radar Posted May 8, 2008 Share Posted May 8, 2008 i am probably going a weird way about doing this.. but its the only way I could think of to ensure that someone HAD to be logged in before viewing any of the other pages... but in order to do that I also have to check and make sure that the username / password wasnt posted via the login form... The way it is setup right now, It will log me in and log me out but when it logs out it doesn't show me the login form again... Basically the way I have it checking now, is if the $_POST variables are set then try and run the login stuff... from there, if the session variable intime is less than the current time minus 1800 seconds.. then the last check is, if the session variable intime is totally blank.. Any clue by looking at the code, as to why it will log me in, log me out, but wont show the login form after i've logged out? <?php define('SMARTY_DIR', '../libs/'); require_once('../inc/aws.php'); $aws =& new AWS; // create the object if ($_POST['username'] != '' && $_POST['password'] != '') { $login = $aws->login_admin($_POST); if ($login == "true") { $aws->assign('errMsg', ''); $interface = "constructor.tpl"; } else { $interface = "login.tpl"; } } elseif ($_SESSION['admin']['intime'] != '') { if ($_SESSION['admin']['intime'] < time() - 1800) { $interface = "login.tpl"; $aws->assign('errMsg', 'ERROR: Session expired. Please login again'); } } elseif ($_SESSION['admin']['intime'] == '') { $interface = "login.tpl"; $aws->assign('errMsg', 'ERROR: You must be logged in before you can access the administration panel.'); } else { $interface = "constructor.tpl"; $_action = isset($_REQUEST['a']) ? $_REQUEST['a'] : ''; switch($_action) { default: echo 'default page'; #we'll show a default page here. break; case login: # lets get the administrator logged in. where d_id = 1 $login = $aws->login_admin($_POST); if ($login == "true") { $aws->assign('errMsg', ''); $interface = "constructor.tpl"; } else { $interface = "login.tpl"; } break; case logout: $interface = "login.tpl"; session_unset('admin'); $aws->assign('errMsg', 'You have been sucessfully logged out. Please login again'); break; # ALL ITEMS ABOVE HERE # } } $pg = 'Administration'; ///////////////////////////////////////////// $aws->assign('pgtitle',$pg); if ($page != "") { $content = "../templates/admin/".$page.".tpl"; $aws->assign('content',$content); } if ($interface != '') { $aws->display("../templates/admin/".$interface); } echo "<pre>SESSION:"; print_r($_SESSION); echo "<br>DATA:"; print_r($data); echo "</pre>"; ?> Quote Link to comment Share on other sites More sharing options...
phpretard Posted May 8, 2008 Share Posted May 8, 2008 This is straight from one of my pages and it owrks fine. Hope It Helps <? if(!isset($_SESSION['username'])){ echo" <div id='links'> <a $login href='?page=secure/main_login'>LogIn</a> ////////LOGIN IF THERE IS NO SESSION </div> "; } elseif(isset($_SESSION['username'])){ echo" <div id='links'> <a href='?page=$page&action=logout'>Logout</a> ////////LOGOUT IF THERE IS A SESSION </div> "; } Quote Link to comment Share on other sites More sharing options...
radar Posted May 8, 2008 Author Share Posted May 8, 2008 Your code didnt really help me much, but I started taking a look at my code a little bit.. and I realized that I had a major flaw in my code so I recoded it all. Basically, my function already checked if the username and password fields are empty or not so doing it in the index.php file was redundant and needs not be done.. BUT there had to be a way to only run the 2 if statements regarding the $_SESSION['admin']['intime'] as being blank or time() - 1800 when the user isnt logging in, or logging out... and so I re-wrote it, and here is the upgraded code.. note that now you see that $_action = isset($_REQUEST['a']) ? $_REQUEST['a'] : ''; is above everything after the object has been created. this allows me to refer to what is in the address bar. so basically, if the action is not login and its not logout.. if it does equal one of the two, then let the user bypass and go directly into the switch BUT if they have say a=orders without being logged in, it won't allow them to view that page. <?php $login = ''; define('SMARTY_DIR', '../libs/'); require_once('../inc/aws.php'); $aws =& new AWS; // create the object $_action = isset($_REQUEST['a']) ? $_REQUEST['a'] : ''; if ($_action != 'logout' && $_action != 'login') { if (!isset($_SESSION['admin']['intime'])) { $interface = 'login.tpl'; $aws->assign('errMsg', 'ERROR: You must be logged in, in order to access the administration panel'); } elseif ($_SESSION['admin']['intime'] < time() - 1800) { $interface = 'login.tpl'; $aws->assign('errMsg', 'ERROR: Session expired. Please login again.'); } } else { $interface = "constructor.tpl"; switch($_action) { default: echo 'default page'; #we'll show a default page here. break; case login: # lets get the administrator logged in. where d_id = 1 $login = $aws->login_admin($_POST); if ($login == "true") { $aws->assign('errMsg', ''); $interface = "constructor.tpl"; } else { $interface = "login.tpl"; } break; case logout: $log = '1'; $interface = "login.tpl"; session_unset('admin'); $aws->assign('errMsg', 'You have been sucessfully logged out. Please login again'); break; # ALL ITEMS ABOVE HERE # } } $pg = 'Amplified Web Services: Administration'; ///////////////////////////////////////////// $aws->assign('pgtitle',$pg); if ($page != "") { $content = "../templates/admin/".$page.".tpl"; $aws->assign('content',$content); } if ($interface != '') { $aws->display("../templates/admin/".$interface); } echo "<pre>SESSION:"; print_r($_SESSION); echo "<br>DATA:"; print_r($data); echo "</pre>"; ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.