Xines

Anyone? Still needing this

header("location: admin/index"); die("Redirecting to: admin/index"); The "admin/index" here is the same as "home/index" or whatever, i haven't renamed it yet users can only see the page "admin/index" once logged in, else they can only see the normal index/login/register and forgot password functions

This is what i have so far, just included a ip function in register, but not rly using it yet, just good to have peoples ip gathered for later checks. Login.php <?php include_once("includes/config.php"); $submitted_username = ''; if(!empty($_POST)){ $query = " SELECT id, username, password, salt, email, ip FROM users WHERE username = :username "; $query_params = array( ':username' => $_POST['username'] ); try{ $stmt = $db->prepare($query); $result = $stmt->execute($query_params); } catch(PDOException $ex){ die("Failed to run query: " . $ex->getMessage()); } $login_ok = false; $row = $stmt->fetch(); if($row){ $check_password = hash('sha256', $_POST['password'] . $row['salt']); for($round = 0; $round < 65536; $round++){ $check_password = hash('sha256', $check_password . $row['salt']); } if($check_password === $row['password']){ $login_ok = true; } } if($login_ok){ unset($row['salt']); unset($row['password']); $_SESSION['user'] = $row; header("location: admin/index"); die("Redirecting to: admin/index"); } else{ print("Login Failed."); $submitted_username = htmlentities($_POST['username'], ENT_QUOTES, 'UTF-8'); } } ?>

Hey, i'm building a community site for my server at counter-strike source, i had a friend "at another location" to login after he registered, then once he was logged in i logged in aswell and changed page, then my username changes to his. For now i just want to get this little bug fixed before adding a "if logged in" function to prevent multi login so in the end i can be active aswell as my friends browsing pages without our usernames/accounts getting switched like a normal site. - I can provide code but since i don't know where the bug starts it obv will be dumb to post almost whole website code here, if you think you can help me then please pm me

Hello, i've been trying to make my website work currectly when multi loggin, but when i multi-login 2 accounts, and i switch page on one of the users lets call him user1, then goto the other user2 and switch page, my "username" at "user2" switches automaticly to user1, so i'll end up having 2 of the same usernames logged in so its "user1" and on the other account that should have been user2 it returns -> "user1". I have everything else setup correct, by using sha256 for encryption, and having my salt setup correct aswell. I'm using the latest bootstrap, and having mysql setup obv. I have no idea how to fix this, but i'm sure it's some kind of user validation that i need to include. So if someone is willing to help me out i will be really thanksfull! - Sincerely Xines.