str8thug843 Posted August 5, 2008 Share Posted August 5, 2008 Hello, let me start off by saying I dont know anything about sessions, I am trying to create a simple login system for users. This is at the very top of my index <?php session_start(); $_SESSION['username']; ........ and I have this in my login.php <?php if ($_SESSION[‘logged’] == 1) { // User is already logged in. header("Location: index.php"); // Goes to main page. exit(); // Stops the rest of the script. } else { if (!isset($_POST[’submit’])) { // The form has not been submitted. echo "<form action=\"index.php?file=login\" method=\"POST\">"; echo "<table>"; echo "<tr>"; echo "<td colspan=\"2\">Login:</td>"; echo "</tr>"; echo "<tr>"; echo "<td width=\"50%\">Username:</td><td width=\"50%\"><input name=\"username\" size=\"18\" type=\"text\" />"; echo "</tr>"; echo "<tr>"; echo "<td width=\"50%\">Password:</td><td width=\"50%\"><input name=\"password\" size=\"18\" type=\"text\" />"; echo "</tr>"; echo "<tr>"; echo "<td colspan=\"2\"><input type=\"submit\" name=\"submit\" value=\"submit\"</td>"; echo "</tr>"; echo "</table>"; echo "</form>"; } else { $username = form($_POST[‘username’]); $password = md5($_POST[‘password’]); // Encrypts the password. $q = mysql_query("SELECT * FROM `users` WHERE username = ‘$username’ AND password = ‘$password’") or die (mysql_error()); // mySQL query $r = mysql_num_rows($q); // Checks to see if anything is in the db. if ($r == 1) { // There is something in the db. The username/password match up. $_SESSION[‘logged’] = 1; // Sets the session. header("Location: index.php"); // Goes to main page. exit(); // Stops the rest of the script. } else { // Invalid username/password. exit("Incorrect username/password!"); // Stops the script with an error message. } } } ?> when i attempt to login, all it does is refresh the page. I have been going at this for over a week now, seems to be doing my head in, can you tell me if im missing something or what I need to do please. Thanks Quote Link to comment Share on other sites More sharing options...
peranha Posted August 5, 2008 Share Posted August 5, 2008 session_start(); That has to be at the top of every page where you are using sessions. Put it in the login.php page and try that. Quote Link to comment Share on other sites More sharing options...
str8thug843 Posted August 5, 2008 Author Share Posted August 5, 2008 its at the very top of my index page, witch i am calling my other files with includes like so $page = $_GET['file']; if (($page == "news") or ($page =="")) { include('news.php'); } else if($page == "tutorials") { include('tutorials.php'); } else if($page == "downloads") { include('downloads.php'); } else if($page == "contact") { include('contact.php'); } else if($page == "links") { include('links.php'); } else if($page == "shoutbox") { include('shoutbox.php'); } else if($page == "portfolio") { include('portfolio.php'); } else if($page == "register") { include('register.php'); } else if($page == "login") { include('login.php'); } else { echo"Page not found."; } Quote Link to comment Share on other sites More sharing options...
revraz Posted August 5, 2008 Share Posted August 5, 2008 He said the top of your LOGIN page, not INDEX page. Quote Link to comment Share on other sites More sharing options...
str8thug843 Posted August 5, 2008 Author Share Posted August 5, 2008 i did put it there and it still refreshs the page ??? Quote Link to comment Share on other sites More sharing options...
revraz Posted August 5, 2008 Share Posted August 5, 2008 Let's see the rest of your index page and the new login page. If you have never uses sessions before, it's possible the session save path may also be incorrect in your php.ini file. Quote Link to comment Share on other sites More sharing options...
sKunKbad Posted August 5, 2008 Share Posted August 5, 2008 It's hard to say what is wrong without seeing the login form, and the rest of your code Quote Link to comment Share on other sites More sharing options...
trq Posted August 5, 2008 Share Posted August 5, 2008 The first thing I notice is your using some sort of special quotes. These $_SESSION[‘logged’] ought be $_SESSION['logged']. Next, you say you have this.... session_start(); $_SESSION['username']; at the top of your index.php page. What exactly do you expect that to do? It doesn't actually do anything. Quote Link to comment Share on other sites More sharing options...
str8thug843 Posted August 5, 2008 Author Share Posted August 5, 2008 ok sorry about that here is my index <?php session_start(); $_SESSION['username']; include("config.php"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>mysite.com</title> <meta http-equiv="Content-type" content="text/html; charset=utf-8" /> <link rel="stylesheet" type="text/css" href="style.css" /> </head> <body> <div id="wrapper"> <div id="header"> <a class="headnav" href="index.php?file=links"><b>Links</b></a><a class="headnav" href="index.php?file=contact"><b>Contact</b></a><a class="headnav" href="index.php?file=downloads"><b>Downloads</b></a><a class="headnav" href="index.php"><b>Home</b></a> <div id="logo"></div> </div> <div class="imgmiddle"></div> <div id="bar"> <center><script type="text/javascript"><!-- google_ad_client = "pub-5808069362827247"; google_ad_slot = "1735036913"; google_ad_width = 468; google_ad_height = 60; //--> </script> <script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script></center> </div> <div class="imgmiddle"></div> <div id="container"> <div id="left"> <img src="images/navigation.gif" width="150" height="21" alt="Navigation" /> <ul id="nav"> <li><a href="index.php">Home</a></li> <li><a href="index.php?file=forums">Forums</a></li> <li><a href="index.php?file=downloads">Downloads</a></li> <li><a href="index.php?file=links">Links</a></li> <li><a href="index.php?file=contact">Contact</a></li> <li><a href="index.php?file=portfolio">Portfolio</a></li> <li><a href="index.php?file=tutorials">Tutorials</a></li> <li><a href="index.php?file=statistics">Statistics</a></li> <li><a href="index.php?file=shoutbox">Shoutbox</a></li> </ul><br /> <img src="images/statistics.gif" width="150" height="21" alt="Statistics" /><br /> <?php include("stats.php"); ?><br /> <img src="images/advertisment.gif" width="150" height="21" alt="Advertisment" /> <script type="text/javascript"><!-- google_ad_client = "pub-5808069362827247"; google_ad_slot = "7181496776"; google_ad_width = 120; google_ad_height = 240; //--> </script> <script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script> </div> <?php $page = $_GET['file']; if (($page == "news") or ($page =="")) { include('news.php'); } else if($page == "tutorials") { include('tutorials.php'); } else if($page == "downloads") { include('downloads.php'); } else if($page == "contact") { include('contact.php'); } else if($page == "links") { include('links.php'); } else if($page == "shoutbox") { include('shoutbox.php'); } else if($page == "portfolio") { include('portfolio.php'); } else if($page == "register") { include('register.php'); } else if($page == "login") { include('login.php'); } else { echo"Page not found."; } ?> <div id="right"></div> <div class="clearer"></div> </div> <div id="footer"> <div class="imgmiddle"></div> <p>Copyright © 2007-2008. All rights reserved.<br /> <a href="http://validator.w3.org/check?uri=referer"><img style="border:0;width:80px;height:15px" src="images/xhtml1.0.gif" alt="Valid XHTML 1.0 Strict" /></a> <a href="http://jigsaw.w3.org/css-validator/"><img style="border:0;width:80px;height:15px" src="images/css.gif" alt="Valid CSS!" /></a> </p> <div class="imgbottom"></div> </div> </div> </body> </html> and here is my login <?php session_start(); if ($_SESSION[‘logged’] == 1) { // User is already logged in. header("Location: index.php"); // Goes to main page. exit(); // Stops the rest of the script. } else { if (!isset($_POST[’submit’])) { // The form has not been submitted. echo "<form action=\"index.php?file=login\" method=\"POST\">"; echo "<table>"; echo "<tr>"; echo "<td colspan=\"2\">Login:</td>"; echo "</tr>"; echo "<tr>"; echo "<td width=\"50%\">Username:</td><td width=\"50%\"><input name=\"username\" size=\"18\" type=\"text\" />"; echo "</tr>"; echo "<tr>"; echo "<td width=\"50%\">Password:</td><td width=\"50%\"><input name=\"password\" size=\"18\" type=\"text\" />"; echo "</tr>"; echo "<tr>"; echo "<td colspan=\"2\"><input type=\"submit\" name=\"submit\" value=\"submit\"</td>"; echo "</tr>"; echo "</table>"; echo "</form>"; } else { $username = form($_POST[‘username’]); $password = md5($_POST[‘password’]); // Encrypts the password. $q = mysql_query("SELECT * FROM `users` WHERE username = ‘$username’ AND password = ‘$password’") or die (mysql_error()); // mySQL query $r = mysql_num_rows($q); // Checks to see if anything is in the db. if ($r == 1) { // There is something in the db. The username/password match up. $_SESSION[‘logged’] = 1; // Sets the session. header("Location: index.php"); // Goes to main page. exit(); // Stops the rest of the script. } else { // Invalid username/password. exit("Incorrect username/password!"); // Stops the script with an error message. } } } ?> Quote Link to comment Share on other sites More sharing options...
str8thug843 Posted August 5, 2008 Author Share Posted August 5, 2008 The first thing I notice is your using some sort of special quotes. These $_SESSION[‘logged’] ought be $_SESSION['logged']. Next, you say you have this.... session_start(); $_SESSION['username']; at the top of your index.php page. What exactly do you expect that to do? It doesn't actually do anything. as i said, i dont know anything about sessions. so i have been searching around on pixel2life, good-tutorials and now i ended up here, Quote Link to comment Share on other sites More sharing options...
trq Posted August 5, 2008 Share Posted August 5, 2008 Sorry but none of that answers my question or fixes the problems I pointed out. Quote Link to comment Share on other sites More sharing options...
revraz Posted August 5, 2008 Share Posted August 5, 2008 He was referring to your Quotes though, that has nothing to do with sessions. Use standard single ' quotes and " double quotes. With that said, you also just have a plain line $_SESSION['username']; which does nothing. This again has nothing to do with sessions itself, it has to do with setting variables. Did you mean to do something like IF ($_SESSION['username']) which means you're checking to see if it's set? Quote Link to comment Share on other sites More sharing options...
str8thug843 Posted August 5, 2008 Author Share Posted August 5, 2008 Sorry but none of that answers my question or fixes the problems I pointed out. lol my bad, i pasted the wrong part. it was suppose to be for the others that replyed before that asked for my index. i seen what you was talking about and corrected the problem. and now when i try to login i get this Warning: Cannot modify header information - headers already sent by (output started at /home/blizz/public_html/config.php:10) in /home/blizz/public_html/login.php on line 3 He was referring to your Quotes though, that has nothing to do with sessions. Use standard single ' quotes and " double quotes. With that said, you also just have a plain line $_SESSION['username']; which does nothing. This again has nothing to do with sessions itself, it has to do with setting variables. Did you mean to do something like IF ($_SESSION['username']) which means you're checking to see if it's set? yes i have took that out also Quote Link to comment Share on other sites More sharing options...
peranha Posted August 5, 2008 Share Posted August 5, 2008 Take the session_start(); out of you login page, I didnt know that you were including it in the index page on your first post, and try it again. Also paste you config file if that does work, you are outputing data to the browser in that file, so you will get this error. Quote Link to comment Share on other sites More sharing options...
str8thug843 Posted August 5, 2008 Author Share Posted August 5, 2008 ok i took the sessions start out of the login along with the header("Location: index.php"); // Goes to main page. exit(); // Stops the rest of the script. the error seems to of went away and now have a blank page when i try to view the login page, so im guessing it worked? this was after input my login info Quote Link to comment Share on other sites More sharing options...
Galaxy_Stranger Posted August 5, 2008 Share Posted August 5, 2008 To be clear, session states themselves aren't any part of PHP. You're constructing your own states based on PHP session variables. That made things a little unclear to me when I first started using session states. So, you're basically running scripts based on variable values. The first thing I see wrong is the instantiation of your variable: <?php session_start(); $_SESSION['username']; ... Session variables should be instantiated like so: session_register('loggedIn') ; session_register('currentUser') ; Then, you can "initialize" them later: $_SESSION['username']= <desired_value> ; See if that helps. Quote Link to comment Share on other sites More sharing options...
revraz Posted August 5, 2008 Share Posted August 5, 2008 You should no longer use session_register, and especially not if you use session_start. Quote Link to comment Share on other sites More sharing options...
marcus Posted August 5, 2008 Share Posted August 5, 2008 Why register a session variable and not use it when you need to. # just stick with session_start(); $_SESSION['username'] = "marcus"; Quote Link to comment Share on other sites More sharing options...
Galaxy_Stranger Posted August 5, 2008 Share Posted August 5, 2008 You should no longer use session_register, and especially not if you use session_start. I assume it's a security problem? Did this change w/ PHP 5? I started using a book using PHP 4 and I never cought that. Time to do some more homework... Quote Link to comment Share on other sites More sharing options...
BioBob Posted August 5, 2008 Share Posted August 5, 2008 Nope. header() breaks sessions. DO NOT USE header() to redirect session detection on login scripts. Use meta refresh instead. <?php session_start(); if($_SESSION['loggedIn']) { header('Location: www.aasdf.com'); } BAD!!! <?php ob_start(); session_start(); if($_SESSION['loggedIn']) { $session_id = session_id(); header('Location: www.aasdf.com/page.php?phpsessionid=$session_id'); } ob_ ... stuff to wrap up your output buffering handling... That works, but kind of a pain, plus theres some security stuff with putting your session id in your url. One of the reasons its not on by default. Instead try using META REFRESH TAGS <?php session_start(); if($_SESSION['loggedIn']) { echo "<meta http-equiv=\"refresh\" content=\"2;url=http://www.mysite.com/usersonly.php\">"; } Quote Link to comment Share on other sites More sharing options...
str8thug843 Posted August 5, 2008 Author Share Posted August 5, 2008 how would i display the username, i tryed using $username. it shows mine. but when another user logs in with there info. it will show my username on there side also. Quote Link to comment Share on other sites More sharing options...
DarkWater Posted August 5, 2008 Share Posted August 5, 2008 Nope. header() breaks sessions. DO NOT USE header() to redirect session detection on login scripts. Use meta refresh instead. <?php session_start(); if($_SESSION['loggedIn']) { header('Location: www.aasdf.com'); } BAD!!! <?php ob_start(); session_start(); if($_SESSION['loggedIn']) { $session_id = session_id(); header('Location: www.aasdf.com/page.php?phpsessionid=$session_id'); } ob_ ... stuff to wrap up your output buffering handling... That works, but kind of a pain, plus theres some security stuff with putting your session id in your url. One of the reasons its not on by default. Instead try using META REFRESH TAGS <?php session_start(); if($_SESSION['loggedIn']) { echo "<meta http-equiv=\"refresh\" content=\"2;url=http://www.mysite.com/usersonly.php\">"; } Umm....what? Headers do not break sessions. What exactly are you talking about? Quote Link to comment Share on other sites More sharing options...
str8thug843 Posted August 6, 2008 Author Share Posted August 6, 2008 how would i display the username, i tryed using $username. it shows mine. but when another user logs in with there info. it will show my username on there side also. no one?? Quote Link to comment Share on other sites More sharing options...
revraz Posted August 6, 2008 Share Posted August 6, 2008 try echoing $_SESSION['username'] Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.