Jump to content

Sessions help.


str8thug843

Recommended Posts

Hello, let me start off by saying I dont know anything about sessions, I am trying to create a simple login system for users.

 

This is at the very top of my index

<?php
session_start();
$_SESSION['username'];
........

 

and I have this in my login.php

<?php
      if ($_SESSION[‘logged’] == 1) { // User is already logged in.
              header("Location: index.php"); // Goes to main page.
              exit(); // Stops the rest of the script.
      } else {
              if (!isset($_POST[’submit’])) { // The form has not been submitted.
                      echo "<form action=\"index.php?file=login\" method=\"POST\">";
                      echo "<table>";
                      echo "<tr>";
                      echo "<td colspan=\"2\">Login:</td>";
                      echo "</tr>";
                      echo "<tr>";
                      echo "<td width=\"50%\">Username:</td><td width=\"50%\"><input name=\"username\" size=\"18\" type=\"text\" />";
                      echo "</tr>";
                      echo "<tr>";
                      echo "<td width=\"50%\">Password:</td><td width=\"50%\"><input name=\"password\" size=\"18\" type=\"text\" />";
                      echo "</tr>";
                      echo "<tr>";
                      echo "<td colspan=\"2\"><input type=\"submit\" name=\"submit\" value=\"submit\"</td>";
                      echo "</tr>";
                      echo "</table>";
                      echo "</form>";
              } else {
                      $username = form($_POST[‘username’]);
                      $password = md5($_POST[‘password’]); // Encrypts the password.
                      $q = mysql_query("SELECT * FROM `users` WHERE username = ‘$username’ AND password = ‘$password’") or die (mysql_error()); // mySQL query
                      $r = mysql_num_rows($q); // Checks to see if anything is in the db.
                      if ($r == 1) { // There is something in the db. The username/password match up.
                              $_SESSION[‘logged’] = 1; // Sets the session.
                              header("Location: index.php"); // Goes to main page.
                              exit(); // Stops the rest of the script.
                      } else { // Invalid username/password.
                              exit("Incorrect username/password!"); // Stops the script with an error message.
                      }
              }
      }
?>

 

when i attempt to login, all it does is refresh the page. I have been going at this for over a week now, seems to be doing my head in, can you tell me if im missing something or what I need to do please. Thanks  :P

Link to comment
https://forums.phpfreaks.com/topic/118199-sessions-help/
Share on other sites

its at the very top of my index page, witch i am calling my other files with includes like so

 

$page = $_GET['file'];
if (($page == "news") or ($page =="")) {
include('news.php');
} else if($page == "tutorials") {
include('tutorials.php');
} else if($page == "downloads") {
include('downloads.php');
} else if($page == "contact") {
include('contact.php');
} else if($page == "links") {
include('links.php');
} else if($page == "shoutbox") {
include('shoutbox.php');
} else if($page == "portfolio") {
include('portfolio.php');
} else if($page == "register") {
include('register.php');
} else if($page == "login") {
include('login.php');
} else {
echo"Page not found.";
}

Link to comment
https://forums.phpfreaks.com/topic/118199-sessions-help/#findComment-608285
Share on other sites

The first thing I notice is your using some sort of special quotes. These $_SESSION[‘logged’] ought be $_SESSION['logged'].

 

Next, you say you have this....

 

session_start();
$_SESSION['username'];

 

at the top of your index.php page. What exactly do you expect that to do? It doesn't actually do anything.

Link to comment
https://forums.phpfreaks.com/topic/118199-sessions-help/#findComment-608306
Share on other sites

ok sorry about that here is my index

<?php
session_start();
$_SESSION['username'];
include("config.php");
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>mysite.com</title>
<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<div id="wrapper">
<div id="header">
<a class="headnav" href="index.php?file=links"><b>Links</b></a><a class="headnav" href="index.php?file=contact"><b>Contact</b></a><a class="headnav" href="index.php?file=downloads"><b>Downloads</b></a><a class="headnav" href="index.php"><b>Home</b></a>
<div id="logo"></div>
</div>
<div class="imgmiddle"></div>
<div id="bar">
<center><script type="text/javascript"><!--
google_ad_client = "pub-5808069362827247";
google_ad_slot = "1735036913";
google_ad_width = 468;
google_ad_height = 60;
//-->
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script></center>
</div>
<div class="imgmiddle"></div>
<div id="container">
<div id="left">
<img src="images/navigation.gif" width="150" height="21" alt="Navigation" />
<ul id="nav">
<li><a href="index.php">Home</a></li>
<li><a href="index.php?file=forums">Forums</a></li>
<li><a href="index.php?file=downloads">Downloads</a></li>
<li><a href="index.php?file=links">Links</a></li>
<li><a href="index.php?file=contact">Contact</a></li>
<li><a href="index.php?file=portfolio">Portfolio</a></li>
<li><a href="index.php?file=tutorials">Tutorials</a></li>
<li><a href="index.php?file=statistics">Statistics</a></li>
<li><a href="index.php?file=shoutbox">Shoutbox</a></li>
</ul><br />
<img src="images/statistics.gif" width="150" height="21" alt="Statistics" /><br />
<?php
include("stats.php");
?><br />
<img src="images/advertisment.gif" width="150" height="21" alt="Advertisment" />
<script type="text/javascript"><!--
google_ad_client = "pub-5808069362827247";
google_ad_slot = "7181496776";
google_ad_width = 120;
google_ad_height = 240;
//-->
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div>
<?php
$page = $_GET['file'];
if (($page == "news") or ($page =="")) {
include('news.php');
} else if($page == "tutorials") {
include('tutorials.php');
} else if($page == "downloads") {
include('downloads.php');
} else if($page == "contact") {
include('contact.php');
} else if($page == "links") {
include('links.php');
} else if($page == "shoutbox") {
include('shoutbox.php');
} else if($page == "portfolio") {
include('portfolio.php');
} else if($page == "register") {
include('register.php');
} else if($page == "login") {
include('login.php');
} else {
echo"Page not found.";
}
?>
<div id="right"></div>
<div class="clearer"></div>
</div>
<div id="footer">
<div class="imgmiddle"></div>
<p>Copyright © 2007-2008. All rights reserved.<br />
<a href="http://validator.w3.org/check?uri=referer"><img style="border:0;width:80px;height:15px" src="images/xhtml1.0.gif" alt="Valid XHTML 1.0 Strict" /></a>
<a href="http://jigsaw.w3.org/css-validator/"><img style="border:0;width:80px;height:15px" src="images/css.gif" alt="Valid CSS!" /></a>
</p>
<div class="imgbottom"></div>
</div>
</div>
</body>
</html>

 

and here is my login

<?php
session_start();
     if ($_SESSION[‘logged’] == 1) { // User is already logged in.
             header("Location: index.php"); // Goes to main page.
             exit(); // Stops the rest of the script.
     } else {
             if (!isset($_POST[’submit’])) { // The form has not been submitted.
                     echo "<form action=\"index.php?file=login\" method=\"POST\">";
                     echo "<table>";
                     echo "<tr>";
                     echo "<td colspan=\"2\">Login:</td>";
                     echo "</tr>";
                     echo "<tr>";
                     echo "<td width=\"50%\">Username:</td><td width=\"50%\"><input name=\"username\" size=\"18\" type=\"text\" />";
                     echo "</tr>";
                     echo "<tr>";
                     echo "<td width=\"50%\">Password:</td><td width=\"50%\"><input name=\"password\" size=\"18\" type=\"text\" />";
                     echo "</tr>";
                     echo "<tr>";
                     echo "<td colspan=\"2\"><input type=\"submit\" name=\"submit\" value=\"submit\"</td>";
                     echo "</tr>";
                     echo "</table>";
                     echo "</form>";
             } else {
                     $username = form($_POST[‘username’]);
                     $password = md5($_POST[‘password’]); // Encrypts the password.
                     $q = mysql_query("SELECT * FROM `users` WHERE username = ‘$username’ AND password = ‘$password’") or die (mysql_error()); // mySQL query
                     $r = mysql_num_rows($q); // Checks to see if anything is in the db.
                     if ($r == 1) { // There is something in the db. The username/password match up.
                             $_SESSION[‘logged’] = 1; // Sets the session.
                             header("Location: index.php"); // Goes to main page.
                             exit(); // Stops the rest of the script.
                     } else { // Invalid username/password.
                             exit("Incorrect username/password!"); // Stops the script with an error message.
                     }
             }
     }
?>

Link to comment
https://forums.phpfreaks.com/topic/118199-sessions-help/#findComment-608307
Share on other sites

The first thing I notice is your using some sort of special quotes. These $_SESSION[‘logged’] ought be $_SESSION['logged'].

 

Next, you say you have this....

 

session_start();
$_SESSION['username'];

 

at the top of your index.php page. What exactly do you expect that to do? It doesn't actually do anything.

 

as i said, i dont know anything about sessions. so i have been searching around on pixel2life, good-tutorials and now i ended up here,

Link to comment
https://forums.phpfreaks.com/topic/118199-sessions-help/#findComment-608309
Share on other sites

He was referring to your Quotes though, that has nothing to do with sessions.  Use standard single ' quotes and " double quotes.

 

With that said, you also just have a plain line

 

$_SESSION['username'];

 

which does nothing.  This again has nothing to do with sessions itself, it has to do with setting variables.  Did you mean to do something like

 

IF ($_SESSION['username']) which means you're checking to see if it's set?

 

Link to comment
https://forums.phpfreaks.com/topic/118199-sessions-help/#findComment-608311
Share on other sites

Sorry but none of that answers my question or fixes the problems I pointed out.

 

lol my bad, i pasted the wrong part. it was suppose to be for the others that replyed before that asked for my index. i seen what you was talking about and corrected the problem. and now when i try to login i get this

 

Warning: Cannot modify header information - headers already sent by (output started at /home/blizz/public_html/config.php:10) in /home/blizz/public_html/login.php on line 3

 

He was referring to your Quotes though, that has nothing to do with sessions.  Use standard single ' quotes and " double quotes.

 

With that said, you also just have a plain line

 

$_SESSION['username'];

 

which does nothing.  This again has nothing to do with sessions itself, it has to do with setting variables.  Did you mean to do something like

 

IF ($_SESSION['username']) which means you're checking to see if it's set?

 

yes i have took that out also

Link to comment
https://forums.phpfreaks.com/topic/118199-sessions-help/#findComment-608313
Share on other sites

ok i took the sessions start out of the login along with the

 

              header("Location: index.php"); // Goes to main page.

              exit(); // Stops the rest of the script.

 

the error seems to of went away and now have a blank page when i try to view the login page, so im guessing it worked? this was after input my login info

Link to comment
https://forums.phpfreaks.com/topic/118199-sessions-help/#findComment-608319
Share on other sites

To be clear, session states themselves aren't any part of PHP.  You're constructing your own states based on PHP session variables.  That made things a little unclear to me when I first started using session states.  So, you're basically running scripts based on variable values.

 

The first thing I see wrong is the instantiation of your variable:

<?php
session_start();
$_SESSION['username'];
...

 

Session variables should be instantiated like so:

	session_register('loggedIn') ;
session_register('currentUser') ;

 

Then, you can "initialize" them later:

          $_SESSION['username']= <desired_value> ;

 

See if that helps.

Link to comment
https://forums.phpfreaks.com/topic/118199-sessions-help/#findComment-608359
Share on other sites

Nope.  header() breaks sessions.  DO NOT USE header() to redirect session detection on login scripts.  Use meta refresh instead.

 

<?php
session_start();
if($_SESSION['loggedIn'])  {
  header('Location: www.aasdf.com');
  }

 

BAD!!!

 

<?php
ob_start();
session_start();
if($_SESSION['loggedIn'])  {
  $session_id = session_id();
  header('Location: www.aasdf.com/page.php?phpsessionid=$session_id');
  }

ob_ ... stuff to wrap up your output buffering handling...

 

That works, but kind of a pain, plus theres some security stuff with putting your session id in your url.  One of the reasons its not on by default.  Instead try using META REFRESH TAGS

 

<?php
session_start();
if($_SESSION['loggedIn'])  {
  echo "<meta http-equiv=\"refresh\" content=\"2;url=http://www.mysite.com/usersonly.php\">";
  }

Link to comment
https://forums.phpfreaks.com/topic/118199-sessions-help/#findComment-608441
Share on other sites

Nope.  header() breaks sessions.  DO NOT USE header() to redirect session detection on login scripts.  Use meta refresh instead.

 

<?php
session_start();
if($_SESSION['loggedIn'])  {
  header('Location: www.aasdf.com');
  }

 

BAD!!!

 

<?php
ob_start();
session_start();
if($_SESSION['loggedIn'])  {
  $session_id = session_id();
  header('Location: www.aasdf.com/page.php?phpsessionid=$session_id');
  }

ob_ ... stuff to wrap up your output buffering handling...

 

That works, but kind of a pain, plus theres some security stuff with putting your session id in your url.  One of the reasons its not on by default.  Instead try using META REFRESH TAGS

 

<?php
session_start();
if($_SESSION['loggedIn'])  {
  echo "<meta http-equiv=\"refresh\" content=\"2;url=http://www.mysite.com/usersonly.php\">";
  }

 

Umm....what?  Headers do not break sessions.  What exactly are you talking about?

Link to comment
https://forums.phpfreaks.com/topic/118199-sessions-help/#findComment-608702
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.