Zagga

Hi minus84, As Petroz said, you can simply remove all of your session_register statements. When you say you are having trouble with the variable, could you be a bit more specific? Zagga

You are getting this error because you already have a function called "escape". Zagga

Hi treeleaf20, You can use the strstr() function to find the first occurrence of a string (inside a string), and use strrchr() to find the last occurrence. Use these functions before you do the rest of the replacing. Hope this helps. Zagga

Hi lqdmindz. You will find plenty of helpful information here and some very knowledgeable people if you get stuck with any particular issue. Zagga

Not quite. It seems to be sessions that are causing the confusion so I'll try and explain them a bit. On your website you need to protect some pages from being accessed by non members. The pages that need to be protected are member1.php, member2.php, member3.php etc. checklogin.php is where the session starts. Once you have checked that the login details are correct you can start the session and declare the session variables. session_start(); $_SESSION["loggedin"] = "Yes"; $_SESSION["myusername"] = $myusername; header("Location:" . strtolower($myusername) . ".php"); exit(); The first line starts the session. The second and third lines set the variables we need to carry as $_SESSION variables. The fourth line redirects to the members own page. The last line exits if the user has managed to circumvent the redirect. Now to protect the member pages. <?php session_start(); if(!isset($_SESSION['loggedin'])) { header('Location: index.php'); exit(); } elseif ($_SESSION['myusername'] . '.php' != basename($_SERVER['SCRIPT_FILENAME']) ) { header("Location:" . strtolower($_SESSION['myusername']) . ".php"); exit(); } ?> The first line starts the session again. The second, third and fourth lines redirect the user to index.php if they are not logged in. The last 3 lines redirect the user to their own member page if they try to access another members page. You also need to destroy the session when the user logs out so all the variable you have saved are destroyed with it. Your log out page can start with this code. <?php session_start(); session_destroy(); ?> main_login.php, sidebar.php and index.php aren't involved in the session at all so you don't need to include any of the code on those pages. Hope this helps Zagga

Hi itsmillertime65. I have commented the session code snippet so you can follow what it does a little better. if(!isset($_SESSION['loggedin'])) { // If the $_SESSION variable 'loggedin' is not set (the exclamation mark means NOT). header('Location: /login.php'); // Redirect to the login page. exit; // Exit the script if the user manages to avoid the redirect (so they can't access the rest of the page). } elseif ($_SESSION['myusername'] . '.php' != basename($_SERVER['SCRIPT_FILENAME']) ) { // Elseif the $_SESSION variable 'myusername' is not equal to the address of the page (if the address is not 'user1.php' or 'user2.php' etc) header("Location:" . strtolower($_SESSION['myusername']) . ".php"); // Redirect to the users page. exit; // Exit the script is the user has managed to avoid the redirect (so they can't access the rest of the page). } This piece of code is using 2 $_Session variables, so they must be declared in the login (or check login) page. Don't forget that you must declare the SESSION at the very top of any page that uses it, including checklogin.php. Hope this helps. Zagga

As DavidAM said, you must declare the session at the very top of your page. The code in your members page works fine so if you put the session check at the top, your code should look like this . . . <?php session_start(); if(!isset($_SESSION['loggedin'])) { header('Location: index.php'); // If they are not logged in send them to the login page exit; } elseif ($_SESSION['myusername'] . '.php' != basename($_SERVER['SCRIPT_FILENAME']) ) { // Logged in user attempting to view someone else's page header("Location:" . strtolower($_SESSION['myusername']) . ".php"); exit; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>Title</title> <link rel="stylesheet" href="styles.css" type="text/css" /> </head> <body> <div id="container"> <div id="shadowl"> </div> <div id="shadowr"> </div> <div id="wrapper"> <?php include ("sidebar.php"); ?> <div id="nav"> <ul class="homebtn"> <li class="home"><a href="index.php" class="selected" title="Home"><span class="displace">Home</span></a></li> </ul> <ul class="aboutbtn"> <li class="about"><a href="about.php" title="About Us"><span class="displace">About Us</span></a></li> </ul> <ul class="teambtn"> <li class="team"><a href="team.php" title="Team"><span class="displace">Team</span></a></li> </ul> <ul class="whybtn"> <li class="why"><a href="whypartner.php" title="Why Partner?"><span class="displace">Why Partner?</span></a></li> </ul> <ul class="entbtn"> <li class="entrepreneurs"><a href="forentrepreneurs.php" title="For Entrepreneurs"><span class="displace">For Entrepreneurs</span></a></li> </ul> </div> <div id="flash"> <img src="images/PlaceholderImage.jpg" /> </div> <div id="textarea" align="left"> <h1>Welcome Member 1</h1> <p>It, coterfeci sil vid in is hae adestem di cre fuistrae am num dius, sulicaete oca; nostrehente conclut orte virissi licatur acciptelica temus; notebus hos, que cepotia chuideporum fur. Anum mo esterem ditam perceps esulinum, num audeo ego urs hui in ideat diensus, vidinvere manum me quit; num nons considendum prari pl. Odienda chilic vis inte consultis, norit, cre no. Odienda chilic vis inte consultis, norit, cre no chilic vis.</p> <p>Timpliam et oc, Catumusque conlostimis? Nihiliq uonsil vivatquidit, teribus, quam. Sena, condactuus, ublistis. Ediendet; ne mactam cerfecr esimihilles publicu pimanditus imentique achilius it. Os cons la publis erfente scerimis istemus bondam nos se tam pari et publi, ses forbita opublicae culus, ta molto huconcl udertatam pracerem nos plicata vit, orsularis se nulostatus, atum, omaximus, Cas viri. Odienda chilic vis inte consultis.</p> <h1>Why Choose Us?</h1> <p>It, coterfeci sil vid in is hae adestem di cre fuistrae am num dius, sulicaete oca; nostrehente conclut orte virissi licatur acciptelica temus; notebus hos, que cepotia chuideporum fur. Anum mo esterem ditam perceps esulinum, num audeo ego urs hui in ideat diensus, vidinvere manum me quit; num nons considendum prari pl. Odienda chilic vis inte consultis, norit, cre no. Odienda chilic vis inte consultis, norit, cre no chilic vis.</p> </div> <div id="block" align="left"> <span class="hblock">Submit Business Plan</span> <p class="pblock">Trying to get your business off the ground? We can help. Learn how you can kick start your business today!</p> </div> <div id="blockbot" align="right"> <span class="subbtn"><a href="submitplan.php" title="Submit Your Business Plan">Submit</a></span> </div> <div id="block" align="left"> <span class="hblock">Download Business<br /> Plan Template</span> <p class="pblock">Download our business plan template to help you get started!</p> </div> <div id="blockbot" align="right"> <span class="dwnldbtn"><a href="submitplan.php" title="Submit Your Business Plan">Download</a></span> </div> </div> <div id="shadowb"> </div> </div> </body> </html> Zagga

It looks like this page isn't getting any variables POSTed to it. Are you sure the page that is sending the variables is using $_POST and not $_GET? Zagga

Hi itsmillertime65, If your code is redirecting to the users own pages correctly, it is probably something on the users page that isn't right. Try changing this session_register("myusername"); session_register("mypassword"); header("Location:" . strtolower($myusername) . ".php"); to this session_register("myusername"); session_register("mypassword"); $myusername = "http://www.phpfreaks.com/forums/index"; header("Location:" . strtolower($myusername) . ".php"); and run the page, it should redirect to phpfreaks. If you are redirected correctly, it is defiately a problem on the users page, and if you post that code we can have a look over it for you. Hope this helps Zagga

In your particular case, it's not about the scope of variables, rather the way you are trying to display them. Your best approach is . . . Zagga

Yes, that is where the exit statement should go. I wasn't aware that you could ignore redirects, so thanks for the heads up on that one too Zagga

If you use sessions to manage your users, you could add this to the very top of each page. <?php session_start(); if (!isset($_SESSION['username'])){ header("location:login.php"); } ?> It checks if there is a $_SESSION variable called 'username' and if there isn't, it redirects the user to login.php Zagga

If FaceSpace doesn't allow you to use the <body> tag, it probable means the <body> tag has already been opened before your code is added, and then closed after your code. If this is the case, you won't be able to edit the <head> tag either (as this comes before the body tag). Zagga

Are you sure the .css file is in the same directory as the page you are testing? Are you echoing <html> and <body> correctly as well? Zagga

Try putting your code inside the code goes here tags so we can read your code properly, and tell us what your are having problems with. Zagga