Hi,
I'm trying to move our web site from a Windows 2000 box running IIS /
PHP CGI (4.0.6) to a RedHat box running Apache (actually IBM HTTP
Server v2.0.47) & PHP 4.3.10.
First of all, I didn't develop our web site - a consulting firm did it
about three years ago & it's pretty complex. I feel comfortable with
PHP, but parts of this code I just can't figure out. They relied
heavily upon register globals, it seems - so I've had to re-enable that
in php.ini on the Linux box. There's just too much code for me to go
back & re-write it all - I really just want to move the site over to
this new box. I'm kind of between a rock & a hard place in that I
really can't do anything to the web server - we're running IBM
WebSphere App server & Portal on the box and IBM wants this version of
the HTTP server... I've tried getting an older version of PHP to
compile against the HTTP server & it just doesn't work...
When I moved the code from the Windows box to the RedHat box, the first
thing I got when loading "http://mydomain" was a redirect to
"http:///?".
Looking through the code, I see that they set a cookie & do some checks
against the user database (mysql)... I think this is where the problem
lies, but I'm not sure how to go about fixing it...
There's a lot of code so I'm only posting the parts I think are
relevant... if we need to look at more I can post it...
INDEX.PHP:
<?PHP
include("./includes/common.inc.php");
pageStart();
?>
html stuff is here
<?
pageEnd();
?>
INCLUDES/COMMON.INC.PHP:
<?PHP
$COPYRIGHT_START = 2001;
## MySQL connectivity variables
$DB_NAME = "database";
$DB_HOST = "localhost";
$DB_PORT = "3306";
$DB_USER = "user";
$DB_PASS = "pass";
}
$BASEURL = "";
$DOCUMENT_ROOT = "/opt/IBMIHS/htdocs/en_US/mysite";
$ROOTPATH = "$DOCUMENT_ROOT";
## Debugging (un-comment to use)
NOTE: I FOUND THAT IF I UNCOMMENT THIS STUFF, THE PAGE ACTUALLY
RENDERS - I JUST GET A PHP ERROR ABOUT THE HEADERS HAVING ALREADY BEEN
SENT
/*
echo "<p>BASEURL = " .$BASEURL. "<br>\n";
echo "PATH_INFO = " .$PATH_INFO. "<br>\n";
echo "PATH_TRANSLATED = " .$PATH_TRANSLATED. "<br>\n";
echo "DOCUMENT_ROOT = " .$DOCUMENT_ROOT. "<br>\n";
echo "ROOTPATH = " .$ROOTPATH. "</p>\n";
echo ($SERVER_NAME.$SCRIPT_NAME ." ||| ". $BASEURL."/index.php");
*/
## == Admin User Stuff ============
$AdminUser = Array(); // Array containing admin user data
$AdminUser["ID"] = 0;
$AdminUser["Name"] = "";
$Access_Denied = 0;
$cookie_username = $HTTP_COOKIE_VARS["site_adminname"];
$cookie_usersess = $HTTP_COOKIE_VARS["site_adminsess"];
IF ($cookie_username!="" && $cookie_usersess!="" &&
$cookie_usersess!="x") {
## Note: any text sent to the browser before you call
setcookie() will kill it.
## This is because setcookie() must be run and send its info to
the browser in with
## the headers.
$dbh = dbconnect();
$query = "SELECT * FROM Admin_Users WHERE
UserName='".$cookie_username."' ";
//echo $query;
$query = mysql_query($query);
if (mysql_num_rows($query)){
$row = mysql_fetch_object($query);
if ($cookie_usersess ==
md5($cookie_username.($row->UserPass))) {
## cookie session is correct
$AdminUser["ID"] = $row->UserID;
$AdminUser["Name"] = $row->UserName;
setcookie("site_adminname", $cookie_username,
time()+432000, "/");
setcookie("site_adminsess", $cookie_usersess,
time()+1200, "/");
}
} else {
## invalid session
setcookie("site_adminsess", "x", time()+1200, "/");
$cookie_usersess = "";
}
dbclose($dbh);
}
## SECURE-SOCKETS-LAYER ################
if (($AdminUser["ID"] > 0) || ($forceSSL==true)) {
## force ssl
if ($HTTPS != "on") {
header("location:
https://$HTTP_HOST$PHP_SELF?$QUERY_STRING");
}
} else {
## non-admin; don't use https
if ($HTTPS != "off") {
header("location:
http://$HTTP_HOST$PHP_SELF?$QUERY_STRING");
}
}
There is more code after that, but only various functions called by the
pages in the site... I really think the problem has to do with
"setcookie" - based on the comments in the code... I just don't know
how to fix it!
If anyone has a suggestion I'd be happy to hear it.
Thanks,
Kelly
