Jump to content

[SOLVED] if (isset... statement not working

rnintulsa

By rnintulsa
in PHP Coding Help

 Share

Recommended Posts

rnintulsa Member

rnintulsa

Posted
Posted

My login script needs to allow 5 companies to login and then be redirected to their personal page.

So far I am working with 3 of the companies: orion, primetech and southern.

 

This is the login check page:

<?php
session_start( );
error_reporting(E_ALL);
ini_set ("display_errors", "1");

// if username and password are set and not empty then proceed with the rest of the process
if( isset( $_POST[ 'username' ] ) && isset( $_POST[ 'company' ] ) && $_POST[ 'username' ] != '' && $_POST[ 'company' ] != '' )
{		
$link = mysql_connect( 'host', 'username', 'password' );

$db_selected = mysql_select_db('dbname', $link);

$username = mysql_real_escape_string($_POST['username'], $link);
$company = mysql_real_escape_string($_POST['company'], $link);

if (!$db_selected) 
{
	echo"Connection to the database failed. Please try again later." ;			
	exit;
}

$results = mysql_query("select * from access where username='" . $username . "' and company = '" . $company . "'" ,$link ) or die(mysql_error());
$num_rows = mysql_num_rows($results);


//greater than zero		
if( $num_rows  > 0 )
{

	$_SESSION['username'] = $username;  
	//redirect
	$data = mysql_fetch_array($results);

	header("Location: {$data['company']}.php"); 		
}
else
{
	header("Location: login_error.htm");

}

}
?>

 

 

On the individual company pages my code first starts the session:

<?php 
session_start( ); 
error_reporting(E_ALL);
ini_set ("display_errors", "1");
?>

 

And then on the individual company pages after the html begins I have this:

<div id="center_column">
					<?php					

					if (isset($_SESSION['username']) && $_SESSION['company'] == "southern") 
					{ 
					echo'<br /><br /><br />';
					echo '<p>You are logged in as '.$_SESSION['username'].'</p>'; 

					echo'<a href="#nogo">Project</a><br><br>';
					echo'<a href="#nogo">Links</a><br><br>';
					echo'<a href="#nogo">Will</a><br><br>';
					echo'<a href="#nogo">Go</a><br><br>';
					echo'<a href="#nogo">Here</a><br><br><br><br>';
					} 
					else 
					{ 
					echo '<p>You are not logged in.</p>'; 
					echo '<p>Only logged in members may visit these pages.</p>'; 
					echo '<p><a href="login_access.php">Client login Page</a><br /><br /></p>';
					} 

					?>
				</div>

 

 

I am quite sure the problem is with this line in the above code:

if (isset($_SESSION['username']) && $_SESSION['company'] == "southern")

"southern" is interchanged for the page it is on.  southern.php, orion.php or primetech.php

 

 

 

This code ends up giving me my error from the else part of the if statement:

else 
					{ 
					echo '<p>You are not logged in.</p>'; 
					echo '<p>Only logged in members may visit these pages.</p>'; 
					echo '<p><a href="login.php">Client login Page</a><br /><br /></p>';
					}

 

 

The reason I think that line is causing the problem is because when i change it back to just:

if (isset($_SESSION['username']))

it works just fine. Only problem is that anyone logged in the session can see any of the other companies pages by keying in the address.  Nothing to keep them out.  Not good.

 

I appreciate any feedback and especially helpful is explanations as I am new to php and there is

so much that I don't understand.

 

 

 

Link to comment
https://forums.phpfreaks.com/topic/118104-solved-if-isset-statement-not-working/
Share on other sites
The Little Guy Prolific Member

The Little Guy

Posted
Posted

at login, I would make a session that validates to TRUE if they log in correctly.

 

then on all the pages, just check that value.

 

SO...

 

processlogin.php

// connect to db and do a login query
if(mysql_num_rows($sql) > 0){
     $row = mysql_fetch_array($sql);
     session_start();
     $_SESSION['name'] = $row['name'];
     // set other sessions values here
     $_SESSION['logged'] = TRUE;
}

 

pages that require a login:

session_start();
if(!$_SESSION['logged']){
     header("Location: /login.php");
     exit;
}

// The rest of you page here.

rnintulsa Member

rnintulsa

Posted
  • Author
Posted

Ok, thanks, MatthewJ, how do I do that?

Newbie.  I have an idea as I had to do something like that yesterday,

but how do I do it for $_SESSION['company']?

 

budmir, yes you are so right. Still struggling, but I won't give up!

 

I thought I set the variable back in the login check page.

$company = mysql_real_escape_string($_POST['company'], $link);

 

Please set me straight.

 

 

budimir Advanced Member

budimir

Posted
Posted

Don't give up, you'll get the idea what is wrong!!!

 

OK, I think you have only missed one step:

 

You did this yesterday 

$_SESSION['username'] = $username;

 

 

You know what you need to do with...

$_SESSION['company']

 

You get the idea????

rnintulsa Member

rnintulsa

Posted
  • Author
Posted

Thanks budimir for your leading me.

 

going to try it like this, as not sure how it is supposed to be written in the numrows if statement.

 

if( $num_rows  > 0 )
{

	$_SESSION['username'] = $username; 
	$_SESSION['company'] = $company;   
	//redirect
	$data = mysql_fetch_array($results);

	header("Location: {$data['company']}.php"); 		
}

 

budimir Advanced Member

budimir

Posted
Posted

This is the correct way

 

if( $num_rows  > 0 )
{

	$_SESSION['username'] = $username; 
	$_SESSION['company'] = $company;   
	//redirect
	$data = mysql_fetch_array($results);

	header("Location: {$data['company']}.php"); 		
}

 

Is it working now????

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.