Login and Session Problem

[ballouta]

Hello

 

I am new to sessions, i tried to use sessions in login but i have a problem.

The user has a login page, after submitted I validate his/her username and password (select query), after that I wrote this (i think here's the big problem):

<?php
$_SESSION['username'] = "$user";
?>

then all other subpages are working correctly according to this session variable.

When the member tries to return back to his Main Page (the page that appeared after login in). The code fails because it begins with a query to check for username and password WHERE this member is already logged in.

 

Please guide me how to begin a good validation for username and password combining it with a session.

 

Thanks in advance.

[CroNiX]

maybe on the main page have something like:

<?php
if(isset($_SESSION['username'])) {
    //user already logged in, continue normally
} else {
    //not logged in, prompt for login info
}

[ballouta]

Thanks I will apply note,

 

a short question please, i have this posted variable, how do i apply the trim fucntion on it?

$user=$_POST['user'];

 

thank you

[iversonm]

$user=trim($_POST['user']);

[ballouta]

thanks, another short question

 

<?php
$result=mysql_query("select * from `members` where COLLATE latin1_bin user='" . $_SESSION['username'] . "' and pass='" . $_SESSION['password'] . "'"); 
?>

 

does the 'COLLATE latin1_bin' here applie sonly on the variable user? if yes, do i add it like this?

<?php
$result=mysql_query("select * from `members` where COLLATE latin1_bin user='" . $_SESSION['username'] . "' and  COLLATE latin1_bin pass='" . $_SESSION['password'] . "'"); 
?>

 

Thank You