hey all i'm kellllz (kelsey if you prefer^^) Im trying to make a login form using sessions to make sure the person IS actually logged in on the next page so here is the login page code, I must warn you I'm not a very good programmer lol!
<?php
session_start();
if (!empty($_SESSION['login'])) {
session_destroy();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login</title>
</head>
<body>
<form id="form1" name="form1" method="post" action="test.php">
<label>name:<br />
<input type="text" name="name" />
</label>
<br />
<label>password:<br />
<input type="password" name="password" />
</label>
<br />
<br />
<label>
<input type="submit" name="Submit" value="Submit" />
</label>
<br />
</form>
<br />
<?php
//---------simple XOR encryption
function e($m){
$d='';for ($i=0;$i<strlen($m);$i++){
$d.=chr(ord($m[$i])^3);$i++;$i=$i-1;
}return $d;}
//------------------------------
if (isset($_POST['name'])) {
$name = $_POST['name'];$pass = $_POST['password'];
mysql_connect("localhost", "root", "") or die(mysql_error());
mysql_select_db("login") or die(mysql_error());
$result = mysql_query("SELECT * FROM adminlogin") //fetch from database
or die(mysql_error()); $row = mysql_fetch_array( $result );
if ($name == $row['name'] && $pass == e($row['pass'])) {
$_SESSION['login'] = 1;
echo '<script language="javascript" type="text/javascript">window.location="admin.php?' . htmlspecialchars(SID) . '";</script>';
}
}
?>
</body>
</html>
ok so yea erm.. it doesn't seem to be appending the session ID to the url of the next page so that i could do:
<?php
if (isset($_SESSION['admin'])) { echo 'your in!'; }
?>
I just want to make a login form so when i login it knows me on the next page in the control (admin) area so someone cant type the direct url to that admin page and enter it.
remember I'm new so be gentle!
thx for any help.