Jump to content

need help with my PHP login for Album gallery,,please help, its driving me MAD

poldenais

By poldenais
in PHP Coding Help

Recommended Posts

poldenais Newbie

poldenais

Posted
Posted

Help needed with a pHP login page for Image gallery

by poldenais on Sun Sep 07, 2008 9:14 am

 

Hi I have been doing a tutorial online for an Image Gallery and the first part of it is a simple Login to the Admin section for the gallery.

 

For some reason when I run the script out of Dreamweaver ( i have local server all set up with Apache and MySQL), the login page appears and when i click on submit nothing happens. the login page just reappears. I can see that a session file is created in 'c:/phptmp' with the details isLogin|b:1;. It has to be something simple related to the Header command or sessions. When I change header to redirect to a simple normal page as a test, it works.

 

is this piece of code correct?

header('Location: index.php?page=list-album');

 

I will attach the three important scripts:

Login.php

<?php
session_start(); 
require_once('Connections/conn_fanad.php');
require_once ('Connections/functions.php');


$errMsg = '';
if (isset($_POST['txtUserid'])) {

   // Check the user login. For now we only check it 
   // against a hardcoded value
    if ($_POST['txtUserid'] == 'bigbadwolf' && $_POST['txtUserpw'] == 'huffnpuff') {
        $_SESSION['isLogin'] = true;
      //header('location: index.html'); //Redirects it
      header('Location: index.php?page=list-album');
   exit;
    } else {
      $errMsg = "Wrong Id/Password";
    }      
} 

?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<p> </p>
<?php
if ($errMsg != '') {
   echo '<p align="center"><font color="#990000">' . $errMsg . '</font></p>';
} 
?>
<form action="" method="post" name="frmCampaign" id="frmCampaign">
<table align="center" width="500" border="0" cellpadding="2" cellspacing="1" bgcolor="#CCCCCC">
  <tr> 
   <td width="200" bgcolor="#336699"><font color="#FFFFFF"><strong>User Id</strong></font></td>
   <td bgcolor="#FFFFFF"><input name="txtUserid" type="text" id="txtUserid" value="bigbadwolf"></td>
  </tr>
  <tr> 
   <td width="200" bgcolor="#336699"><font color="#FFFFFF"><strong>Password</strong></font></td>
   <td bgcolor="#FFFFFF"><input name="txtUserpw" type="password" id="txtUserpw" value="huffnpuff"></td>
  </tr>
  <tr> 
   <td colspan="2" align="center" bgcolor="#FFFFFF"> <input type="submit" name="Submit" value="Submit"> 
   </td>
  </tr>
</table>
</form>
</body>
</html>

 

list-album.php

 

<?php
require_once('Connections/conn_fanad.php');
require_once('Connections/functions.php');
$albumPerPage = 10;

$pageNumber  = isset($_GET['pageNum']) ? $_GET['pageNum'] : 1;

$offset = ($pageNumber - 1) * $albumPerPage;
$serial = $offset + 1;

mysql_select_db($database_conn_fanad, $conn_fanad);
$sql  = "SELECT al_id, al_name, al_image, COUNT(im_album_id) AS al_numimage
         FROM tbl_album al LEFT JOIN tbl_image im ON al.al_id = im.im_album_id
       GROUP by al_id  
       ORDER BY al_name ";
$result = mysql_query($sql . "LIMIT $offset, $albumPerPage") or die('Error, list album failed. ' . mysql_error());
   
?>
<table width="100%" border="0" align="center" cellpadding="2" cellspacing="1" class="table_grey">
    <tr> 
        <th width="30" align="center">#</th>
        <th align="center">Album Name</th>
        <th width="120" align="center"> Images</th>
        <th width="60" align="center"> </th>
        <th width="60" align="center"> </th>
    </tr>
    <?php 
if (mysql_num_rows($result) == 0) {
?>
    <tr bgcolor="#FFFFFF"> 
        <td colspan="5">No album yet</td>
    </tr>
    <?php
} else {
   $serial = $offset + 1;
   while ($row = mysql_fetch_assoc($result)) {
      extract($row);   
      
      $al_numimage = "<a href=\"?page=list-image&album=$al_id\">$al_numimage</a>";
?>
    <tr bgcolor="#FFFFFF"> 
        <td width="30" align="center"><?php echo $serial++; ?></td>
        <td align="center"><a href="?page=album-detail&alId=<?php echo $al_id; ?>"><img src="../viewImage.php?type=album&name=<?php echo $row['al_image']; ?>" border="0" /><br />
        </a><a href="?page=album-detail&alId=<?php echo $al_id; ?>"><?php echo $al_name; ?></a></td>
        <td width="120" align="center"><?php echo $al_numimage; ?></td>
        <td width="60" align="center"><a href="?page=modify-album&alId=<?php echo $al_id; ?>">Modify</a></td>
        <td width="60" align="center"><a href="javascript:deleteAlbum(<?php echo $al_id; ?>);">Delete</a></td>
    </tr>
    <?php
   } // end while
}
?>
    <tr bgcolor="#FFFFFF"> 
        <td colspan="5" align="center"><?php 
$result = mysql_query($sql);
$totalResults = mysql_num_rows($result);   
   
   echo getPagingLink($totalResults, $pageNumber, $albumPerPage, "page=list-album");
   ?> </td>
    </tr>
    <tr bgcolor="#FFFFFF">
      <td colspan="5" align="right"><input type="button" name="btnAdd" value="Add Album" onclick="window.location.href='index.php?page=add-album';" /></td>
    </tr>
</table>

 

index.php

 

<?php
require_once('Connections/conn_fanad.php');
require_once('Connections/functions.php');
checkLogin();

?>
<html>
<head>
<title>Gallery Admin</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="stylesheet" type="text/css" href="admin.css">
<script language="javascript" type="text/javascript">
function deleteAlbum(albumId)
{
   if (confirm('Delete this album?')) {
      window.location.href = 'index.php?deleteAlbum&album=' + albumId;
   }
}

function viewImage(albumId) {
   if (albumId != '') {
      window.location.href = 'index.php?page=list-image&album=' + albumId;
   } else {
      window.location.href = 'index.php?page=list-image';
   }
}

function deleteImage(albumId, imgId) 
{
   if (confirm('Delete this image?')) {
      window.location.href = 'index.php?page=list-image&delete&album=' + albumId + '&imgId=' + imgId;
   }
}

function viewLargeImage(imageName)
{
   imgWindow = window.open('', 'largeImage', "width=" + screen.availWidth + ",height="  + screen.availHeight + ",top=0,left=0,screenY=0,screenX=0,status=yes,scrollbars=yes,resizable=yes,menubar=no");
   imgWindow.focus();
   imgWindow.location.href = '../viewImage.php?type=glimage&name=' + imageName;
}
</script>
</head>

<body>
<p>  </p>

<table width="750" border="1" align="center" cellpadding="2" cellspacing="1">
    <tr> 
        <td width="150" valign="top"><p> </p>
            <p><a href="index.php?page=list-album">List Album</a></p>
            <p><a href="index.php?page=add-album">Add Album</a></p>
            <hr width="90%" size="1" noshade>
            <p><a href="index.php?page=list-image">List Images</a></p>
            <p><a href="index.php?page=add-image">Add Image</a></p>
            <hr width="90%" size="1" noshade>
            <p><a href="logout.php">Logout</a></p>
            <p> </p>
            <p> </p>
            <p> </p>
      <p> </p></td>
        <td align="center" valign="top" style="padding:10px">
<?php
if (isset($_GET['deleteAlbum']) && isset($_GET['album']) ) {
   $albumId = $_GET['album'];
   
   // get the album name since we need to display
   // a message that album 'foo' is deleted
   $result = mysql_query("SELECT al_name, al_image
                          FROM tbl_album 
                     WHERE al_id = $albumId") 
           or die('Delete image failed. ' . mysql_error());
   if (mysql_num_rows($result) == 1) {
      $row = mysql_fetch_assoc($result);
      $albumName = $row['al_name'];
      $albumImage = $row['al_image'];
   
      // get the image filenames first so we can delete them 
      // from the server
      $result = mysql_query("SELECT im_image, im_thumbnail 
                             FROM tbl_image 
                        WHERE im_album_id = $albumId") 
              or die(mysql_error());
      while ($row = mysql_fetch_assoc($result)) {
         unlink(GALLERY_IMG_DIR . $row['im_image']);
         unlink(GALLERY_IMG_DIR . 'thumbnail/' . $row['im_thumbnail']);
      }
      
      unlink(ALBUM_IMG_DIR . $albumImage);
      
      $result = mysql_query("DELETE FROM tbl_image 
                             WHERE im_album_id = $albumId") 
              or die('Delete image failed. ' . mysql_error());
      $result = mysql_query("DELETE FROM tbl_album 
                             WHERE  al_id = $albumId") 
              or die('Delete album failed. ' . mysql_error());

      // album deleted successfully, let the user know about it
      echo "<p align=center>Album '$albumName' deleted.</p>";
   } else {
      echo "<p align=center>Cannot delete a non-existent album.</p>";
   }
}

// which page should be shown now
$page = (isset($_GET['page']) && $_GET['page'] != '') ? $_GET['page'] : 'list-album';

// only the pages listed here can be accessed
// any other pages will result in error
$allowedPages = array('list-album', 'add-album', 'album-detail', 'modify-album', 'list-image', 'add-image', 'image-detail', 'modify-image');
         
if (in_array($page, $allowedPages)) {
   include $page . '.php';
} else {
?>
<table width="100%" border="0" align="center" cellpadding="2" cellspacing="1">
                <tr> 
        <td align="center"><strong>Error : The Page You're Looking 
            For Doesn't Exist</strong></td>
    </tr>
</table>
<?php   
}
?>
</td>
    </tr>
</table>


</body>
</html>

adam291086 Advanced Member

adam291086

Posted
Posted

try this for login.php. Set the form action to got to itself

 

<?php
session_start(); 
require_once('Connections/conn_fanad.php');
require_once ('Connections/functions.php');


$errMsg = '';
if (isset($_POST['txtUserid'])) {

   // Check the user login. For now we only check it 
   // against a hardcoded value
    if ($_POST['txtUserid'] == 'bigbadwolf' && $_POST['txtUserpw'] == 'huffnpuff') {
        $_SESSION['isLogin'] = true;
      //header('location: index.html'); //Redirects it
      header('Location: index.php?page=list-album');
   exit;
    } else {
      $errMsg = "Wrong Id/Password";
    }      
} 
else
{
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<p> </p>
<?php
if ($errMsg != '') {
   echo '<p align="center"><font color="#990000">' . $errMsg . '</font></p>';
} 
?>
<form action="login.php" method="post" name="frmCampaign" id="frmCampaign">
<table align="center" width="500" border="0" cellpadding="2" cellspacing="1" bgcolor="#CCCCCC">
  <tr> 
   <td width="200" bgcolor="#336699"><font color="#FFFFFF"><strong>User Id</strong></font></td>
   <td bgcolor="#FFFFFF"><input name="txtUserid" type="text" id="txtUserid" value="bigbadwolf"></td>
  </tr>
  <tr> 
   <td width="200" bgcolor="#336699"><font color="#FFFFFF"><strong>Password</strong></font></td>
   <td bgcolor="#FFFFFF"><input name="txtUserpw" type="password" id="txtUserpw" value="huffnpuff"></td>
  </tr>
  <tr> 
   <td colspan="2" align="center" bgcolor="#FFFFFF"> <input type="submit" name="Submit" value="Submit"> 
   </td>
  </tr>
</table>
</form>
</body>
</html>
<?php
}
?>

poldenais Newbie

poldenais

Posted
  • Author
Posted

ALSO there is a function called checklogin() in the functions.php page

 

 

function checkLogin()

{

if (!isset($_SESSION['isLogin']) || $_SESSION['isLogin'] == false) {

header('Location: login.php');

exit;

}

}

micmania1 Member

micmania1

Posted
Posted

function checkLogin()

{

session_start();

  if (!isset($_SESSION['isLogin']) || $_SESSION['isLogin'] == false) {

      header('Location: login.php');

      exit;

  }

}

 

As far as I can see, you don't start the session on index.php.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.