Jump to content

PHP Session Help - ???

woody79

By woody79
in PHP Coding Help

Recommended Posts

woody79 Member

woody79

Posted
Posted

I have a login that when the user enters details they are redirected to a page that checks if they are logged in and if not sends them to the login page. After you login (that is if it accepts you) the main page is readable, but if you refresh the page you are sent back to the login. It's as if the session is lost. There is also an error where when you login you end up back at the login. Am I doing something wrong? If so what is it and how can I fix it?

 

Login Class:

<?php
class MaxLogin
{
public $authrealm  = "Welcome";
private $authtype;
private $mysqlhost;
private $mysqluser;
private $mysqlpass;
private $mysqldata;
private $maxid;
private $maxfname;
private $maxsurname;
private $maxusr;
private $maxpwd;
private $maxip;
private $maxemail;
private $maxprivileges;

function __construct($authtype = "web", $mysqlhost = "localhost", $mysqluser = "root", $mysqlpass, $mysqldata)
{
	$this->authtype = $authtype;
	$this->mysqlhost = $mysqlhost;
	$this->mysqluser = $mysqluser;
	$this->mysqlpass = $mysqlpass;
	$this->mysqldata = $mysqldata;
	mysql_connect($mysqlhost, $mysqluser, $mysqlpass) or die('Could not connect: ' . mysql_error());
	mysql_select_db($mysqldata) or die('Could not select database: ' . mysql_error());
	session_start();
}

function __get($property)
{
	return $this->$property;
}

function isNotLoggedIn()
{
	if(!isset($_SESSION['maxauth']))
	{
		return 1;
	}
	else
	{
		return 0;
	}
}

function checkLogin($maxuser = "maxgrade-username", $maxpass = "maxgrade-password")
{
	if ($this->authtype == "web")
	{
		if (!isset($_POST[$maxuser]) || !isset($_POST[$maxpass]))
		{
			return 0;
		}
		else
		{
			$maxsql   = "SELECT * FROM users WHERE ";
			$maxsql  .= "(username = '" . addslashes($_POST[$maxuser]) . "') ";
			$maxsql  .= "AND ";
			$maxsql  .= "(password = '" . addslashes($_POST[$maxpass]) . "')";

			$maxquery = mysql_query($maxsql);
			$maxnumrows = mysql_num_rows($maxquery);

			if ($maxnumrows > 0)
			{
				while($maxrow = mysql_fetch_assoc($maxquery))
				{
					$_SESSION['maxauth'] = $maxrow['id'];
					$_SESSION['maxinfo'] = serialize(
												array(
													"id" => $maxrow['id'],
													"fname" => $maxrow['fname'],
													"surname" => $maxrow['surname'],
													"username" => $maxrow['username'],
													"password" => $maxrow['password'],
													"ip" => $_SERVER['REMOTE_ADDR'],
													"email" => $maxrow['email'],
													"privileges" => $maxrow['privileges']
												)
											);
					$this->maxid = $maxrow['id'];
					$this->maxfname = $maxrow['fname'];
					$this->maxsurname = $maxrow['surname'];
					$this->maxusr = $maxrow['username'];
					$this->maxpwd = $maxrow['password'];
					$this->maxip = $_SERVER['REMOTE_ADDR'];
					$this->maxemail = $maxrow['email'];
					$this->maxprivileges = $maxrow['privileges'];
					mysql_query("UPDATE users SET ip='" . $_SERVER['REMOTE_ADDR'] . "' WHERE id='" . $maxrow['id'] . "'");
					return 1;
				}
			}
			else
			{
				return 0;
			}
		}
	}
	else if ($this->authtype == "realm")
	{
		if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_USER']))
		{
			header('WWW-Authenticate: Basic realm="' . $this->authrealm . '"');
			return 0;
		}
		else
		{
			$maxsql   = "SELECT * FROM users WHERE ";
			$maxsql  .= "(username = '" . addslashes($_SERVER['PHP_AUTH_USER']) . "') ";
			$maxsql  .= "AND ";
			$maxsql  .= "(password = '" . addslashes($_SERVER['PHP_AUTH_PW']) . "')";

			$maxquery = mysql_query($maxsql);
			$maxnumrows = mysql_num_rows($maxquery);

			if ($maxnumrows > 0)
			{
				while($maxrow = mysql_fetch_assoc($maxquery))
				{
					$_SESSION['maxauth'] = $maxrow['id'];
					$_SESSION['maxinfo'] = serialize(
												array(
													"id" => $maxrow['id'],
													"fname" => $maxrow['fname'],
													"surname" => $maxrow['surname'],
													"username" => $maxrow['username'],
													"password" => $maxrow['password'],
													"ip" => $_SERVER['REMOTE_ADDR'],
													"email" => $maxrow['email'],
													"privileges" => $maxrow['privileges']
												)
											);
					$this->maxid = $maxrow['id'];
					$this->maxfname = $maxrow['fname'];
					$this->maxsurname = $maxrow['surname'];
					$this->maxusr = $maxrow['username'];
					$this->maxpwd = $maxrow['password'];
					$this->maxip = $_SERVER['REMOTE_ADDR'];
					$this->maxemail = $maxrow['email'];
					$this->maxprivileges = $maxrow['privileges'];
					mysql_query("UPDATE users SET ip='" . $_SERVER['REMOTE_ADDR'] . "' WHERE id='" . $maxrow['id'] . "'");
					return 1;
				}
			}
			else
			{
				header('WWW-Authenticate: Basic realm="' . $this->authrealm . '"');
				return 0;
			}
		}
	}
}

function destroyLogin()
{
	session_destroy();
}
}
?>

 

index.php (login):

       include("./maxgrade_includes/maxlogin.5.php");
$login = new MaxLogin("web", "localhost", "root", "", "sitedb");
if (isset($_GET['action']))
{
	if ($_GET['action'] == "signout")
	{
		$login->destroyLogin();
		header("Location: index.php");
	}
}
else if ($login->checkLogin("maxgrade-username", "maxgrade-password"))
{
	header("Location: main.php");
}

 

main.php:

       include("./maxgrade_includes/maxlogin.5.php");
$login = new MaxLogin("web", "localhost", "root", "", "sitedb");
if ($login->isNotLoggedIn())
{
	header("Location: index.php");
}

Link to comment
https://forums.phpfreaks.com/topic/119405-php-session-help/
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

You are using php5 OOP syntax, which should be producing errors on your php4 system (check the web server error log file.)

 

The end of life of php4 was at the end of 2007. Support is no longer being provided for php4. Your web host should have provided a way of switching to php5 several months ago. Check with them on how to switch your account or you should consider looking for a web host that is providing a current and supported version of php.

Link to comment
https://forums.phpfreaks.com/topic/119405-php-session-help/#findComment-615376
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.