I transferred a website I wrote in PHP4 to a different server with PHP5 installed. I am having the problem that if a user submits a form (whose action goes to the same page), navigates to a different page and then goes back to the original page with the form on, then the POST variables from before are still there so it acts as if the form has been submitted. does anyone know why this might be happening?
any help with this would be greatly appreciated!
thanksare you sure all you have done is transferred the file from php4 server to php5 server, it could be your new host has a problem, download a copy of easyphp and install it the easyphp website is <!-- m --><a class="postlink" href="http://www.easyphp.org">http://www.easyphp.org</a><!-- m --> then ftp into your site and copy the directory into your easyphp webroot. if the problem persists post here again, if not please contact your hosting provider and tell them they have a serious issue.
On second thoughts before contacting them or if it still does it on your easyphp webserver check your web browser. I know it sounds silly but u may have a peice of malware or even a virusThanks alot for the advice. I just tried submitting the form in Mozilla and the POST variables weren't there when I went back to the page like they were with IE. However I have a copy of the site on another server (with php4 installed on it) and when I test that page with IE I don't get the same problem as when testing it on the php5 server.
Could a virus be specific to the version of php?? I will test it on a few other computers to see what happens.
By the way the php4 page is at:
<!-- m --><a class="postlink" href="http://www.invigiator.com/recruit/member/login.php">http://www.invigiator.com/recruit/member/login.php</a><!-- m -->
and the php5 page is at:
<!-- m --><a class="postlink" href="http://sprecruitment.uk.com/member/login.php">http://sprecruitment.uk.com/member/login.php</a><!-- m -->
In IE to try to login with user <!-- e --><a href="mailto:'[email protected]">'[email protected]</a><!-- e -->' password 'testing' , click on logout in the menu then go back to the login pageI think the problem is that it is not logging the user out or at least that is the error i am getting. the phpinfo should not be visible from the internet by the way as this could lead to others exploiting security vunerabilities in php. just wondering but are you using output buffering to let headers be sent after html because this caused me a lot of errors when i was at novice - intermediate level in php. if so instead of using echo add all output to a variable like $bodycontent .= and then echo all data after the headers have been sent so you can turn off output buffering.
Also although it is none of my business if a client sees that page template they are quite likely to flip out because of lack of w3c compatibility. basically as they are a UK company they can risk legal action if the page is not accessible enough. You can check the page yourself at <!-- w --><a class="postlink" href="http://www.w3c.org">www.w3c.org</a><!-- w --> in xHTML transitional (the easiest xHTML) it failed with 95 errors and with HTML 4.01 it failed with about 15 errors, this could also be helping problems with cookies/sessions setting and deletingThanks. How can I tell if output buffering is turned on? I have some problems before with setting the cookies and so I put all the cookie code first and it was OK on my php4 server. But I will go through the code and check to make sure there are no echo statements before the headers.
I have changed the phpinfo to just show this instead at the bottom of the page:
<p><? echo "POST variable:".$_POST["submit"]; ?></p>
This still shows when I go back to the page even though I didn't click on 'login' which is why I think the POST variables are still there. But if I wait about 10mins then it isn't there.
The site is going to be redesigned so I will make sure that it is written in xhtml as I change it but thanks for telling me about that, I didn't know it was a legal requirement.basically to put the cookie code first would impy a chain of events that does not change what i am suggesting is when including files only include php files then use file_get_contents for the non server-side files this makes editing the cms much more easy and also if done properley takes out the need to put the cookies first for example
<?php
if(!isset($_GET['pg'])){
$pageheader = file_get_contents("./inc/header.html");
$pagecontents = file_get_contents("./pages/default.html");
$pagefooter = file_get_contents("./inc/footer.html");
$thepage = $pageheader.$pagecontents.$pagefooter;
}
if(isset($_GET['pg'])){
$pageheader = file_get_contents("./inc/header.html");
if(file_exists("./pages/".$_GET['pg'].".html")){
$pagecontents = file_get_contents("./pages/".$_GET['pg'].".html");
}
if(file_exists("./protectedpages/".$_GET['pg'].".html")){
$auth = "true";
$pagecontents = file_get_contents("./protectedpages/".$_GET['pg'].".html");
}
else{
$pagecontents = file_get_contents("./pages/default.html");
}
$pagefooter = file_get_contents("./inc/footer.html");
$thepage = $pageheader.$pagecontents.$pagefooter;
}
if((isset($auth)) && ($auth == "true")){
include('./auth.php');
}
echo $thepage;
?>
Using the above method for a really basic file based cms (easily ported to db!) you can have your auth pages set cookies and if nesecarry overwrite or add to (= or .=) the pagecontents keeping a nice looking webpage (highly customisable) while also keeping in all the power of php
any help with this would be greatly appreciated!
thanksare you sure all you have done is transferred the file from php4 server to php5 server, it could be your new host has a problem, download a copy of easyphp and install it the easyphp website is <!-- m --><a class="postlink" href="http://www.easyphp.org">http://www.easyphp.org</a><!-- m --> then ftp into your site and copy the directory into your easyphp webroot. if the problem persists post here again, if not please contact your hosting provider and tell them they have a serious issue.
On second thoughts before contacting them or if it still does it on your easyphp webserver check your web browser. I know it sounds silly but u may have a peice of malware or even a virusThanks alot for the advice. I just tried submitting the form in Mozilla and the POST variables weren't there when I went back to the page like they were with IE. However I have a copy of the site on another server (with php4 installed on it) and when I test that page with IE I don't get the same problem as when testing it on the php5 server.
Could a virus be specific to the version of php?? I will test it on a few other computers to see what happens.
By the way the php4 page is at:
<!-- m --><a class="postlink" href="http://www.invigiator.com/recruit/member/login.php">http://www.invigiator.com/recruit/member/login.php</a><!-- m -->
and the php5 page is at:
<!-- m --><a class="postlink" href="http://sprecruitment.uk.com/member/login.php">http://sprecruitment.uk.com/member/login.php</a><!-- m -->
In IE to try to login with user <!-- e --><a href="mailto:'[email protected]">'[email protected]</a><!-- e -->' password 'testing' , click on logout in the menu then go back to the login pageI think the problem is that it is not logging the user out or at least that is the error i am getting. the phpinfo should not be visible from the internet by the way as this could lead to others exploiting security vunerabilities in php. just wondering but are you using output buffering to let headers be sent after html because this caused me a lot of errors when i was at novice - intermediate level in php. if so instead of using echo add all output to a variable like $bodycontent .= and then echo all data after the headers have been sent so you can turn off output buffering.
Also although it is none of my business if a client sees that page template they are quite likely to flip out because of lack of w3c compatibility. basically as they are a UK company they can risk legal action if the page is not accessible enough. You can check the page yourself at <!-- w --><a class="postlink" href="http://www.w3c.org">www.w3c.org</a><!-- w --> in xHTML transitional (the easiest xHTML) it failed with 95 errors and with HTML 4.01 it failed with about 15 errors, this could also be helping problems with cookies/sessions setting and deletingThanks. How can I tell if output buffering is turned on? I have some problems before with setting the cookies and so I put all the cookie code first and it was OK on my php4 server. But I will go through the code and check to make sure there are no echo statements before the headers.
I have changed the phpinfo to just show this instead at the bottom of the page:
<p><? echo "POST variable:".$_POST["submit"]; ?></p>
This still shows when I go back to the page even though I didn't click on 'login' which is why I think the POST variables are still there. But if I wait about 10mins then it isn't there.
The site is going to be redesigned so I will make sure that it is written in xhtml as I change it but thanks for telling me about that, I didn't know it was a legal requirement.basically to put the cookie code first would impy a chain of events that does not change what i am suggesting is when including files only include php files then use file_get_contents for the non server-side files this makes editing the cms much more easy and also if done properley takes out the need to put the cookies first for example
<?php
if(!isset($_GET['pg'])){
$pageheader = file_get_contents("./inc/header.html");
$pagecontents = file_get_contents("./pages/default.html");
$pagefooter = file_get_contents("./inc/footer.html");
$thepage = $pageheader.$pagecontents.$pagefooter;
}
if(isset($_GET['pg'])){
$pageheader = file_get_contents("./inc/header.html");
if(file_exists("./pages/".$_GET['pg'].".html")){
$pagecontents = file_get_contents("./pages/".$_GET['pg'].".html");
}
if(file_exists("./protectedpages/".$_GET['pg'].".html")){
$auth = "true";
$pagecontents = file_get_contents("./protectedpages/".$_GET['pg'].".html");
}
else{
$pagecontents = file_get_contents("./pages/default.html");
}
$pagefooter = file_get_contents("./inc/footer.html");
$thepage = $pageheader.$pagecontents.$pagefooter;
}
if((isset($auth)) && ($auth == "true")){
include('./auth.php');
}
echo $thepage;
?>
Using the above method for a really basic file based cms (easily ported to db!) you can have your auth pages set cookies and if nesecarry overwrite or add to (= or .=) the pagecontents keeping a nice looking webpage (highly customisable) while also keeping in all the power of php