Internet Explorer will not open a password-protected webpage

Report · Nov 08, 2006

I've asked this question in the General Discussion forum but did not find a solution. I am using DW8.0.2 / MySQL 4.1 / PHP5.1 to create PHP login and restricted access webpages. Locally (i.e. Windows XP / IIS5.0), they all function properly no matter what browser I use. However, on my ISP's server that running Linux / Apache, Internet Explorer 6.x or 7.x will not open the password-protected webpages - all the other php pages open and function properly. I can use Opera, Netscape, or Firefox and the pw_protected webpages open fine - just not in IE.

I've tried cookies on / off, popup blocker on / off, and changed my PHP login scripting - all to no avail. Any one have any ideas why IE won't open a PHP-scripted pw-protected webpage while all other browsers can?

Report · Nov 08, 2006

It has to be related to the session variables not being set in IE. Have you
tried adding your site to the Trusted Sites list and see if that helps.

--
Paul Whitham
Certified Dreamweaver MX2004 Professional
Adobe Community Expert - Dreamweaver

Valleybiz Internet Design
www.valleybiz.net

"holymackeral" <webforumsuser@macromedia.com> wrote in message
news:eit8m0$8bj$1@forums.macromedia.com...
> I've asked this question in the General Discussion forum but did not find
> a
> solution. I am using DW8.0.2 / MySQL 4.1 / PHP5.1 to create PHP login and
> restricted access webpages. Locally (i.e. Windows XP / IIS5.0), they all
> function properly no matter what browser I use. However, on my ISP's
> server
> that running Linux / Apache, Internet Explorer 6.x or 7.x will not open
> the
> password-protected webpages - all the other php pages open and function
> properly. I can use Opera, Netscape, or Firefox and the pw_protected
> webpages
> open fine - just not in IE.
>
> I've tried cookies on / off, popup blocker on / off, and changed my PHP
> login
> scripting - all to no avail. Any one have any ideas why IE won't open a
> PHP-scripted pw-protected webpage while all other browsers can?
>

Report · Nov 09, 2006

BTW... I've found no mention of this problem in any Google searches or other PHP, IE or Microsoft forums.

Report · Nov 09, 2006

Thanks for your suggestion. I've added the site to IE's Trusted Zone... but no luck. And to test further, I've turned off EVERY 'disable' feature I could in IE and still no joy.

Could the problem be how IE proceses (or doesn't process) my PHP logon scripts and possibly does not pass the session on to Apache (the server is a Linux box running Apache)? I'm enclosing my scripts for review and hopefully for a discovery of why this is happening only in IE and not the other browsers.

Here is my logon script:

<?php
// *** Start the session
session_start();
// *** Validate request to log in to this site.
$FF_LoginAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING']) && $HTTP_SERVER_VARS['QUERY_STRING']!="") $FF_LoginAction .= "?".htmlentities($HTTP_SERVER_VARS['QUERY_STRING']);
if (isset($HTTP_POST_VARS['Username'])) {
$FF_valUsername=$HTTP_POST_VARS['Username'];
$FF_valPassword=$HTTP_POST_VARS['Password'];
$FF_fldUserAuthorization="Status";
$FF_redirectLoginSuccess="bulletin_edit.php";
$FF_redirectLoginFailed="access_error.html";
$FF_rsUser_Source="SELECT Username, Password ";
if ($FF_fldUserAuthorization != "") $FF_rsUser_Source .= "," . $FF_fldUserAuthorization;
$FF_rsUser_Source .= " FROM tblaccess WHERE Username='" . $FF_valUsername . "' AND Password='" . $FF_valPassword . "'";
mysql_select_db($database_leathernecks, $leathernecks);
$FF_rsUser=mysql_query($FF_rsUser_Source, $leathernecks) or die(mysql_error());
$row_FF_rsUser = mysql_fetch_assoc($FF_rsUser);
if(mysql_num_rows($FF_rsUser) > 0) {
// username and password match - this is a valid user
$MM_Username=$FF_valUsername;
session_register("MM_Username");
if ($FF_fldUserAuthorization != "") {
$MM_UserAuthorization=$row_FF_rsUser[$FF_fldUserAuthorization];
} else {
$MM_UserAuthorization="";
}
session_register("MM_UserAuthorization");
if (isset($accessdenied) && false) {
$FF_redirectLoginSuccess = $accessdenied;
}
mysql_free_result($FF_rsUser);
session_register("FF_login_failed");
$FF_login_failed = false;
header ("Location: $FF_redirectLoginSuccess");
exit;
}
mysql_free_result($FF_rsUser);
session_register("FF_login_failed");
$FF_login_failed = true;
header ("Location: $FF_redirectLoginFailed");
exit;
}
?>
---------------------------------------------------------------------------------
And here is the script that appears on each restricted webpage:
<?php
// *** Restrict Access To Page: Grant or deny access to this page
$FF_authorizedUsers=" edit";
$FF_authFailedURL="access_error.html";
$FF_grantAccess=0;
session_start();
if (isset($HTTP_SESSION_VARS["MM_Username"])) {
if (false || !(isset($HTTP_SESSION_VARS["MM_UserAuthorization"])) || $HTTP_SESSION_VARS["MM_UserAuthorization"]=="" || strpos($FF_authorizedUsers, $HTTP_SESSION_VARS["MM_UserAuthorization"])) {
$FF_grantAccess = 1;
}
}
if (!$FF_grantAccess) {
$FF_qsChar = "?";
if (strpos($FF_authFailedURL, "?")) $FF_qsChar = "&";
$FF_referrer = "Restricted Area";
$FF_authFailedURL = $FF_authFailedURL . $FF_qsChar . "accessdenied=" . urlencode($FF_referrer);
header("Location: $FF_authFailedURL");
exit;
}
?>
-------------------------------------------------------------------------------------

Any ideas, suggestions or help is greatly appreciated.