3

I have moved my website from apache to nginx, but now I have the problem that my website doesn't want to send cookies (or start a session) to my users when they try to log in on the website.

This is my log in script:

<?php
session_start();
include("includes/config.php");
$naam = mysql_real_escape_string($_POST["naam"]);
$wachtwoord = md5(mysql_real_escape_string($_POST["wachtwoord"]));

if (strlen($naam) > 0)
{
if (strlen($wachtwoord) > 0)
{
    $uQuery = mysql_query("SELECT * FROM users WHERE username = '".$naam."' AND password = '".$wachtwoord."' LIMIT 1");
    if (mysql_num_rows($uQuery))
    {
        while($lid = mysql_fetch_array($uQuery)) {
            $id = $lid["id"];
        }
        $_SESSION["lid"] = $id;
        header("Location: me.php");
    } else {
        header("Location: index.php?error=1");
        }
    }
}
?>

This is what I'm using for connecting to MySQL (My config file):

<?php

$host = "ip address";
$username = "root";
$password = "password";
$db = "test";

 $con = mysql_connect($host, $username, $password);
if (!$con){ die('Verbinding mislukt: ' . mysql_error()); }
$db = mysql_select_db($db, $con);
if (!$db){ die ('Kan database niet vinden: ' . mysql_error()); } 
?>

Does someone know how to fix it?

Here's my nginx config:

#
# The default server
#
server {
listen       80 default_server;
server_name  ;

#charset koi8-r;

#access_log  logs/host.access.log  main;

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

location / {
    root   /usr/share/nginx/html/shine;
    index index.php   index.html index.htm;
}

error_page  404              /404.html;
location = /404.html {
    root   /usr/share/nginx/html;
}

error_page  404              /404.html;
location = /404.html {
    root   /usr/share/nginx/html;
}

# redirect server error pages to the static page /50x.html
#
error_page   500 502 503 504  /50x.html;
location = /50x.html {
    root   /usr/share/nginx/html;
}

# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
#    proxy_pass   http://127.0.0.1;
#}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {

    root           /usr/share/nginx/html/shine;
    fastcgi_pass   127.0.0.1:9000;
    fastcgi_index  index.php;
    fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
    include        fastcgi_params;
}

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
#    deny  all;
#}
}

Thanks!

RayR
  • 37
  • 5
  • PHP was working previously as you say, so it is ok. You should rather provide us config files – yergo Apr 29 '15 at 07:37
  • Everything has worked before, I'm using the same PHP version. I have tested the connection between my website and the MySQL server and that is working good.. – RayR Apr 29 '15 at 07:40
  • I have editted the post. :) – RayR Apr 29 '15 at 07:44
  • When I try to log in, the login page accepts my user and password and redirects me to the page where you will redirected to when you log in. The page where you get after a succesfully log in redirects me back to my index with the error that I didn't log in. – RayR Apr 29 '15 at 07:46
  • I know this from the first stage of your question. Your PHP code is OK. You have missed something in your ngnix configuration. Look, [here](http://stackoverflow.com/questions/22175000/nginx-does-not-pass-cookies-to-proxy), those are things we need. Your ngninx configuration. – yergo Apr 29 '15 at 07:50
  • Ohh, I have pasted it in the main thread. :) Thanks for helping. – RayR Apr 29 '15 at 07:54
  • mysql is deprecated, use mysqli or PDO. And MD5 shouldn't ever be used as a password hash, use the built-in secure [password_hash](http://php.net/manual/en/function.password-hash.php) functions. –  Apr 29 '15 at 08:00
  • I can change that later, but I have to fix the website with this script first.. It worked before and I have the same PHP version (PHP 5.3) so that should be no problem. MySQL is working, the problem is that the cookies don't work.. And thanks, I'm going to change the password hash. – RayR Apr 29 '15 at 08:02

1 Answers1

1

Thanks for all the help. I have found the fix for this. The cookie save folder wasn't there and didn't had the right cmod..

This command solved it:

mkdir /var/lib/php/session chmod -R 777 /var/lib/php/session

RayR
  • 37
  • 5