Jump to content

Recommended Posts

<?php
session_start();
header("Cache-control: private");
if(isset($_SESSION["id"]))
{
header("Location: index.php?page=myaccount");
}





if(isset($_POST['submit'])) {


$result = mysql_query("SELECT id, active FROM p_users WHERE email=('$_POST[email1]') AND password=('".md5($_POST['password1'])."')") or die(mysql_error());


            if (mysql_num_rows($result) == 0) {
				 $error .= '<div id=\"full_content\">The email and password you entered did not match with our database. <br /></div>';
		} else {
			 $worked = mysql_fetch_array($result);

       				if ($worked[active] == '0') {
      						$content .= '<div id=\"full_content\">You have not confirmed your e-mail address <br /></div>';
      		        } else {

                         $_SESSION["id"] = $worked[id];

                         header("Location: index.php?page=myaccount");


      			    }

		}

}

















$content .= "<div id=\"full_content\">

<form action=\"index.php?page=login\" method=\"post\" name=\"login\">


<p>Login Form</p>



$error


<table class=\"registration_form\" cellpadding=\"2\" cellspacing=\"0\" align=\"center\">


<tr><td align=\"right\">
Email Address
</td><td>
<td width=20></td>
<td>
<input type=\"text\" size=\"20\" name=\"email1\" value=\"\" />
</td></tr>

<tr><td align=\"right\">
Password
</td><td>
<td width=20></td>
<td>
<input type=\"password\" size=\"20\" name=\"password1\" value=\"\" />
</td></tr>


<tr><td align=\"right\">
<br />
</td><td>
<td width=20></td>
<td>
</td></tr>

<tr><td align=\"right\">
</td><td>
<td width=20></td>
<td align=\"right\">
<input type=\"submit\" name=\"submit\" class=\"textfield\" value=\"Login\" />
</td></tr>


</table>





</div>";



?>

 

Okay, basically this isn't setting the session id and I'm not seeing why it isn't so hopefully someone could point out my error? Thanks.

Link to comment
https://forums.phpfreaks.com/topic/141500-login-script-issue/
Share on other sites

<?php
session_start();
header("Cache-control: private");
if(isset($_SESSION["id"]))
{
header("Location: index.php?page=myaccount");
}





if(isset($_POST['submit'])) {


$result = mysql_query("SELECT id, active FROM p_users WHERE email=('$_POST[email1]') AND password=('".md5($_POST['password1'])."')") or die(mysql_error());


            if (mysql_num_rows($result) == 0) {
				 $error .= '<div id=\"full_content\">The email and password you entered did not match with our database. <br /></div>';
		} else {
			 $worked = mysql_fetch_array($result);

       				if ($worked[active] == '0') {
      						$content .= '<div id=\"full_content\">You have not confirmed your e-mail address <br /></div>';
      		        } else {

                         $_SESSION["id"] = $worked[id];

                         header("Location: index.php?page=myaccount");


      			    }

		}

}







echo "$worked[active] $worked[id]";









$content .= "<div id=\"full_content\">

<form action=\"index.php?page=login\" method=\"post\" name=\"login\">


<p>Login Form</p>



$error


<table class=\"registration_form\" cellpadding=\"2\" cellspacing=\"0\" align=\"center\">


<tr><td align=\"right\">
Email Address
</td><td>
<td width=20></td>
<td>
<input type=\"text\" size=\"20\" name=\"email1\" value=\"\" />
</td></tr>

<tr><td align=\"right\">
Password
</td><td>
<td width=20></td>
<td>
<input type=\"password\" size=\"20\" name=\"password1\" value=\"\" />
</td></tr>


<tr><td align=\"right\">
<br />
</td><td>
<td width=20></td>
<td>
</td></tr>

<tr><td align=\"right\">
</td><td>
<td width=20></td>
<td align=\"right\">
<input type=\"submit\" name=\"submit\" class=\"textfield\" value=\"Login\" />
</td></tr>


</table>





</div>";



?>

 

You can see where I added the echo. It isn't echoing anything and I am receiving no errors. Also, I had it just send me to the myaccount.php page ONCE, after clicking home page it was back to not accessible and the login continued to fail.

Link to comment
https://forums.phpfreaks.com/topic/141500-login-script-issue/#findComment-740683
Share on other sites

I tried that and it had no effect. Upon first entering email/password to login it took me to the myaccount page, which at the top of the page has:

 

session_start();
header("Cache-control: private");
if(!isset($_SESSION["id"]))
{
header("Location: index.php?page=login");
}

 

Once I left the page I could no longer access it. Session isn't setting for some reason.

Link to comment
https://forums.phpfreaks.com/topic/141500-login-script-issue/#findComment-741109
Share on other sites

Add the following two lines immediately after your first opening <?php tag -

ini_set ("display_errors", "1");
error_reporting(E_ALL);

 

Every header() redirect needs an exit; statement following it so that the remainder of the code on the page is not executed while the browser is requesting the target of the redirect.

 

Is that all the code on the page, because there is no logic connecting to your database so the mysql statements will fail. There is also no logic in the posted code to echo any of your errors or content.

Link to comment
https://forums.phpfreaks.com/topic/141500-login-script-issue/#findComment-741123
Share on other sites

It echos out through the index.php page, which is also where the database gets its connection. I can post the index page if needed, let me know.

 

Notice: A session had already been started - ignoring session_start() in /home/virtual/site21/fst/var/www/html/performance/login.php on line 4

Notice: Undefined variable: error in /home/virtual/site21/fst/var/www/html/performance/login.php on line 70

Link to comment
https://forums.phpfreaks.com/topic/141500-login-script-issue/#findComment-741124
Share on other sites

It's been posted twice now, above..

 

login.php:

<?php
ini_set ("display_errors", "1");
error_reporting(E_ALL);
session_start();
header("Cache-control: private");
if(isset($_SESSION["id"]))
{
header("Location: index.php?page=myaccount");
exit;
}



if(!isset($_SESSION["id"]))
{

if(isset($_POST['submit'])) {


$result = mysql_query("SELECT id, active FROM p_users WHERE email=('$_POST[email1]') AND password=('".md5($_POST['password1'])."')") or die(mysql_error());


            if (mysql_num_rows($result) == 0) {
				 $error .= '<div id=\"full_content\">The email and password you entered did not match with our database. <br /></div>';
		} else {
			 $worked = mysql_fetch_array($result);

       				if ($worked['active'] == '0') {
      						$content .= '<div id=\"full_content\">You have not confirmed your e-mail address <br /></div>';
      		        } else {

                         $_SESSION["id"] = $worked['id'];

                         header("Location: index.php?page=myaccount");
						exit;

      			    }

		}

}

}













echo session_id();

$content .= "<div id=\"full_content\">


<form action=\"index.php?page=login\" method=\"post\" name=\"login\">


<p>Login Form</p>



$error


<table class=\"registration_form\" cellpadding=\"2\" cellspacing=\"0\" align=\"center\">


<tr><td align=\"right\">
Email Address
</td><td>
<td width=20></td>
<td>
<input type=\"text\" size=\"20\" name=\"email1\" value=\"\" />
</td></tr>

<tr><td align=\"right\">
Password
</td><td>
<td width=20></td>
<td>
<input type=\"password\" size=\"20\" name=\"password1\" value=\"\" />
</td></tr>


<tr><td align=\"right\">
<br />
</td><td>
<td width=20></td>
<td>
</td></tr>

<tr><td align=\"right\">
</td><td>
<td width=20></td>
<td align=\"right\">
<input type=\"submit\" name=\"submit\" class=\"textfield\" value=\"Login\" />
</td></tr>


</table>





</div>";



?>

 

 

 

 

index.php

<?php
session_start();
header("Cache-control: private");

mysql_connect("localhost","**","**") or die(mysql_error());
mysql_select_db("**");

$content = '';

if (isset($_GET['page'])) {
$page = ($_GET['page']);
} else {
$page = "home";
}
include "$page.php";
?>

<html>
<head>

<title>BPE - Performance Parts Store</title>
<link href="stylesheet.css" rel="stylesheet" type="text/css" title="default" />

</head>
<body>

<div id="container">










<div id="container_left">

<img src="logo.jpg">
<br /><br />
<br /><br />

<div class="black_menu"><a href="/performance/">> Home Page</a></div>
<div class="black_menu">> Home</div>
<div class="black_menu">> Home</div>
<div class="black_menu">
<?php
if(isset($_SESSION["id"]))
{
?>
<a href="index.php?page=myaccount">> My Account</a>
<?php
} else {
?>
<a href="index.php?page=login">> Login</a>
<?php
}
?>
</div>
<div class="black_menu">> Contact Us</div>


<div class="cat_menu_title">CATEGORY</div>


<?php

$result = mysql_query("SELECT DISTINCT category FROM `p_products`") or DIE(mysql_error());
while($r = mysql_fetch_array($result))
{
  $id = $r['id'];
  $category = $r['category'];
  echo "<div class=\"cat_menu\"><a href=\"index.php?page=product_page&product_cat=$category\">$category</a></div>";
}



?>


</div>








<div id="container_right">

<div id="user_box">

<?php
if(isset($_SESSION["id"]))
{
?>



<?php
} else {
?>
<div id="outsidelogin">Not a member? <a href="index.php?page=register">Register Now!</a> | sign in box >>></div>
<div id="loginbox">
<table class=\"login_form\" cellpadding=\"2\" cellspacing=\"0\">
<tr><td>
Email
</td><td>box</td></tr>
<tr><td>
Password
</td><td>box</td></tr>
<tr><td>
</td><td>login</td></tr>
</table>
</div>
<?php
}
?>
</div>
<div class="spacer"></div>
<div id="featured_product"><img src="featured.jpg" /></div>
<div class="spacer"></div>

<div id="cat_box">    HOME > ETC</div>


<div class="spacer"></div>


<div id="product_container">

<?php
echo "$content";
?>

</div>



</div>


<div style="clear:both;"></div>
</div>

</body>
</html>

Link to comment
https://forums.phpfreaks.com/topic/141500-login-script-issue/#findComment-741163
Share on other sites

For your undefined error, you can fix it by doing

 

if(isset($_POST['submit'])) {

 

$error = "";

 

But there is nothing starting your session before line 4 of login.php, so either that is not the current code or you are not showing us something.

Link to comment
https://forums.phpfreaks.com/topic/141500-login-script-issue/#findComment-741167
Share on other sites

That is everything, I just threw in a

if(isset($logout))
{
unset ($_SESSION);
session_destroy();
header("Location: index.php");
exit;
}

 

into the index.php, now making it:

 

<?php
session_start();
header("Cache-control: private");

mysql_connect("localhost","berryequipment","gU8Kso8Y") or die(mysql_error());
mysql_select_db("berryequipment_net_db");

$content = '';

if(isset($logout))
{
unset ($_SESSION);
session_destroy();
header("Location: index.php");
exit;
}

if (isset($_GET['page'])) {
$page = ($_GET['page']);
} else {
$page = "home";
}
include "$page.php";
?>

<html>
<head>

<title>BPE - Performance Parts Store</title>
<link href="stylesheet.css" rel="stylesheet" type="text/css" title="default" />

</head>
<body>

<div id="container">










<div id="container_left">

<img src="logo.jpg">
<br /><br />
<br /><br />

<div class="black_menu"><a href="/performance/">> Home Page</a></div>
<div class="black_menu">> Home</div>
<div class="black_menu">> Home</div>
<div class="black_menu">
<?php
if(isset($_SESSION["id"]))
{
?>
<a href="index.php?page=myaccount">> My Account</a>
<?php
} else {
?>
<a href="index.php?page=login">> Login</a>
<?php
}
?>
</div>
<div class="black_menu">> Contact Us</div>


<div class="cat_menu_title">CATEGORY</div>


<?php

$result = mysql_query("SELECT DISTINCT category FROM `p_products`") or DIE(mysql_error());
while($r = mysql_fetch_array($result))
{
  $id = $r['id'];
  $category = $r['category'];
  echo "<div class=\"cat_menu\"><a href=\"index.php?page=product_page&product_cat=$category\">$category</a></div>";
}



?>


</div>








<div id="container_right">

<div id="user_box">

<?php
if(isset($_SESSION["id"]))
{
?>



<?php
} else {
?>
<div id="outsidelogin">Not a member? <a href="index.php?page=register">Register Now!</a> | sign in box >>></div>
<div id="loginbox">
<table class=\"login_form\" cellpadding=\"2\" cellspacing=\"0\">
<tr><td>
Email
</td><td>box</td></tr>
<tr><td>
Password
</td><td>box</td></tr>
<tr><td>
</td><td>login</td></tr>
</table>
</div>
<?php
}
?>
</div>
<div class="spacer"></div>
<div id="featured_product"><img src="featured.jpg" /></div>
<div class="spacer"></div>

<div id="cat_box">    HOME > ETC</div>


<div class="spacer"></div>


<div id="product_container">

<?php
echo "$content";
?>

</div>



</div>


<div style="clear:both;"></div>
</div>

</body>
</html>

 

Which I went to index.php?logout and it redirected me to index.php, I went back to login.php and it still showed that session_id.

index.php includes login.php and that's all that should be used, I'm not leaving anything out :/

 

 

 

edit: Fixed the variable error, still stuck with this error and this session_id being echo'd:

Notice: A session had already been started - ignoring session_start() in /home/virtual/site21/fst/var/www/html/performance/login.php on line 4

vh2nmus51cpeuhbcomgnucbom3

 

 

edit 2: That little logout bit isn't doing anything to that session_id, it's remaining the same. I've always used that bit of code as a logout so I don't know?

 

 

and edit 3: Notice: Undefined index: id in /home/virtual/site21/fst/var/www/html/performance/index.php on line 81

Found this hidden in the side, was unaware it was on the page until I just noticed it.

Link to comment
https://forums.phpfreaks.com/topic/141500-login-script-issue/#findComment-741176
Share on other sites

I know for a fact that it is redirecting me because when I put index.php?logout it sends me to index.php, removing the rest. It wouldn't do that without a redirect. Also, for shits n giggles I changed it to if($_GET['logout'] == 1) and went to index.php?logout=1 and got redirected, logout=3 and nothing. So it's running through those lines fine.

if(isset($logout))
{
unset ($_SESSION);
session_destroy();
echo "$logout";
}

 

Nothing gets echo'd.. though I could care less cause A: this isn't solving the problem either way, and B: there is no way it could get to the redirect if it wasn't firing off, and there's no way that ?logout would be removed from the url if it wasn't redirecting.

Link to comment
https://forums.phpfreaks.com/topic/141500-login-script-issue/#findComment-741196
Share on other sites

This may help some, on my index.php page alone, not going to my login page.

 

<?php
session_start();
header("Cache-control: private");

mysql_connect("localhost","berryequipment","gU8Kso8Y") or die(mysql_error());
mysql_select_db("berryequipment_net_db");

$content = '';

echo session_id();

unset ($_SESSION);
session_destroy();

echo session_id();


if (isset($_GET['page'])) {
$page = ($_GET['page']);
} else {
$page = "home";
}
include "$page.php";
?>

<html>
<head>

<title>BPE - Performance Parts Store</title>
<link href="stylesheet.css" rel="stylesheet" type="text/css" title="default" />

</head>
<body>

<div id="container">










<div id="container_left">

<img src="logo.jpg">
<br /><br />
<br /><br />

<div class="black_menu"><a href="/performance/">> Home Page</a></div>
<div class="black_menu">> Home</div>
<div class="black_menu">> Home</div>
<div class="black_menu">
<?php
if(isset($_SESSION["id"]))
{
?>
<a href="index.php?page=myaccount">> My Account</a>
<?php
} else {
?>
<a href="index.php?page=login">> Login</a>
<?php
}
?>
</div>
<div class="black_menu">> Contact Us</div>


<div class="cat_menu_title">CATEGORY</div>


<?php

$result = mysql_query("SELECT DISTINCT category FROM `p_products`") or DIE(mysql_error());
while($r = mysql_fetch_array($result))
{
  $id = $r['id'];
  $category = $r['category'];
  echo "<div class=\"cat_menu\"><a href=\"index.php?page=product_page&product_cat=$category\">$category</a></div>";
}



?>


</div>








<div id="container_right">

<div id="user_box">

<?php
if(isset($_SESSION["id"]))
{
?>



<?php
} else {
?>
<div id="outsidelogin">Not a member? <a href="index.php?page=register">Register Now!</a> | sign in box >>></div>
<div id="loginbox">
<table class=\"login_form\" cellpadding=\"2\" cellspacing=\"0\">
<tr><td>
Email
</td><td>box</td></tr>
<tr><td>
Password
</td><td>box</td></tr>
<tr><td>
</td><td>login</td></tr>
</table>
</div>
<?php
}
?>
</div>
<div class="spacer"></div>
<div id="featured_product"><img src="featured.jpg" /></div>
<div class="spacer"></div>

<div id="cat_box">    HOME > ETC</div>


<div class="spacer"></div>


<div id="product_container">

<?php
echo "$content";
?>

</div>



</div>


<div style="clear:both;"></div>
</div>

</body>
</html>

I put this

[code]
echo session_id();

unset ($_SESSION);
session_destroy();

echo session_id();

 

This echos vh2nmus51cpeuhbcomgnucbom3 every time I refresh the page, only once not both times.

Link to comment
https://forums.phpfreaks.com/topic/141500-login-script-issue/#findComment-741259
Share on other sites

Okay I've narrowed it down. It is something in this:

 

<?php
ini_set ("display_errors", "1");
error_reporting(E_ALL);
header("Cache-control: private");
if(isset($_SESSION["id"]))
{
header("Location: index.php?page=myaccount");
exit;
}

$error = "";


if(!isset($_SESSION["id"]))
{

if(isset($_POST['submit'])) {


$result = mysql_query("SELECT id, active FROM p_users WHERE email=('$_POST[email1]') AND password=('".md5($_POST['password1'])."')") or die(mysql_error());


            if (mysql_num_rows($result) == 0) {
				 $error .= '<div id=\"full_content\">The email and password you entered did not match with our database. <br /></div>';
		} else {
			 $worked = mysql_fetch_array($result);

       				if ($worked['active'] == '0') {
      						$content .= '<div id=\"full_content\">You have not confirmed your e-mail address <br /></div>';
      		        } else {

                         $_SESSION["id"] = $worked['id'];

                         header("Location: index.php?page=myaccount");
						exit;

      			    }

		}

}

}

 

I echo the session_id just after this and it's there. Though if I kill the session with

unset ($_SESSION);
session_destroy();

 

just before the echo, nothing displays. If I don't do it then I get: vh2nmus51cpeuhbcomgnucbom3

Link to comment
https://forums.phpfreaks.com/topic/141500-login-script-issue/#findComment-741341
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.