php login

[dezkit]

is there a way so i can make that so if the person isn't logged in in index.php, they can't view the page.

 

here is the code

<?php
$username = "lemon";
$password = "lemon";
if ($_POST['txtUsername'] != $username || $_POST['txtPassword'] != $password) {
?>
<form name="login" method="post" action="<?=$_SERVER['PHP_SELF']; ?>">
<table>
<tr><td>Username:
<td><input type="text" title="Enter your Username" name="txtUsername" />
<tr><td>Password:
<td><input type="password" title="Enter your password" name="txtPassword" />
<tr><td colspan=2 align=right><input type="submit" name="Submit" value="Login" />
</table>
</form>
<?php
}
else {
?>

<?php 
echo "Hello ";
echo "$username";
echo ".<br>You will be redirected to the admin page in a couple of seconds...";
?>

<META http-equiv="refresh" content="2;URL=http://www.elementgaming.org/admin/">
<?php
}
?> 

[/code

[DeanWhitehouse]

create a session when they login, then check for the session on the index.page and if its there display it if it isn't display something else

[dezkit]

help me out brah?

[DeanWhitehouse]

ok,

at the top of everypage put session_start();

 

put this on the login page for when they login

$_SESSION['logged_in] = true;

 

then on the index page put

if ($_SESSION['logged_in] == true)

{

// what ever the index page is

}

else

{

//what ever if there not logged in

}

 

[dezkit]

i'll try it when i get home from the gym, thanks for the reply bro

[dezkit]

alright, i didn't go to the gym, it was closed, any who...

this is the code that i got (it doesn't work)

<?php
$username = "lemon";
$password = "alexj";
if ($_POST['txtUsername'] != $username || $_POST['txtPassword'] != $password) {
?>
<form name="login" method="post" action="<?=$_SERVER['PHP_SELF']; ?>">
<table>
<tr><td>Username:
<td><input type="text" title="Enter your Username" name="txtUsername" />
<tr><td>Password:
<td><input type="password" title="Enter your password" name="txtPassword" />
<tr><td colspan=2 align=right><input type="submit" name="Submit" value="Login" />
</table>
</form>
<?php
}
else {
?>

<?php
session_start();
$_SESSION['element_gaming_logged_in'] = true;
echo "Hello ";
echo "$username";
echo ".<br>You will be redirected to the admin page in a couple of seconds...";
?>

<META http-equiv="refresh" content="2;URL=http://www.elementgaming.org/admin/">
<?php
}
?>

[dezkit]

this is the error code, Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/elementg/public_html/site/index.php:7) in /home/elementg/public_html/site/index.php on line 114

 

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/elementg/public_html/site/index.php:7) in /home/elementg/public_html/site/index.php on line 114

 

line 114 is session_start();

[DarkWater]

session_start(); should be like, the first line below <?php.

[DeanWhitehouse]

session_start();

has to be at the very top of the page, the first thing after

<?php

[dezkit]

okay, thanks!

but, now, whenever i get into /admin/ it says i am not logged in.

 

this is my code

<?php
if ($_SESSION['logged_in'] == true){
?>
You are logged in.
<?php
}
else
{
?>
You are not logged in.
<?php
}
?>

[DeanWhitehouse]

are you starting the session in the login script for when they login

[dezkit]

i want the session to start AFTER they login.

 

index.php

<?php
$username = "lemon";
$password = "123";
if ($_POST['txtUsername'] != $username || $_POST['txtPassword'] != $password) {
?>
<form name="login" method="post" action="<?=$_SERVER['PHP_SELF']; ?>">
<table>
<tr><td>Username:
<td><input type="text" title="Enter your Username" name="txtUsername" />
<tr><td>Password:
<td><input type="password" title="Enter your password" name="txtPassword" />
<tr><td colspan=2 align=right><input type="submit" name="Submit" value="Login" />
</table>
</form>
<?php
}
else {
?>

<?php
session_start();
$_SESSION['logged_in'] = true;
echo "Hello ";
echo "$username";
echo ".<br>You will be redirected to the admin page in a couple of seconds...";
?>

<META http-equiv="refresh" content="2;URL=http://www.elementgaming.org/site/admin/">
<?php
}
?>

 

/admin/index.php

<?php


if ($_SESSION['logged_in'] == true){
?>
You are logged in.
<?php
}
else
{
?>
You are not logged in.
<?php
}
?>

[DarkWater]

You need session_start() on the next page too.

[DeanWhitehouse]

try this and tell me what it says.

<?php


if ($_SESSION['logged_in'] == true){
?>
You are logged in.
<?php
}
elseif($_SESSION['logged_in'] == false)
{
?>
You are not logged in.
<?php
}
?>

 

[dezkit]

still doesn't work.

[DeanWhitehouse]

is there a error?

[DarkWater]

Did you add session_start();? T.T

[dezkit]

i get no error messaged and yeah i have session_start();

 

index.php

<?php
$username = "lemon";
$password = "123";
if ($_POST['txtUsername'] != $username || $_POST['txtPassword'] != $password) {
?>
<form name="login" method="post" action="<?=$_SERVER['PHP_SELF']; ?>">
<table>
<tr><td>Username:
<td><input type="text" title="Enter your Username" name="txtUsername" />
<tr><td>Password:
<td><input type="password" title="Enter your password" name="txtPassword" />
<tr><td colspan=2 align=right><input type="submit" name="Submit" value="Login" />
</table>
</form>
<?php
}
else {
?>

<?php

session_start();
$_SESSION['logged_in'] = yes;

echo "Hello ";
echo "$username";
echo ".<br>You will be redirected to the admin page in a couple of seconds...";

?>

<META http-equiv="refresh" content="2;URL=/admin/">
<?php
}
?> 

 

 

/admin/index.php

<?php
session_start();
if ($_SESSION['logged_in'] == yes){
?>
You are logged in.
<?php
}
else
{
?>
You are not logged in.
<?php
}
?>

[DarkWater]

Is that EXACTLY what you have?  If it is, change these:

$_SESSION['logged_in'] = "yes";

 

And:

if ($_SESSION['logged_in'] == "yes") {

 

 

Although PHP is loose with types, it's better to make them strings specifically.

[DeanWhitehouse]

try this

<?php
session_start();
if ($_SESSION['logged_in'] == true){
echo "You are logged in.";
}
else 
{
echo "You are not logged in.";
}
?>

and this

<?php
session_start();
$username = "lemon";
$password = "123";
if ($_POST['txtUsername'] != $username || $_POST['txtPassword'] != $password) {
?>
<form name="login" method="post" action="<?=$_SERVER['PHP_SELF']; ?>">
<table>
<tr><td>Username:
<td><input type="text" title="Enter your Username" name="txtUsername" />
<tr><td>Password:
<td><input type="password" title="Enter your password" name="txtPassword" />
<tr><td colspan=2 align=right><input type="submit" name="Submit" value="Login" />
</table>
</form>
<?php
}
else {


$_SESSION['logged_in'] == true;

echo "Hello ";
echo "$username";
echo ".<br>You will be redirected to the admin page in a couple of seconds...";

?>
<META http-equiv="refresh" content="2;URL=/admin/">
<?php
}
?> 

[dezkit]

THAT WORKED! THANKS BLADE and DARKWATER! 

 

now... haha

 

whats the code to "log out"

[DeanWhitehouse]

session_unset();

session_destroy();

logout

[dezkit]

I tried that, but it says

 

Warning: session_destroy() [function.session-destroy]: Trying to destroy uninitialized session in /home/elementg/public_html/site/admin/logout.php on line 3

[DeanWhitehouse]

soz, add session_start() at the beggining of it