zepher2 Posted April 12, 2008 Share Posted April 12, 2008 I am trying to make a login script to protect certain files on my website. I have installed code from an online tutorial: the first file (login.php) takes the user input, checks it against a password in my database and if all is okay is supposed to generate a session variable: this is the code for that file: <?php $host="mysql1.atlantic.net"; // Host name $dbusername="aarda"; // Mysql username $dbpassword="******"; // Mysql password $db_name="******"; // Database name $tbl="members"; // Table name // This connects to server and then selects the members databse. mysql_connect("$host", "$dbusername", "$dbpassword")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Assign the username and password from the form to variables. $username=$_POST['username']; $password=$_POST['password']; $sql="SELECT * FROM $tbl WHERE username='$username' and password='$password'"; $result=mysql_query($sql); // This counts to see how many rows were found, there should be no more than 1 $count=mysql_num_rows($result); // If result matched $username and $password, table row must be 1 if($count==1){ // Register $username, $password and send the user to the file "login_success.php" session_start(); session_register("username"); session_register("password"); header("location:login_success.php"); } else { echo "Wrong Username or Password"; } ?> It calls another php file called login_success.php which is supposed to be a test to see if the session is working: its code is: <? session_start(); if(!session_is_registered(myusername)){ header("location:notloggedin.php"); } ?> <html> <body> Login Successful - and click button to load first page. </body> </html> my problem is that when I run the system all appears okay, except I get directed to the notloggedin.php page instead of seeing the Login Successful text. So, it looks like the session was never created. I have very little understanding of sessions and any help would be appreciated. Thanks in advance. Quote Link to comment Share on other sites More sharing options...
unidox Posted April 12, 2008 Share Posted April 12, 2008 Try moving session_start() to the top of the login script. Quote Link to comment Share on other sites More sharing options...
poleposters Posted April 12, 2008 Share Posted April 12, 2008 Read about session_register here http://www.php.net/session_register I think it only works under certain conditions You could just do this though $sql="SELECT * FROM $tbl WHERE username='$username' and password='$password'"; $result=mysql_query($sql); $count=mysql_num_rows($result); if($count==1){ $row=mysql_fetch_array($result) $_SESSION['username] = $row['username']; $_SESSION['password'] = $row['password']; Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.