adunazon

I have a site in which I am using php / MySQL to create secure sessions for my users. The site is being hosted by powweb who offers forums and calendar apps, both of which my customer wants to utilize. I am looking for a way to forward / link the general site security to these apps. Specifically, once a user logs into the website, I want to be able to forward their credentials to both/either the forums and calendar to allow them to use those without requiring additional logins. The forum is a simpleMachines forum, and the calendar is WebCalendar Free. I am posting here in the SQL thread because I'd like a way to utilize the db I've set up for the initial logon. thanks.

Ah, one more question if anyone is still listening... Is there an argument for using the require() as opposed to just putting the short PHP script into the top of each individual document?

Turns out the issue was because I had a semicolon at the end of my if() line. Silly me, and thank you for your help, PFMaBiSmAd. Also I was able to correct all my issues by renaming my html files to php. I hadn't realized that you could write .php as standard html files. This is excellent news! Thank you for supporting this irregular newbie.

Can't figure out how to edit my original post so I will thank you for the correction, however it does not address my problem. Specifically, why would if(mysql_num_rows($result)!==0); always return true even when using incorrect login credentials?

Hi PHP freaks, I'm returning to the webpage building community after a 10-year hiatus and have returned to find many new and delicious toys to play with, tastiest of all being PHP. I'm trying to build a minimal security site with PHP/MySQL login as well as a simple PHP require using sessions to secure each page. I've based the script around a 'security by obscurity' script written by blackmouth, which worked wonderfully. However, once I added and tried implementing the page security via sessions, the entire script broke down and now forwards to the secure page even without proper login credentials. Given that I am completely uneducated in the area of PHP, I'm hoping there is a simple resolution eluding me that is obvious to a master of the art. Here are the pieces of my PHP puzzle. my login script, again, working as intended until I entered in the session pieces: <?php $username = md5($_POST["username"]); $passwd = md5($_POST["pass"]); $handle = mysql_connect("my.sql.db","sqladmin","admin"); mysql_select_db("users",$handle); $query = "SELECT r34ln4m3 FROM 1nside0ut WHERE md5(l0gn4m3)='$username' AND entryw41='$passwd'"; $result = mysql_query($query,$handle); if(mysql_num_rows($result)!==0); { session_start(); $_SESSION['auth'] = 1; $_SESSION['name'] = $list; header('Location: index1.htm'); } alert('Incorrect username or password!'); header('Location: index.html'); ?> That is intended to create a session which is then required by each page via: <?php require("userauth.php"); ?> <!DOCTYPE html PUBLIC... And that file is: <?php if($_SESSION["auth"]!==1); { header('Location: index.html'); } ?> Again I'm only a couple weeks into learning PHP so please, be gentle if my mistake is an elementary one. Thanks in advance for taking the time to read through my issue. cheers.