Installation - need help

Problem: When browsing the example.php, the login.php keeps coming back after logged in.
I tried to installed the class twice and don't know what else I could do differently. I must have missed something very obvious. Thanks in advance for your help!

note: the mentioned url is real.

This is what I did:
1. Download and unzip
2. Make a directory classes at public root
3. Make a directory access_user inside classes
4. Create a mySQL data base: tehat_com_users
5. Use users_table.sql to create table users:

Code:

CREATE TABLE `users` (
  `id` int(11) NOT NULL auto_increment,
  `login` varchar(25) NOT NULL default '',
  `pw` varchar(32) NOT NULL default '',
  `real_name` varchar(32) NOT NULL default '',
  `extra_info` varchar(100) NOT NULL default '',
  `email` varchar(50) NOT NULL default '',
  `tmp_mail` varchar(50) NOT NULL default '',
  `access_level` tinyint(4) NOT NULL default '0',
  `active` enum('y','n','b') NOT NULL default 'n',
  PRIMARY KEY  (`id`),
  UNIQUE KEY `user` (`login`),
  UNIQUE KEY `mail` (`email`)
) TYPE=MyISAM;

6. Edit the db_config.php:

Code:

<?php 
// use this pathes and/or define the pathes for the "standard" pages
define("CLASS_PATH", dirname($_SERVER['PHP_SELF'])."/"); // the location where the class is executed
// $sec_path = "/classes/access_user/"; // a second location where the scripts should be 
$sec_path = "/classes/access_user/"; // a second location where the scripts should be 
define("APPLICATION_PATH", $sec_path);

// modify these constants to fit your environment
define("DB_SERVER", "localhost");
define("DB_NAME", "tehat_com_users");
define ("DB_USER", "mydbusername");
define ("DB_PASSWORD", "mysecretpassword");

// Important! use this setting to store the session data in your Mysql database
// disable this feature if your host doesn't support this session handler.
define("USE_MYSQL_SESSIONS", true); // "false" to disable thios setting

// these are the names for the standard table names
// !!! Important
// It's possible that your server doesn't allow the database name inside a query
// if this forms a problem don't use them here and unescape the mysql_select_db() function
// inside the connect_db() method.
define("USER_TABLE", DB_NAME.".users"); 
define("PROFILE_TABLE", DB_NAME.".users_profile");
define("COUNTRY_TABLE", DB_NAME.".countries"); // an optional table with countruy names and codes
define("SESSION_TABLE", DB_NAME.".sessions"); 

// variables (locations) standard pages (combine the pathes from the top or use your own)
define("LOGIN_PAGE", CLASS_PATH."login.php");
define("START_PAGE", "/classes/access_user/example.php");
define("ACTIVE_PASS_PAGE", APPLICATION_PATH."activate_password.php");
define("DENY_ACCESS_PAGE", APPLICATION_PATH."deny_access.php");
define("ADMIN_PAGE", APPLICATION_PATH."admin_user.php");
define("LOGOUT_PAGE", APPLICATION_PATH."logout.php"); // if you use the setting "USE_MYSQL_SESSIONS" you need a logout page without class object to clear the old session data from the database
define("UPDATE_PROFILE", APPLICATION_PATH."update_user_profile.php"); // if the update profile extension is used and the profile record doesn't exists a required redirect to this page is possible

// your path must be related to the site root.
 
// change this constants to the right mail settings
define("WEBMASTER_MAIL", "ngungo@56degrees.com"); 
define("WEBMASTER_NAME", "ngungo The webmaster"); 
define("ADMIN_MAIL", "ngungo@56degrees.com"); 
define("ADMIN_NAME", "ngungo The site admin"); 

// change this vars if you need...
define("PW_LENGTH", 4);
define("LOGIN_LENGTH", 6);

define("COOKIE_NAME", "user"); 
define("COOKIE_PATH", APPLICATION_PATH);
define("MIN_ACCESS_LEVEL", 1);
define("MAX_ACCESS_LEVEL", 10);
define("DEFAULT_ACCESS_LEVEL", 1);
define("DEFAULT_ADMIN_LEVEL", 10);

//////////////////////////////////////////////////
// constants and field names user profile table //
/////////////////////////////////////////////// //
// stamdard fields are: address, postcode, city, country, phone, fax, homepage, textfield
// variables must match your user profile table design
// use this four user defined fields (type varchar(100) too
// change the value of a constant but change them in the mysql table too
// otherwise you wil get some ERROR'S !!!
define("TBL_USERFIELD_1", "user_1");
define("TBL_USERFIELD_2", "user_2");
define("TBL_USERFIELD_3", "user_3");
define("TBL_USERFIELD_4", "user_4");
define("TBL_USERFIELD_5", "user_5");
define("TBL_USERFIELD_6", "user_6");
?>

7. Upload everything to directory /classes/access_user/
There is NO file in the dir classes except the directory access_user. I am unsure about this step

8. From the browser, I browse http://tehat.com/classes/access_user/register.php

9. I got an email: Your request must be processed...

Code:

Hello,

to activate your request click the following link:
http://tehat.com/classes/access_user/login.php?ident=1&activate=17f17a94d026845206dd0193948a4a59&language=en

kind regards
ngungo The site admin

10. I follow the link http://tehat.com/classes/access_user/login.php?ident=1&activate=17f17a94d026845206dd0193948a4a59&language=en and get the second email: Your user account is activated...

Code:

Hello Ngu Ngo,

The account is active and it's possible to login now.

Click on this link to access the login page:
http://tehat.com/classes/access_user/login.php

kind regards
ngungo The site admin

11. Browse the http://tehat.com/classes/access_user/register.php
Here I got the login keeps coming back.

[php]

what is the php code of your start page (example.php)?

Hi Olaf,
Thanks for quick reply.

I did not change anything, yet!

Code:

<?php 
include($_SERVER['DOCUMENT_ROOT']."/classes/access_user/access_user_class.php"); 

$page_protect = new Access_user;
// $page_protect->login_page = "login.php"; // change this only if your login is on another page
$page_protect->access_page(); // only set this method to protect your page
$page_protect->get_user_info();
$hello_name = ($page_protect->user_full_name != "") ? $page_protect->user_full_name : $page_protect->user;

if (isset($_GET['action']) && $_GET['action'] == "log_out") {
$page_protect->log_out(); // the method to log off
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Example page "access_user Class"</title>
</head>

<body>
<h2><?php echo "Hello ".$hello_name." !"; ?></h2>
<p>You are currently logged in.</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<!-- Notice! you have to change this links here, if the files are not in the same folder -->
<p><a href="./update_user.php">Update user account</a></p>
<p><a href="./update_user_profile.php">Update user PROFILE</a> (also user) </p>
<p><a href="/classes/access_user/test_access_level.php">test access level </a>(level 5 is used) </p>
<p><a href="/classes/access_user/admin_user.php">Admin page (user / access level update) </a>(only access for admin accounts with level: <?php echo DEFAULT_ADMIN_LEVEL; ?>) </p>
<p><a href="<?php echo $_SERVER['PHP_SELF']; ?>?action=log_out">Click here to log out.</a></p>
</body>

</html>

[Free WordPress Themes]

ok,

disable this setting:
define("USE_MYSQL_SESSIONS", true);

(set it to false)

ok,
It seems working now. Thanks ...
Questions. Am I right to leave the dir classes empty except sub-dir access_user? Anything else I need to be aware of?

[Free WordPress Themes]

ok,
It seems working now. Thanks ...
Questions. Am I right to leave the dir classes empty except sub-dir access_user? Anything else I need to be aware of?

great that it works

the directory structure is based on the structure I have on my laptop

yes the directory "classes" is as you described

Hi Olaf,

It's been few weeks now. I am still integrating the Access_user_class into my app then suddenly I found something so strange. The behavior of the class is different between FireFox and IE. I am not talking about the html or css format but about maybe, since I am not sure, cookies or session. I wonder if I can contact you privately to show you since the app is under development and I am not comfortable to display publicly. Thanks!

[Free WordPress Themes]

check this snipped:

http://www.finalwebsites.com/snippets.php?id=42

Thanks for the article. Though it does not reflect the problem I have, it explains other phenomenon I had with IE in the past. I look more into my problem and here I try to describe it:

The IE would have the same session for both domains sub1.domain.com and sub2.domain.com, where as in FF that requires two different sessions. The FF treatment would allow me to implement a scheme that a bob username would have an account entirely in sub directory /path/to/domain.com/web/public/bob and a jane username's counterpart would be /path/to/domain.com/web/public/jane; whereas it would fail in IE. For example, in IE, if bob logged in to his account (http://bob.domain.com ) then he can click into jane account (http://jane.domain.com ) without logging in with her username and password.

Thanks in advance for any insights.

[Free WordPress Themes]

You can't fix that with a session in IE, you need to use a different handler (don't ask me how exactly)

Thanks, Olaf! For your help and verification. I need to think of something then

[Free WordPress Themes]

Thanks, Olaf! For your help and verification. I need to think of something then

I think you need some remote requests to "exchange" the sessions (use curl)

[Guest]

[38.657]

Googlebot, Yahoo crawler, Msnbot, Baidu Spider, classylady