Tassadar

I have no errors coming up

will do, I actually have that in my files but they are commented out. Ill activate them and try again.

okay I think its working now.. kinda. on my main page (it only displays if logged in, if not it redirects back to the index so you CAN log in) it just re-directs me to the index.. something in the main page isn't detecting my session? <?php session_start(); if(!isset($_SESSION['uid'])){ $url = '/Template/index.html'; echo '<META HTTP-EQUIV=Refresh CONTENT="0; URL='.$url.'">'; }else{ include("safe.php"); include("functions.php"); ?> (HTML Stuff here) } <?php } Function.php <?php $myConnection = connect(); function connect() { return mysqli_connect("localhost","xxxxxxxx","xxxxxxxxx","xxxxxxxx"); } function output($string) { echo "<div id=\"output\">" . $string . "</div>"; } ?> safe.php (which just gathers info from the db for use) <?php $stats_get = mysql_query("SELECT * FROM `stats` WHERE `id`='".$_SESSION['uid']."'") or die(mysql_error()); $stats = mysql_fetch_assoc($stats_get); $unit_get = mysql_query("SELECT * FROM `unit` WHERE `id`='".$_SESSION['uid']."'") or die(mysql_error()); $unit = mysql_fetch_assoc($unit_get); $user_get = mysql_query("SELECT * FROM `user` WHERE `id`='".$_SESSION['uid']."'") or die(mysql_error()); $user = mysql_fetch_assoc($user_get); $user_get = mysql_query("SELECT * FROM `structure` WHERE `id`='".$_SESSION['uid']."'") or die(mysql_error()); $user = mysql_fetch_assoc($user_get); ?>

Here is the one I was using before this "sample code" and it didnt seem to work either.. but I think this one is better structured than the sample one: <?php session_start(); include("functions.php"); $myConnection = connect(); if(isset($_POST['login'])){ if(isset($_SESSION['uid'])){ echo "You are already logged in!"; }else{ $username = ($_POST['username']); $password = ($_POST['password']); $login_check = mysqli_query($myConnection,"SELECT `id` FROM `user` WHERE `username`='$username' AND `password`='".md5($password)."'") or die(mysql_error()); if(mysqli_num_rows($login_check) == 0){ echo "Invalid Username and/or Password combination!"; }else{ $get_id = mysqli_fetch_assoc($login_check); $_SESSION['uid'] = $get_id['id']; $url = 'main.php'; echo '<META HTTP-EQUIV=Refresh CONTENT="0; URL='.$url.'">'; } } }else{ echo ""; } ?> and function.php is where it connects to the DB: <?php $myConnection = connect(); function connect() { return mysqli_connect("localhost","xxxxxxxx","xxxxxxxxx","xxxxxxxx"); } function output($string) { echo "<div id=\"output\">" . $string . "</div>"; } ?> so somewhere between the two, I should be able to get it working.. use the .md5 and I noticed the first one is "SELECT * FROM $tbl_name WHERE username='$myusername' and the second: "SELECT `id` FROM `user` WHERE `username`='$username' should I be using SELECT * FROM or just SELECT `id` FROM ? <----- I think this also is where I might be getting screwed up because every table has a column for ID and Username.. or it may not have anything to do with it..

this was just a sample login script I found and plugged my login info into.. the one I had before this was even worse. and yeah I use md5 for my passwords. I am able to register and it connects to the DB just fine, but when I login it always tells me my username/password is wrong

I am trying to get a login to work for my site and I am almost there.. something about the order or something is throwing it off. So when I type in my username and password I get the "Wrong Username or Password", and Yes I typed the password and username exactly correct. <?php ob_start(); $host="localhost"; // Host name $username="username"; // Mysql username <-------edited these for posting purposes $password="password"; // Mysql password $db_name="dbname"; // Database name $tbl_name="tablename"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Define $myusername and $mypassword $myusername=$_POST['username']; $mypassword=$_POST['password']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "main.php" session_register("myusername"); session_register("mypassword"); header("location:main.php"); } else { echo "Wrong Username or Password"; } ob_end_flush(); ?> any help is much appreciated!

This works great thanks, now to get my login to work properly so I can actually view this page you must be logged in to view

how does that work if I have to use it inside the else clause? I would have to echo the HTML and there is quite a bit of it, with smaller PHP strings embedded

Hey all, new to the forum. I have been dabbling with PHP for a while and recently got back into it when my roommate and I decided to make a browser based game. I have been reading and testing code to get the hang of things (a lot has changed with 5.5) and so now I am working on a pretty neat game. Its a web browser RTS game in a space setting. Lots of great ideas and storyline to go with this game too. Not much as far as graphics go, its not that kind of game. On the outside looking in, the game looks fairly simple but behind the scenes its pretty nuts. ...and if anyone is interested lemme know! </shameless_plug> I hope to pick up more techniques and learn more about PHP from users on the forums!

I am working on a browser game and still learning some in's and out's of PHP. I have it working where the user enters their info in and submits the form, it then posts this info to the DB. Once the user submits the info, the site redirects to the main page where it would display everything if you were logged in. If you are not logged in however, it should only echo "You must be logged in to view this page" and nothing more. As of right now it does echo this, but still displays the rest of the page. Here is what I have for code: <?php session_start(); if(!isset($_SESSION['uid'])){ echo "You must be logged in to view this page!"; }else{ include("safe.php"); } ?> (HTML code goes in after this) Am I not using the correct use of if(!isset ?