Jump to content

[SOLVED] losing login options after going to secondary pages

dennismonsewicz

By dennismonsewicz
in PHP Coding Help

 Share

Recommended Posts

dennismonsewicz Advanced Member

dennismonsewicz

Posted
Posted

I was able to fix a problem with a previous post that I was having with my code not logging in properly but now the code is logging in but once you go to a secondary page the login form reappears and you lose all of your options

 

<?php		
require "includes/sql.php";

	$error = $_GET['error'];

	switch($error) {
		case "username":
			$u_error = '<span style="color: red; display: block; font-size: 11px; padding: 5px; font-weight: bold">Username Invalid!</span>';
			break;

		case "password":
			$p_error = '<span style="color: red; display: block; font-size: 11px; padding: 5px; font-weight: bold">Password Incorrect!</span>';
			break;

		case "both":
			$b_error = '<span style="color: red; display: block; font-size: 11px; padding: 5px; font-weight: bold">An Error Occurred!</span>';
			break;
	}

	$action = $_GET['action'];

			switch($action) {
					case "logout":
						session_destroy();
						ob_end_flush();
						header("location:index.php");
					break;	
			}

if(isset($_POST['login_submit'])) {
	   if(!empty($_POST['username']))
	   {
		  $tmpUsername = stripslashes($_POST['username']);
		} else {
		header("location: index.php?error=username");
		}


	   if(!empty($_POST['password']))
	   {
		  $tmpPassword = stripslashes($_POST['password']);
	   } else {
		header("location: index.php?error=password");
		}
	   
	   if(empty($_POST['password']) && empty($_POST['username']))
	   {
		  header("location: index.php?error=both");
	   }
	   
		$login_ck_query = mysql_query("SELECT * FROM users WHERE username = '" . mysql_real_escape_string($tmpUsername) . "' AND password = '" . mysql_real_escape_string($tmpPassword) . "'")or die(mysql_error());
		$num_rows = mysql_num_rows($login_ck_query);

		if($num_rows > 0) {
			$_SESSION['username'] = $tmpUsername;

			$query = mysql_query("SELECT * FROM devotionals")or die(mysql_error());

			while($results = mysql_fetch_object($query))
				{								
					$writer = $results->writer;
					$publish = $results->publish;

					if($publish == 0)
						{
							$published = '<div class="publish-no">Not Approved!</div>';
						}

						$devotional_query .= '<li><a href="devotional.php?action=view&id=' . $results->devotional_id . '&writer=' . $writer . '">' . ucwords(strtolower($results->devotional_title)) . '</a>' . $published . '</li>';
				}
				if($_SESSION) {
				echo '<div class="accordion">';
					echo '<a class="title">My Profile</a>';
						echo '<div>';
							echo '<ul>';
								echo '<li><a href="index.php">Home</a></li>';
								echo '<li><a href="profile.php?tool=changepw">Change Password</a></li>';
								echo '<li><a href="index.php?action=logout">Logout</a></li>';
							echo '</ul>';
						echo '</div>';

					echo '<a class="title">Tools</a>';
						echo '<div>';
							echo '<ul>';
								echo '<li><a href="devotional.php?action=create">Create a Devotional</a></li>';
								echo '<li><a href="devotional.php?action=edit_list">Edit a Devotional</a></li>';
								echo '<li><a href="profile.php?tool=addfriend">Signup A Friend</a></li>';
								echo '<li><a href="email.php?action=emailafriend">Email A Friend</a></li>';
							echo '</ul>';
						echo '</div>';

					echo '<a class="title">Devotionals</a>';
						echo '<div>';
							echo '<ul>';
								echo $devotional_query;
							echo '</ul>';
					echo '</div>';

					 echo '<a class="title">Topics</a>';
						echo '<div>';
							echo '<ul>';
								echo '<li><a href="submit.php?action=addtopic">Submit a Topic</a></li>';
							echo '</ul>';
						echo '</div>';
				echo '</div>'; //div closes accordion div
				}

		}
} else {
	echo '<div class="accordion">';
		echo '<a class="title">Login</a>';
			echo '<div>';
				echo '<form action="index.php" method="post" name="login_form">';
						echo $b_error;
					echo '<label>Username:</label> <input type="text" name="username" id="username" />';
						echo $u_error;
					echo '<label>Password: </label> <input type="password" name="password" id="password" />';
						echo $p_error;
					echo '<input type="submit" id="submit" name="login_submit" value="" />';
				echo '</form>';
			echo '</div>'; 
		echo '</div>'; //closes accordion div
}
?>

KevinM1 Advanced Member

KevinM1

Posted
Posted

any ideas on this?

 

Where's session_start()?  Remember, you need to put that function at the beginning of every file you want to have session access.  If those options are dependent on the session data, they won't show unless you have session_start() invoked.

premiso Regular Member

premiso

Posted
Posted

i have it on the header.php file which is included on every single file... is this bad practice?

 

Nope, good practice, no need to duplicate code when you can add it in one file and include it with other code that each page uses.

 

I would however suggest:

    if($_SESSION) {

 

To be a unique identifier such as "loggedin"

 

    if($_SESSION['loggedin']) {

 

Just make sure to set that variable to be true when a user logs in.

KevinM1 Advanced Member

KevinM1

Posted
Posted

You should double-check your conditionals, and make sure they're all lined up, so-to-speak.  Make sure that when a valid login occurs, the process doesn't continue to show the login form.  To help you in this, you might want to comment out all of the code not related to an error state.  That way you know you're just dealing with the simplest case - a legit user.

dennismonsewicz Advanced Member

dennismonsewicz

Posted
  • Author
Posted

I loaded some older code for this page to get it back to working for now.. its not a live site yet so no biggy... Since this script is working I am going to update some of the code to meet some of my current coding standards and go from there. Thanks for all the help!

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.