jackel15

Thanks Man, sorry I didn't get back sooner.

Got it! Awesome. I put it on the pages that are protected and now there's no way around logging in. Thanks Guys.

I have a user login system built to access the admin area of my site. Once you've logged in and then log out, you can just type the address of the admin page directly into the url and get there, just as if you're still logged in. It appears you never really log out. I get these errors when linking directly to a protected page. Line 10 and 11: if($_SESSION['access'] != TRUE) { header('Location: login.php'); } I have an _admin/index.php which you need to be logged into see. _admin/Login.php <?php error_reporting(E_ALL); ini_set("display_errors", 1); include('../_assets/path.php'); session_save_path($path); if(empty($_POST)) { $status = 'Please Enter Username and Password to Add, Edit and Remove Sermons.'; } else { $user = $_POST['user']; $pass = $_POST['pass']; $error_list = array(); if(empty($user)) { $error_list[] = 'Please Enter Your Username'; } if(empty($pass)) { $error_list[] = 'Please Enter Your Password'; } if(empty($error_list)) { include('../_assets/info.php'); mysql_connect("$host", "$username", "$password")or die("Could Not Connect to Server. Check Login Info."); mysql_select_db("$db_name")or die('Could Not Connect to Database. Please email the webmaster at christensonmedia@gmail.com and try again later.'); $sql = "SELECT id"; $sql .= " FROM users"; $sql .= " WHERE user='$user'"; $sql .= " AND pass='$pass'"; $result = mysql_query($sql); if(mysql_num_rows($result) == 1) { session_start(); $_SESSION['access'] = TRUE; header('Location: index.php'); } else { $status = 'The Username and Password you entered was invalid. Please Try again.'; } } else { foreach($error_list as $error_message) { $status = "$error_message<br />"; } } } ?> _admin/Logout.php <?php include('../_assets/path.php'); session_save_path($path); session_start(); $_SESSION['access'] = FALSE; session_destroy(); header('Location: ../index.php'); ?> And the code that check for users status on _admin/index.php <?php error_reporting(E_ALL); ini_set("display_errors", 1); include('../_assets/path.php'); session_save_path($path); session_start(); if($_SESSION['access'] != TRUE) { header('Location: login.php'); } include('../_assets/info.php'); mysql_connect("$host", "$username", "$password")or die("Could Not Connect to Server. Check Login Info."); mysql_select_db("$db_name")or die('Could Not Connect to Database. Please email the webmaster at christensonmedia@gmail.com and try again later.'); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

changing the path on every page I check for the session made it work. Thanks so much for your help. I would still be beating my brains out wondering what's going on if it wasn't for this forum. Thanks Again Daniel0.

I've changed it to a folder that I've set up. What should the permissions be? It is giving me the same error. i used at the top of the login page: $path = '//cocoafirstassembly.ipower.com:21//php_sessions/sess_bb2a139f2f0b0baa7f1838986834bc15/'; session_save_path($path); folder structure: index.php _admin/index.php _admin/login.php _admin/logout.php I'm trying to get to index.php in the admin folder, but when i get there, the login check at the top of the page is kicking me back to the login.php page. session_start(); if($_SESSION['access'] != TRUE) { header('Location: login.php'); }

How do i get that straightened out?

I put error_reporting(E_ALL); ini_set("display_errors", 1); at the top of the page and its giving me these errors:

Still no luck. I've tried these things and session stays empty and doesnt echo anything. I have no clue what is happening.

wow, I don't feel stupid at all.

I'm using $_SESSION to login and access my admin section. I have used this code before and it has worked. It is accepting the username and password, but kicking me back to the login page. All the admin pages check for your session and if not found then kick back to login.php. Login Page code above doctype: <?php if(empty($_POST)) { $status = 'Please Enter Username and Password to Add, Edit and Remove Sermons.'; } else { $user = $_POST['user']; $pass = $_POST['pass']; $error_list = array(); if(empty($user)) { $error_list[] = 'Please Enter Your Username'; } if(empty($pass)) { $error_list[] = 'Please Enter Your Password'; } if(empty($error_list)) { mysql_connect('','',''); mysql_select_db('') or die('Could Not Connect to Database. Please email the webmaster at christensonmedia@gmail.com and try again later.'); $sql = "SELECT id"; $sql .= " FROM users"; $sql .= " WHERE user='$user'"; $sql .= " AND pass='$pass'"; $result = mysql_query($sql); if(mysql_num_rows($result) == 1) { session_start(); $_SESSION['logged_in'] = true; header('Location: index.php'); } else { $status .= 'The Username and Password you entered was invalid. Please Try again.'; } } else { foreach($error_list as $error_message) { $status .= "$error_message<br />"; } } } ?> Code for admin index: <?php session_start(); if($_SESSION['logged_in'] != true) { header('Location: login.php'); } ?> Site is live at http://cocoafirstassembly.ipower.com/_admin/login.php

I am trying to create a section on my page that displays upcoming events. What is the quickest way to set up the table and have it pull only the dates that haven't passed yet? Thanks, Chris