shruti Posted July 29, 2008 Share Posted July 29, 2008 Hello All, I am a new member. I have a small website. I am in process of learning PHP and making something. I have made php login and registration and a home page. But the problem here is that if you bookmark the homepage then anyone can see details without login. What can I include on each page so that no one can enter my pages unless they login?? My login code is here: <?php $host = "localhost"; $user = "sssi"; $pass = "sss"; $dbname = "xxx"; $connection = mysql_connect("localhost", "root", "") or die("Cannot connect to MySQL server: " . mysql_error()); $db_selected = mysql_select_db('xxx', $connection); session_start(); $username = $_POST['username']; $password = ($_POST['password']); $query = "select * from users where username = '$username' and password = '$password'"; $result = mysql_query($query); if (mysql_num_rows($result) != 1) { $error = "Bad Login"; include "login.html"; } else { $_SESSION['username'] = "$username"; header("location:main.html"); } ?> Please help me with code.....what do i do? Link to comment https://forums.phpfreaks.com/topic/117167-solved-how-to-avoid-entry-in-website-without-login/ Share on other sites More sharing options...
ignace Posted July 29, 2008 Share Posted July 29, 2008 when they login you set a certain value in your _SESSION variable, you check on an authorized page if that value is set, if not then redirect to the login form Link to comment https://forums.phpfreaks.com/topic/117167-solved-how-to-avoid-entry-in-website-without-login/#findComment-602640 Share on other sites More sharing options...
revraz Posted July 29, 2008 Share Posted July 29, 2008 Check $_SESSION['username'] on each page you want protected or set a new $_SESSION variable like 'loggedin' and check that. Link to comment https://forums.phpfreaks.com/topic/117167-solved-how-to-avoid-entry-in-website-without-login/#findComment-602642 Share on other sites More sharing options...
samshel Posted July 29, 2008 Share Posted July 29, 2008 session_start(); should always be at the start of your code.. Link to comment https://forums.phpfreaks.com/topic/117167-solved-how-to-avoid-entry-in-website-without-login/#findComment-602648 Share on other sites More sharing options...
shruti Posted July 29, 2008 Author Share Posted July 29, 2008 I am a newbie to PHP. can you help me with precisely. What and where to put session???? Sorry but please help me Link to comment https://forums.phpfreaks.com/topic/117167-solved-how-to-avoid-entry-in-website-without-login/#findComment-602663 Share on other sites More sharing options...
revraz Posted July 29, 2008 Share Posted July 29, 2008 Google "session tutorial php" and you should get a few examples of how to work with sessions. Link to comment https://forums.phpfreaks.com/topic/117167-solved-how-to-avoid-entry-in-website-without-login/#findComment-602665 Share on other sites More sharing options...
samshel Posted July 29, 2008 Share Posted July 29, 2008 login.php <?php session_start(); $host = "localhost"; $user = "sssi"; $pass = "sss"; $dbname = "xxx"; $connection = mysql_connect("localhost", "root", "") or die("Cannot connect to MySQL server: " . mysql_error()); $db_selected = mysql_select_db('xxx', $connection); $username = $_POST['username']; $password = ($_POST['password']); $query = "select * from users where username = '$username' and password = '$password'"; $result = mysql_query($query); if (mysql_num_rows($result) != 1) { $error = "Bad Login"; include "login.html"; } else { $_SESSION['username'] = $username; header("location:main.html"); } ?> homepage.php <?php session_start(); if(!isset($_SESSION['username'])) { include "login.html";exit; } //rest of home page code.... ?> Link to comment https://forums.phpfreaks.com/topic/117167-solved-how-to-avoid-entry-in-website-without-login/#findComment-602668 Share on other sites More sharing options...
TempleDMDKrazd Posted July 29, 2008 Share Posted July 29, 2008 Hello All, I am a new member. I have a small website. I am in process of learning PHP and making something. I have made php login and registration and a home page. But the problem here is that if you bookmark the homepage then anyone can see details without login. What can I include on each page so that no one can enter my pages unless they login?? My login code is here: <?php $host = "localhost"; $user = "sssi"; $pass = "sss"; $dbname = "xxx"; $connection = mysql_connect("localhost", "root", "") or die("Cannot connect to MySQL server: " . mysql_error()); $db_selected = mysql_select_db('xxx', $connection); session_start(); $username = $_POST['username']; $password = ($_POST['password']); $query = "select * from users where username = '$username' and password = '$password'"; $result = mysql_query($query); if (mysql_num_rows($result) != 1) { $error = "Bad Login"; include "login.html"; } else { $_SESSION['username'] = "$username"; header("location:main.html"); } ?> Please help me with code.....what do i do? because your homepage is not protected!! change to the following: header("Location: main.php"); then in main.php have the following code session_start(); if(!isset($_SESSION['username'])) { //they bookmarked the page and didnt use the standard login //redirects them to login page header("Location: login.html"); exit; } else { //success!!! they logged in and have started a previous session } Link to comment https://forums.phpfreaks.com/topic/117167-solved-how-to-avoid-entry-in-website-without-login/#findComment-602669 Share on other sites More sharing options...
shruti Posted July 29, 2008 Author Share Posted July 29, 2008 It redirects me to the Login page but also give this error: Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\WAMP\www\tmetrix\try.php:12) in C:\WAMP\www\tmetrix\try.php on line 160 Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at C:\WAMP\www\tmetrix\try.php:12) in C:\WAMP\www\tmetrix\try.php on line 160 What should i do????? Link to comment https://forums.phpfreaks.com/topic/117167-solved-how-to-avoid-entry-in-website-without-login/#findComment-602684 Share on other sites More sharing options...
d.shankar Posted July 29, 2008 Share Posted July 29, 2008 Where is your try.php code ? Link to comment https://forums.phpfreaks.com/topic/117167-solved-how-to-avoid-entry-in-website-without-login/#findComment-602795 Share on other sites More sharing options...
shruti Posted July 29, 2008 Author Share Posted July 29, 2008 thanks all..... I was able to do it Link to comment https://forums.phpfreaks.com/topic/117167-solved-how-to-avoid-entry-in-website-without-login/#findComment-602824 Share on other sites More sharing options...
d.shankar Posted July 29, 2008 Share Posted July 29, 2008 Please click "Topic Solved" button. Link to comment https://forums.phpfreaks.com/topic/117167-solved-how-to-avoid-entry-in-website-without-login/#findComment-602826 Share on other sites More sharing options...
shruti Posted July 29, 2008 Author Share Posted July 29, 2008 thanks.....I clicked Resolved!! I am new so................ I have more problems in PHP HELP.... please help Link to comment https://forums.phpfreaks.com/topic/117167-solved-how-to-avoid-entry-in-website-without-login/#findComment-602846 Share on other sites More sharing options...
d.shankar Posted July 29, 2008 Share Posted July 29, 2008 Try posting it ! Link to comment https://forums.phpfreaks.com/topic/117167-solved-how-to-avoid-entry-in-website-without-login/#findComment-602847 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.