mjgdunne Posted April 29, 2008 Share Posted April 29, 2008 Hi i have a login page and i am using the following code to start the session if login is correct, now i need to put some authentication on the page below, any help would be great im new to php, thanks. ??? <?php session_start(); if(!session_is_registered(myusername)){ header("location:main_login.html"); } ?> <html> <head> <title>Car Rentals & Returns</title> <meta http-equiv="Content-Type" content="text/html" /> <link href="style2.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="wrapper3"> <img src="images/cars.jpg" width="996" height="100"></a> <TABLE BGCOLOR="#F0F8FF" BORDER=0 CELLPADDING=10 WIDTH=100%> <tr> <td align="center"> <H1>Main Menu Administrator</H1> </td> </table> <TABLE BGCOLOR="#F0F8FF" BORDER=0 CELLPADDING=10 WIDTH=100%> <tr> <TD ALIGN=CENTER VALIGN=TOP WIDTH=50> </TD> <TD ALIGN=LEFT VALIGN=TOP WIDTH=83%> </TABLE> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="addnewuser.html"> <input type="submit" class="mybutton" value="Add new employee"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="search_emp.html"> <input type="submit" value="Search for employee" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="customer_2.html"> <input type="submit" value="Add new customer" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="search2.html"> <input type="submit" value="Search for customer" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="load.html"> <input type="submit" value="Add new car" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="car.html"> <input type="submit" value="Search for car" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="Logout.php"> <input type="submit" value="Logout" class="mybutton"/><BR><BR><BR></TD> </tr> </form> </table> </td> </form> </tr> </table> </BODY> </HTML> Link to comment https://forums.phpfreaks.com/topic/103425-solved-help-with-session/ Share on other sites More sharing options...
947740 Posted April 29, 2008 Share Posted April 29, 2008 If you want authentication, you need a database with user passwords, info, etc. You would then compare the password with the one in the database. With the password storage, I would use md5() to encrypt the passwords so they are not plain text in the database. You then use md5() on the password entered by the user and compare it to the one in the database (along with the username they enter). Do you want it broken down to the specifics? Link to comment https://forums.phpfreaks.com/topic/103425-solved-help-with-session/#findComment-529620 Share on other sites More sharing options...
mjgdunne Posted April 29, 2008 Author Share Posted April 29, 2008 Hi sorry my explaination was not great, i have a database set up with users who login with user name and password and when the user logs in i am sending the user to the page that i posted, i have it saved as login_success.php, any help would be great. Link to comment https://forums.phpfreaks.com/topic/103425-solved-help-with-session/#findComment-529626 Share on other sites More sharing options...
947740 Posted April 29, 2008 Share Posted April 29, 2008 So, all you want to do is figure out how to log them in? Link to comment https://forums.phpfreaks.com/topic/103425-solved-help-with-session/#findComment-529630 Share on other sites More sharing options...
mjgdunne Posted April 29, 2008 Author Share Posted April 29, 2008 No i have them logged in, my problem is anybody can view the page that i attached if they have the link, can i use sessions to reject people who are not logged in? ??? Link to comment https://forums.phpfreaks.com/topic/103425-solved-help-with-session/#findComment-529636 Share on other sites More sharing options...
947740 Posted April 29, 2008 Share Posted April 29, 2008 Yes. When they login, set $_SESSION['loggedin'] = "true". On all pages dependent on logins, use: if($_SESSION['loggedin'] != "true") { header("Location: homefile.php"); } else { // User dependent info here } Link to comment https://forums.phpfreaks.com/topic/103425-solved-help-with-session/#findComment-529638 Share on other sites More sharing options...
mjgdunne Posted April 29, 2008 Author Share Posted April 29, 2008 Thanks, i added the code as below: The document is saved as login_success.php, do i need to add something else to wrap the php onto the html? <?php if($_SESSION['loggedin'] != "true") { header("Location: main_login.html"); } else { <html> <head> <title>Car Rentals & Returns</title> <meta http-equiv="Content-Type" content="text/html" /> <link href="style2.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="wrapper3"> <img src="images/cars.jpg" width="996" height="100"></a> <TABLE BGCOLOR="#F0F8FF" BORDER=0 CELLPADDING=10 WIDTH=100%> <tr> <td align="center"> <H1>Main Menu Administrator</H1> </td> </table> <TABLE BGCOLOR="#F0F8FF" BORDER=0 CELLPADDING=10 WIDTH=100%> <tr> <TD ALIGN=CENTER VALIGN=TOP WIDTH=50> </TD> <TD ALIGN=LEFT VALIGN=TOP WIDTH=83%> </TABLE> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="addnewuser.html"> <input type="submit" class="mybutton" value="Add new employee"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="search_emp.html"> <input type="submit" value="Search for employee" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="customer_2.html"> <input type="submit" value="Add new customer" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="search2.html"> <input type="submit" value="Search for customer" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="load.html"> <input type="submit" value="Add new car" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="car.html"> <input type="submit" value="Search for car" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="Logout.php"> <input type="submit" value="Logout" class="mybutton"/><BR><BR><BR></TD> </tr> </form> </table> </td> </form> </tr> </table> </BODY> </HTML> } ?> Link to comment https://forums.phpfreaks.com/topic/103425-solved-help-with-session/#findComment-529658 Share on other sites More sharing options...
947740 Posted April 29, 2008 Share Posted April 29, 2008 To output the html correctly, do this: <?php if($_SESSION['loggedin'] != "true") { header("Location: main_login.html"); } else { ?> <html> <head> <title>Car Rentals & Returns</title> <meta http-equiv="Content-Type" content="text/html" /> <link href="style2.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="wrapper3"> <img src="images/cars.jpg" width="996" height="100"></a> <TABLE BGCOLOR="#F0F8FF" BORDER=0 CELLPADDING=10 WIDTH=100%> <tr> <td align="center"> <H1>Main Menu Administrator</H1> </td> </table> <TABLE BGCOLOR="#F0F8FF" BORDER=0 CELLPADDING=10 WIDTH=100%> <tr> <TD ALIGN=CENTER VALIGN=TOP WIDTH=50> </TD> <TD ALIGN=LEFT VALIGN=TOP WIDTH=83%> </TABLE> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="addnewuser.html"> <input type="submit" class="mybutton" value="Add new employee"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="search_emp.html"> <input type="submit" value="Search for employee" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="customer_2.html"> <input type="submit" value="Add new customer" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="search2.html"> <input type="submit" value="Search for customer" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="load.html"> <input type="submit" value="Add new car" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="car.html"> <input type="submit" value="Search for car" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="Logout.php"> <input type="submit" value="Logout" class="mybutton"/><BR><BR><BR></TD> </tr> </form> </table> </td> </form> </tr> </table> </BODY> </HTML> <?php } ?> Link to comment https://forums.phpfreaks.com/topic/103425-solved-help-with-session/#findComment-529738 Share on other sites More sharing options...
mjgdunne Posted April 29, 2008 Author Share Posted April 29, 2008 Hi i changed that code, here is my checklogin script maybe i have done something wrong here: Thanks for your help. <?php session_start(); ini_set( 'display_errors', '1' ); error_reporting ( 2047 ); $host="localhost"; // Host name $username="root"; // Mysql username $password="root"; // Mysql password $db_name="test"; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "root", "root")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from signup form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result = mysql_query($sql); if($result === false){ exit('db error: ' . mysql_error()); } // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // assign $_SESSION variables: $myusername, $mypassword and redirect to file "login_success.php" $valuesLogin = mysql_fetch_array($result); $mylevel = $valuesLogin['level']; $_SESSION['myusername'] = $myusername; $_SESSION['mypassword'] = $mypassword; if($mylevel == 1){ $_SESSION['loggedin'] = "true"; header('Location: login_success.php'); } elseif($mylevel == 2){ $_SESSION['loggedin'] = "true"; header('Location: login_success2.php'); } else{ $_SESSION['loggedin'] = "true"; header('Location: login_success3.php'); } } else { header("location:login_failure.php"); // echo "Wrong Username or Password"; } exit(); ?> Link to comment https://forums.phpfreaks.com/topic/103425-solved-help-with-session/#findComment-529749 Share on other sites More sharing options...
947740 Posted April 29, 2008 Share Posted April 29, 2008 Move the $_SESSION['loggedin'] = "true" to right after the if($count==1) { statement, along with the other session variables. Link to comment https://forums.phpfreaks.com/topic/103425-solved-help-with-session/#findComment-529753 Share on other sites More sharing options...
mjgdunne Posted April 29, 2008 Author Share Posted April 29, 2008 Hi thanks, it does block the page and redirect to the login page, only problem is that it doesnt allow me to log in at all now. Here is where i placed the code, maybe i got it wrong: if($count==1){ // assign $_SESSION variables: $myusername, $mypassword and redirect to file "login_success.php" $valuesLogin = mysql_fetch_array($result); $mylevel = $valuesLogin['level']; $_SESSION['loggedin'] = "true"; $_SESSION['myusername'] = $myusername; $_SESSION['mypassword'] = $mypassword; if($mylevel == 1){ header('Location: login_success.php'); } elseif($mylevel == 2){ header('Location: login_success2.php'); } else{ header('Location: login_success3.php'); } } else { header("location:login_failure.php"); // echo "Wrong Username or Password"; } exit(); ?> Link to comment https://forums.phpfreaks.com/topic/103425-solved-help-with-session/#findComment-529764 Share on other sites More sharing options...
947740 Posted April 29, 2008 Share Posted April 29, 2008 Use this instead of the previous code (you have to start the session to check the variable): <?php session_start(); if($_SESSION['loggedin'] != "true") { header("Location: main_login.html"); } else { ?> <html> <head> <title>Car Rentals & Returns</title> <meta http-equiv="Content-Type" content="text/html" /> <link href="style2.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="wrapper3"> <img src="images/cars.jpg" width="996" height="100"></a> <TABLE BGCOLOR="#F0F8FF" BORDER=0 CELLPADDING=10 WIDTH=100%> <tr> <td align="center"> <H1>Main Menu Administrator</H1> </td> </table> <TABLE BGCOLOR="#F0F8FF" BORDER=0 CELLPADDING=10 WIDTH=100%> <tr> <TD ALIGN=CENTER VALIGN=TOP WIDTH=50> </TD> <TD ALIGN=LEFT VALIGN=TOP WIDTH=83%> </TABLE> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="addnewuser.html"> <input type="submit" class="mybutton" value="Add new employee"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="search_emp.html"> <input type="submit" value="Search for employee" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="customer_2.html"> <input type="submit" value="Add new customer" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="search2.html"> <input type="submit" value="Search for customer" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="load.html"> <input type="submit" value="Add new car" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="car.html"> <input type="submit" value="Search for car" class="mybutton"/></TD> </tr> </form></table> <TABLE BGCOLOR="#F0F8FF" WIDTH=100%> <TR><TD ALIGN="center"> <form method="post" action="Logout.php"> <input type="submit" value="Logout" class="mybutton"/><BR><BR><BR></TD> </tr> </form> </table> </td> </form> </tr> </table> </BODY> </HTML> <?php } ?> Link to comment https://forums.phpfreaks.com/topic/103425-solved-help-with-session/#findComment-529767 Share on other sites More sharing options...
mjgdunne Posted April 29, 2008 Author Share Posted April 29, 2008 Thanks, that allows me to log in now, except if i place the link in the browser it still brings me to the page. Link to comment https://forums.phpfreaks.com/topic/103425-solved-help-with-session/#findComment-529776 Share on other sites More sharing options...
947740 Posted April 29, 2008 Share Posted April 29, 2008 What link are you talking about? Link to comment https://forums.phpfreaks.com/topic/103425-solved-help-with-session/#findComment-529778 Share on other sites More sharing options...
mjgdunne Posted April 29, 2008 Author Share Posted April 29, 2008 Like if i have the link to the page that i want to view, it still allows me to see it. Link to comment https://forums.phpfreaks.com/topic/103425-solved-help-with-session/#findComment-529781 Share on other sites More sharing options...
947740 Posted April 29, 2008 Share Posted April 29, 2008 Are you saying if you have a link to a page you need to be logged into it allows you to go there even if you are logged out? If so, in your logout script do a session_destroy(); to destroy the session. If you still need some session info, just reset $_SESSION['loggedin'] = "false";. Link to comment https://forums.phpfreaks.com/topic/103425-solved-help-with-session/#findComment-529785 Share on other sites More sharing options...
mjgdunne Posted April 29, 2008 Author Share Posted April 29, 2008 Sorry i hadnt killed the session, it works now. Thanks for your help. Link to comment https://forums.phpfreaks.com/topic/103425-solved-help-with-session/#findComment-529786 Share on other sites More sharing options...
947740 Posted April 29, 2008 Share Posted April 29, 2008 You are very welcome. Link to comment https://forums.phpfreaks.com/topic/103425-solved-help-with-session/#findComment-529791 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.