I have been received the manage tool + mysql database file written PHP code. This is my progress that i have done with it.
- Enable httpd, mysql, named run on my system.
- Create a database "dtabc", import the file "abc.sql" (include of the manage tool) into "dtabc" with mysqldump command . No problem occurs because i have check 'dtabc' with --phpmyadmin--, and i can see the tables of database. The manage tool can connect to database because if not, the error " Can't connect database" will appear.
- Then, i edit the path in 'config.php' file of manage tool to point to my location of manage too on web server. No problem occur because it can display when i access one of page. If having wrong path, nothing will appear.
- The first page i have got is 'login.php'. In this, having " User name" and " Paasword" where fill account information. However when i type user name and password (i'm sure that it's right), nothing happen, just receive the error "Access forbidden - Missing informations about the user". In case, i type user name and wrong password, it also display the same error message, NOT " Bad username/ Bad password" as the original website.
- I also ask my technician who give me the manage tool, however he said that the problem was my PHP or my web server because he have checked on his web server, or due to losing session ???. But, i also used my web server try to install a forum PHP (Invision board and Vbulletin with mysql), no problem appear, it can work well.

I am really not understand. Please help me solve the problem.
Thank you very very much.

Do you know if it is a mysql authentication (username and password stored in
a mysql database) or a HTTP authentication (username and password stored in
an authentication file created with htpasswd tool and managed by Apache) ?

Thanks for your reply,

it is a mysql authentication (username and password stored in
a mysql database). All inforamtion contain in 'user_access' tables

Please help me solve the problem.
Thanks again

And here is some files in my manage tool:

-- config.php: /[abc]/includes/config.php

===============================================================
<?

// Permit compression

// header("Accept-Encoding: deflate, gzip, compress"); // deflate and gzip Browser

// header("Content-Encoding: default"); // Server

// Include all necessary files



// Lock IP

if (getenv("HTTP_CLIENT_IP")){

$ip=getenv("HTTP_CLIENT_IP");

}else{

$ip=getenv("REMOTE_ADDR");

}

$today = date("Y-m-d H:i:s");



$LocalIP[] = "192.168.1.1"; // --GreG--

$LocalIP[] = "192.168.1.1"; // --Math--

$LocalIP[] = "127.0.0.1";



//========================================================

// DATABASE

//========================================================

if (in_array($ip, $LocalIP, FALSE)) {

define('DB_SERVER', "localhost");

define('DB_SERVER_USERNAME','root');

define('DB_SERVER_PASSWORD','pass');

define('DB_DATABASE','data');

} else {

define('DB_SERVER', "localhost");

define('DB_SERVER_USERNAME','root');

define('DB_SERVER_PASSWORD','pass');

define('DB_DATABASE','data');

}



//========================================================

// SERVER DIRECTORIES

//========================================================

// FS = Filesystem (physical)

// WS = Webserver (virtual)

// Files location

define('DIR_FS_DOCUMENT_ROOT', '/var/www/html/abc/' );

define('PFS', '/var/www/html/abc');

define("DIR_WS_INCLUDES", '/var/www/html/abc/includes/');



define('WEB_URL', '');

define('WEB_BASE', '');

define('UPLOAD_DIR', '/var/www/html/abc/');

define('UPLOAD_WEB', 'abc/uploads/');



define('DIR_WS_ROOT', DIR_FS_DOCUMENT_ROOT);

define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES.'functions/');

define('DIR_WS_CLASSES', DIR_WS_INCLUDES.'classes/');



// Initialize time

srand((double)microtime()*1000000);

mt_srand((double)microtime()*1000000);



// Initialize Binary Mask

define('A', 1); // 1

define('B', 2);

define('C', 4);

define('D', 8);

define('E', 16); // 5

define('F', 32);

define('G', 64);

define('H', 128);

define('I', 256);

define('J', 512); // 10

define('K', 1024);

define('L', 2048);

define('M', 4096);

define('N', 8192);

define('O', 16384); // 15

define('P', 32768);

define('Q', 65536);

define('R', 131072);

define('S', 262144);

define('T', 524288); // 20

define('U', 1048576);



// Start session

$include_file = DIR_WS_FUNCTIONS . 'sessions_accessrights.php'; include(DIR_WS_FUNCTIONS . 'include_once.php');

$include_file = DIR_WS_CLASSES . 'accessrights.php'; include(DIR_WS_FUNCTIONS . 'include_once.php');



// Connect Database

$include_file = DIR_WS_FUNCTIONS . 'database.php'; include(DIR_WS_FUNCTIONS . 'include_once.php');



// Load all functions

$include_file = DIR_WS_FUNCTIONS . 'time.php'; include(DIR_WS_FUNCTIONS . 'include_once.php');

$include_file = DIR_WS_FUNCTIONS . 'common.php'; include(DIR_WS_FUNCTIONS . 'include_once.php');



// Load all classes

$include_file = DIR_WS_CLASSES . 'news.php'; include(DIR_WS_FUNCTIONS . 'include_once.php');

$include_file = DIR_WS_CLASSES . 'user.php'; include(DIR_WS_FUNCTIONS . 'include_once.php');





// Connection à la db + Session PHP

$GLOBAL_ERRORMESSAGE = "";

$GLOBAL_USERID = "";

$GLOBAL_ALREADYHEADER = 1;

startSession();

tep_db_connect();

$access = new CAccessrights();



if ($command == "login") { // Si l'usager veut se loguer

if (!$access->checkUserLogin($hlogin, $hpassword, $TZ)) { // Si Login incorect

$GLOBAL_ERRORMESSAGE .= "<br>Bad Login / Password<br><br>";

$include_file = "index.php"; include(DIR_WS_FUNCTIONS . 'include_once.php');

// echo "Test 1<br>";

die();

}

else { // On démarre la session, car le Login-Password est OK

if (!$access->checkSessionAtLogin()) {

$GLOBAL_ERRORMESSAGE .= "<br>Access forbidden - Error 1<br><br>";

$include_file = "index.php"; include(DIR_WS_FUNCTIONS . 'include_once.php');

// echo "Test 1<br>";

die();

}

}

$LOGEDIN = 1;

}

else if ($command == "logout") {

stopSession();

$GLOBAL_ERRORMESSAGE .= "<br>Logout Successful<br><br>";

$include_file = "index.php"; include(DIR_WS_FUNCTIONS . 'include_once.php');

die();

}

// else if ($GLOBAL_USERID != 0) { // Si ce n'est pas un Login ou un Logout

else { // Si ce n'est pas un Login ou un Logout

if (!$access->loadUserInfos()) {

if ($GLOBAL_USERID != 0) {

$GLOBAL_ERRORMESSAGE .= "<br>Access forbidden - Error 3<br><br>";

}

if (!empty($comment)) {

$GLOBAL_ERRORMESSAGE .= "<br>Last Bug Comment Entered:<br>$comment<br><br>";

}

$GLOBALS['SESSION_NAME'] = "Guest";

// echo "Test error 3";

$include_file = "index.php"; include(DIR_WS_FUNCTIONS . 'include_once.php');

die();

}

if (!$access->checkSessionInPages()) {

if ($GLOBAL_USERID != 0) {

$GLOBAL_ERRORMESSAGE .= "<br>Access forbidden - Error 4<br><br>";

}

if (!empty($comment)) {

$GLOBAL_ERRORMESSAGE .= "<br>Last Bug Comment Entered:<br>$comment<br><br>";

}

$GLOBALS['SESSION_NAME'] = "Guest";

// echo "Test error 4";

$include_file = "index.php"; include(DIR_WS_FUNCTIONS . 'include_once.php');

die();

}

}

// Created for "View history"

// if (!empty($access->m_loginid)) { $GLOBAL_USERID = $access->m_loginid; }

// echo "GUID = $GLOBAL_USERID<br>";

// print_r($access);

?>

===============================================================

And anothers:

-- access.php : /abc/access.php

===============================================================

<?

$GLOBAL_LANGUAGE = 1;



require_once("includes/config.php");

require_once("head.php");



if ($p_loggued_in == "1") {

$include_file = DIR_WS_CLASSES . 'components.php'; include(DIR_WS_FUNCTIONS . 'include_once.php');

$m_comp = new CComp();

$m_comp->getVersionsList($GLOBALS['SESSION_GAME'],$GLOBALS['SESSION_DEVICE']);

}

?>



<table cellpadding=0 cellspacing=0 width=100% border=0>

<tr valign=top>



<!-- begin left column-->

<td width=5 bgcolor=#5B88AB align=right>&nbsp;</td>

<td width="1" bgcolor="#000000"><img src="/qa/images/b.gif" width="1" height="1"></td>

<!-- end left column -->



<!-- begin main column -->

<td bgcolor=#FFFFFF>

<span class=spacer8>&nbsp;<br clear=all></span>

<?

if ($GLOBAL_ERRORMESSAGE) { ?>

<table width="90%" border="0" cellspacing="0" cellpadding="0" align="center">

<tr valign="top">

<td align="center" valign="top" class="ErrorMess"><? echo $GLOBAL_ERRORMESSAGE; ?></td>

</tr>

</table>

<span class=spacer8>&nbsp;<br clear=all></span>

<? } ?>

<?

if ($p_loggued_in == "1" && $GLOBALS['SESSION_USERTST'] && $GLOBALS['SESSION_GAME'] && $GLOBALS['SESSION_DEVICE']) {

?>

<div align="center"><font color="#000000" class="ggheader2">Project Punch In/Out</font></div>

<? $users->loadUserInfos($GLOBALS['SESSION_USERID']);

$users->getUserHours($GLOBALS['SESSION_USERID']); ?>

<form action="access.php" method="get">

<input type="hidden" name="command" value="punch">

<input type="hidden" name="userid" value="<? echo $GLOBALS['SESSION_USERID']; ?>">

<table cellpadding="0" cellspacing="0" width="60%" border="0" class="gsblack12" align="center">

<tr valign="top">

<td align="center" width="100%"><? if ((!$users->m_Punch[0]['PunchIn']) && ($GLOBALS['SESSION_GAME'])) { ?>Punch In<? } else { ?>Punch Out<? } ?></td>

</tr>

<tr valign="top">

<td align="center"><? if ((!$users->m_Punch[0]['PunchIn']) && ($GLOBALS['SESSION_GAME'])) { echo getCompById($GLOBALS['SESSION_GAME'], 'Game'); } else { ?><input type="submit" name="punchout" value="Punch Out"><? } ?></td>

</tr>

<tr valign="top">

<td align="center"><? if ((!$users->m_Punch[0]['PunchIn']) && ($GLOBALS['SESSION_GAME'])) { echo getCompById($GLOBALS['SESSION_DEVICE'], 'Device'); } ?></td>

</tr>

<tr valign="top">

<td align="center">

<? if ((!$users->m_Punch[0]['PunchIn']) && ($GLOBALS['SESSION_GAME'])) { ?>

<SELECT name="version">

<option value="0" SELECTED>[SELECT]</option>

<? for($i=0; $i<$m_comp->nb_gdv; $i++) { ?>

<option value="<? echo $m_comp->m_gdv_id[$i]; ?>"><? echo $m_comp->m_gdv_name[$i]; ?></option>

<? } ?>

</SELECT>

<? } else { ?>

<font color="#000000"><strong>You are currently

<? if ($users->m_Punch[0]['PunchIn']) {

echo "punched in the : ".$users->m_Punch[0]['game']." / ".$users->m_Punch[0]['device']."<br>";

echo "V. ".$users->m_Punch[0]['version']." project, since ".$users->m_Punch[0]['punch_in'].".";

} ?></strong></font><br clear="all"><br><? } ?>

</td>

</tr>

<tr valign="top">

<td align="center"><?

if ((!$users->m_Punch[0]['PunchIn']) && (!$GLOBALS['SESSION_GAME'])) { ?><br><br>Log in a Project First!<br><?

} else if (!$users->m_Punch[0]['PunchIn']) { ?><input type="submit" name="punchin" value="Punch In"><? } ?></td>

</tr>

</table>

</form>

<?

} else if (!$GLOBALS['SESSION_GAME'] || ($GLOBALS['SESSION_DEVICE']<500)) {

$include_file = DIR_WS_CLASSES . 'components.php'; include(DIR_WS_FUNCTIONS . 'include_once.php');

$m_comp = new CComp();

// $m_comp->getDevicesList();

$m_comp->getGamesList();

?>



<script language="javascript">

function changeList(form, index) {

var objSelect = form.project_device;

while(objSelect.options.length > 1)

{

objSelect.remove(1);

}

<?

for($i=0; $i<$m_comp->nb_Games; $i++) {

if ($i>0) {

echo "else ";

}

?>

if (index == "<? echo $m_comp->m_gameid[$i]; ?>") {

<?

$m_comp->getGameDevice($m_comp->m_gameid[$i]);

for($j=0; $j<$m_comp->nb_gd; $j++) {

?>

objOption = document.createElement("option");

objOption.text = "<? echo $m_comp->m_gd_dname[$j] ?>";

objOption.value = "<? echo $m_comp->m_gd_did[$j] ?>";

if(document.all && !window.opera)

{objSelect.add(objOption);}

else

{objSelect.add(objOption, null);}

<?

}

?>

}

<?

}

?>

}

</script>

<div align="center"><font color="#000000" class="ggheader2">Project Login</font></div>

<form action="access.php" method="get" name="Intro" id="Intro">

<input type="hidden" name="p_loggued_in" value="1">

<table cellpadding="0" cellspacing="0" width="100%" border="0">

<tr>

<td class="gsblack11" align="right" width="40%">Game Name :</td>

<td width="60%">&nbsp;

<select name="project_game" class="gsblack11" OnChange="changeList(this.form,this.options[this.selectedIndex].value)">

<option value="0" SELECTED>[SELECT]</option>

<? for($i=0; $i<$m_comp->nb_Games; $i++) { ?>

<option value="<? echo $m_comp->m_gameid[$i]; ?>"><? echo $m_comp->m_gamename[$i]; ?></option>

<? } ?>

</select>

</td>

</tr>

<tr>

<td class="gsblack11" align="right">Device :</td>

<td>&nbsp;

<select name="project_device" class="gsblack11">

<option value="0" SELECTED>[SELECT]</option>

</select>

</td>

</tr>

</table>

<span class=spacer4>&nbsp;<br clear=all></span>

<div align="center"><input type="submit" name="submit" value="Continue"></div>

</form>

<?

} else {

$m_news = new CNews();

$m_news->loadAllNews(); ?>

<span class=spacer4>&nbsp;<br clear=all></span>

<table cellpadding="0" cellspacing="0" width="100%" border="0">

<tr valign="top">

<td width="10%">&nbsp;</td>

<td align="center" valign="top">

<? for($i=0; $i<$m_news->nb_News; $i++) { ?>

<table cellpadding="0" cellspacing="0" width="100%" border="0" class="NewsBG">

<tr valign="top">

<td width="10" class="NewsHeader">&nbsp;</td>

<td align="center" valign="middle" class="NewsHeader"><? echo $m_news->m_newsInfos[$i]['subject']; ?></td>

<td align="right" valign="middle" class="NewsHeaderDate"><? echo $m_news->m_newsInfos[$i]['created_by']." - ".$m_news->m_newsInfos[$i]['created_date']; ?></td>

<td width="10" class="NewsHeader">&nbsp;</td>

</tr>

<tr valign="top">

<td width="10">&nbsp;</td>

<td align="left" valign="top" colspan="2"><br><? echo $m_news->m_newsInfos[$i]['message']; ?><br><br></td>

<td width="10">&nbsp;</td>

</tr>

</table>

<span class=spacer8>&nbsp;<br clear=all></span>

<? } ?>

</td>

<td width="10%">&nbsp;</td>

</tr>

</table>

<?

}

?>

<span class=spacer8>&nbsp;<br clear=all></span>

</td>

<!-- end main column -->



<!-- begin rightnav -->

<td width="1" bgcolor="#000000"><img src="/abc/images/b.gif" width="1" height="1"></td>

<td width=5 bgcolor=#5B88AB align=right>&nbsp;</td>

<!-- end rightnav -->



</tr>

</table>



<?

require_once("foot.php");

?>

===============================================================

-- index.php : /abc/index.php

===============================================================

<?

error_reporting(~E_ALL);

require_once("includes/config.php");

require_once("head.php");

?>



<table cellpadding=0 cellspacing=0 width=100% border=0>

<tr valign=top>



<!-- begin left column-->

<td width=100 bgcolor=#5B88AB align=center><font class="gsclink11">

<br><? if ($GLOBALS['SESSION_NAME'] != "Guest") { echo "&nbsp;"; } else { echo "Please Log In!"; }?><br>

<br>Local IP :<br>

<? echo $ip;?><br>

</font></td>

<td width="1" bgcolor="#000000"><img src="/abc/images/b.gif" width="1" height="1"></td>

<!-- end left column -->



<!-- begin main column -->

<td bgcolor=#FFFFFF>

<span class=spacer8>&nbsp;<br clear=all></span>

<? if ($GLOBAL_ERRORMESSAGE) { ?>

<table width="90%" border="0" cellspacing="0" cellpadding="0" align="center">

<tr valign="top">

<td align="center" valign="top" class="ErrorMess"><? echo $GLOBAL_ERRORMESSAGE; ?></td>

</tr>

</table>

<span class=spacer8>&nbsp;<br clear=all></span>

<? }

$m_news = new CNews();

$m_news->loadAllNews(); ?>

<table cellpadding="0" cellspacing="0" width="100%" border="0">

<tr valign="top">

<td width="10%">&nbsp;</td>

<td align="center" valign="top">

<? for($i=0; $i<$m_news->nb_News; $i++) { ?>

<table cellpadding="0" cellspacing="0" width="100%" border="0" class="NewsBG">

<tr valign="top">

<td width="10" class="NewsHeader">&nbsp;</td>

<td align="center" valign="middle" class="NewsHeader"><? echo $m_news->m_newsInfos[$i]['subject']; ?></td>

<td align="right" valign="middle" class="NewsHeaderDate"><? echo $m_news->m_newsInfos[$i]['created_by']." - ".$m_news->m_newsInfos[$i]['created_date']; ?></td>

<td width="10" class="NewsHeader">&nbsp;</td>

</tr>

<tr valign="top">

<td width="10">&nbsp;</td>

<td align="left" valign="top" colspan="2"><br><? echo $m_news->m_newsInfos[$i]['message']; ?><br><br></td>

<td width="10">&nbsp;</td>

</tr>

</table>

<span class=spacer8>&nbsp;<br clear=all></span>

<? } ?>

</td>

<td width="10%">&nbsp;</td>

</tr>

</table>

<span class=spacer8>&nbsp;<br clear=all></span>

</td>

<!-- end main column -->



<!-- begin rightnav -->

<td width="1" bgcolor="#000000"><img src="/abc/images/b.gif" width="1" height="1"></td>

<td width=5 bgcolor=#5B88AB align=right>&nbsp;</td>

<!-- end rightnav -->



</tr>

</table>



<?

include_once("foot.php");

?>

===============================================================

And anothers,

-- accessright.php : /abc/includes/classes/accessright.php

==============================================================

<?



class CAccessrights

{

var $m_login;

var $m_loginid;

var $m_name;

var $m_rights;

var $m_tester;

var $m_dev;

var $m_manager;

var $m_timezone;

var $m_groups; // Liste des groupes (table access_groups)

var $m_modules;

var $m_mod;

var $m_access;

var $m_sizebinstr = 32; // Sur 32 bits



// Constructeur

function CAccessrights() {

}



// Vérifie le login-password de l'usager pour accéder au site selon ses droits

function checkUserLogin($login, $password, $TZ) {

global $GLOBAL_USERID;

// print("We are beginning the checkUserLogin()<br>");

// On vérifie si l'usager a vraiment entré des données

if (($login=="") || ($password=="")) return(false);



// On va chercher les droits d'accès de l'usager dans la bd.

$sql = "SELECT id,login,name,security,tester,dev,man,tz,options,usermask FROM qa_access WHERE login = '$login' AND password = MD5('$password') and active >0";

$db_query = tep_db_query($sql);

if (tep_db_num_rows($db_query)) {

$res = tep_db_fetch_array($db_query);

$this->m_loginid = $res[0];

$this->m_login = $res[1];

$this->m_name = $res[2];

$this->m_rights = $res[3];

$this->m_tester = $res[4];

$this->m_dev = $res[5];

$this->m_manager = $res[6];

$this->m_timezone = $TZ;

$this->m_options = $res[8];

$this->m_mask = $res[9];

}

tep_db_free_result($db_query);

// echo "$login, $password<br>";

// echo "LOGINID=$this->m_loginid LOGIN=$this->m_login IP=$this->m_ip RIGHTS=$this->m_rights <br>";



// On vérifie les données

if ($login == $this->m_login) {

session_register("SESSION_NAME");

$GLOBALS["SESSION_NAME"] = $this->m_name;

session_register("SESSION_USERID");

$GLOBALS["SESSION_USERID"] = $this->m_loginid;

$GLOBAL_USERID = $this->m_loginid;

session_register("SESSION_USERSEC");

$GLOBALS["SESSION_USERSEC"] = $this->m_rights;

session_register("SESSION_USERTST");

$GLOBALS["SESSION_USERTST"] = $this->m_tester;

session_register("SESSION_USERDEV");

$GLOBALS["SESSION_USERDEV"] = $this->m_dev;

session_register("SESSION_USERMAN");

$GLOBALS["SESSION_USERMAN"] = $this->m_manager;

session_register("SESSION_USERTZ");

$GLOBALS["SESSION_USERTZ"] = $this->m_timezone;

session_register("SESSION_OPTIONS");

if ($this->m_options == "") { $this->m_options = hexdec("FFFFFFFF"); }

$GLOBALS["SESSION_OPTIONS"] = $this->m_options;

session_register("SESSION_USERMASK");

$GLOBALS["SESSION_USERMASK"] = $this->m_mask;

return(true);

$this->checkSessionAtLogin(); }

else return(false);

}



function strIsInDb($str, $req) {

$newreq = sprintf($req, $str);

$db_query = tep_db_query($newreq);

$n = tep_db_num_rows($db_query);

tep_db_free_result($db_query);

if ($n) return(true);

else return(false);

}



function loadUserInfos() {

global $GLOBAL_ERRORMESSAGE;

// print("We are beginning the loadUserInfos()<br>");

// On va chercher les informations de l'usager dans la bd.

$sql = "SELECT abc_access.id,qa_access.login,abc_access.name,abc_access.security,abc_access_sessions.id FROM abc_access INNER JOIN abc_access_sessions ON abc_access_sessions.id = abc_access.id WHERE abc_access_sessions.sessionid = '".$GLOBALS["SESSION_ID"]."'";

$db_query = tep_db_query($sql);

if (tep_db_num_rows($db_query)) {

$res = tep_db_fetch_array($db_query);

$this->m_loginid = $res[0];

$this->m_login = $res[1];

$this->m_name = $res[2];

$this->m_rights = $res[3];

}

tep_db_free_result($db_query);

//echo "LOGINID=$this->m_loginid LOGIN=$this->m_login IP=$this->m_ip RIGHTS=$this->m_rights <br>";



// S'il manque une info, accès interdit

if (!$this->m_loginid || !$this->m_login || !$this->m_name || !$this->m_rights) {

$GLOBAL_ERRORMESSAGE .= "Access forbidden - Missing informations about the user";

stopSession();

return(false);

}

else return(true);

}



function changeCheckboxToDec($arraybox) {

for ($i=0; $i < $this->m_sizebinstr; $i++) { // Potentiel de 32 checkboxes dans le tableau

if ($arraybox[$i] == "on") $str .= "1";

else $str .= "0";

}

return(bindec(strrev($str)));

}



// Vérifie l'adresse IP selon le format x.x.x.x

// Retourne TRUE si bon format. FALSE sinon.

function checkIpAddress() {

$ip = getIPAddress();

$addr_bd = explode(".", $this->m_ip);

$addr_ip = explode(".", $ip);

$sizetab = sizeof($addr_ip);



// On procède à la vérification

for ($i=0; $i < $sizetab; $i++) {

if (is_numeric($addr_bd[$i]) && $addr_ip[$i] != $addr_bd[$i]) {

return(false);

}

}

return(true);

}



// On vérifie la validité de la session

function checkSessionAtLogin() {

global $GLOBAL_ERRORMESSAGE;

// print("We are beginning the checkSessionAtLogin()<br>");

// On insère les données dans la table access_session.

// Si elle existe déjà, on update la date seulement.

$today=gmdate("YmdHis", time());

if ($this->strIsInDb($this->m_loginid, "select id from abc_access_sessions where id='%s'")) {

$sql = "update abc_access_sessions set date='$today',sessionid='".$GLOBALS["SESSION_ID"]."' where id='$this->m_loginid'";

$db_query = tep_db_query($sql);

}

else { // On insère les données dans la table access_session.

$sql = "insert into abc_access_sessions (id,date,sessionid) values ('$this->m_loginid','$today','".$GLOBALS["SESSION_ID"]."')";

$db_query = tep_db_query($sql);

}



// Si tout s'est bien passé, l'user peut voir la page

return(true);

}



// On vérifie la validité de la session

function checkSessionInPages() {

global $GLOBAL_ERRORMESSAGE;

// print("We are beginning the checkSessionInPages()<br>");

// 1- On vérifie si le session_id existe. Si non, LOGOUT.

if ($GLOBALS["SESSION_ID"] == "") {

$GLOBAL_ERRORMESSAGE .= "Session ID is missing";

stopSession();

return(false); // Accès interdit car pas de session

}

// 2- Vérification de la date

$sql = "select UNIX_TIMESTAMP(date) from abc_access_sessions where sessionid='".$GLOBALS["SESSION_ID"]."'";

$db_query = tep_db_query($sql);

if (tep_db_num_rows($db_query)) {

$res = tep_db_fetch_array($db_query);

}

$datetime = $res[0];

tep_db_free_result($db_query);

if ((gmdate("U", time())-$datetime) > 14400) {

$GLOBAL_ERRORMESSAGE .= "Session expired";

stopSession();

return(false); // Accès interdit car temps dépassé

}

// 3- On update les données dans la table accesssession.

$today=gmdate("YmdHis", time());

$sql = "update abc_access_sessions set date='$today' where sessionid='".$GLOBALS["SESSION_ID"]."'";

$db_query = tep_db_query($sql);



// Si tout s'est bien passé, l'usager peut voir la page

return(true);

}

}



?>

==============================================================

Everybody, please help me. It's very important for me. I am really meet more difficult with it.

Thank you very much. I need your help, your idear, your solution, and ...more. please

In /abc/includes/classes/accessright.php file :

try to replace all :
with :

Thanks for your reply, however it still doesn't work. Only and only one login page ( I can't login.
Here is my accessright.php file has edited with your guide:

Please help me again. Thank you very much.

Ok, fine
now replace all :
with:

Thanks for your idea,
however it still can't work (. I really don't understand why. The provider said that the cause is my PHP configuration, and they also send me the phpinfo.php. I will send for you.

--- First: phpinfo.php from my provider

And here is my phpinfo.php

Please help me solve the problem. Thank you very much.

That's what I tought, you have register_globals set to Off, which mean you can't call your sessions variables
with their global names but with the $_SESSION[] Array instead.

Please ask before posting complete output as this, the thread is unreadable now

In /abc/access.php :
change all :
$GLOBAL[XXX]

with:
$_SESSION[XXX]

Thanks for your help again,
however i'm really sorry, it doesn't work (

Do you have some mistake with me?

Please help me. And thanks for advanced.