->DEBUG) { echo "<br>Login ok ".$s_loginRetries;} $this->lastLoginDateTime=$this->f("dt_last_login"); $this->loggedInPseudo=$pseudo; $this->updateLastLoginDate($pseudo); $this->ErrorMsg=""; $s_loginRetries=0; // put to member online $k=new Keepalive(); $k->updateUserLoggedIn(session_id(),$s_userAuthorisation["sUserName"],$s_userAuthorisation["sUserId"]); if ($this->DEBUG) { $this->displaySessionVars(); } } } else { // login failed // delete Session // here is the bug: HANGSPHP session_destroy(); // some security if ($this->DEBUG) { $this->displaySessionVars(); } if ($s_loginRetries<3) { // nothing to do as no timeout to set if ($this->DEBUG) {echo "<br>Loginretries ".$s_loginRetries;} $this->ErrorMsg="Login inkorrekt"; } else { $this->ErrorMsg="10sec. Timeout<br> 3 fehlerhafte Loginversuche"; if ($this->DEBUG) { echo "<br> 10sec. Timeout<br> 3 fehlerhafte Loginversuche in Folge<br>";} flush(); sleep(10); $s_loginRetries=0; } // secutity end $this->lastLoginDateTime=""; $this->loggedInPseudo=""; } } return $loginOk; }