Jump to content

Recommended Posts

if (@$_SESSION['auth'] = "yes")

should be

if (@$_SESSION['auth'] == "yes")

 

And really, the whole code should be this (IMO):

<?php
session_start();
if(isset($_SESSION['auth']) && $_SESSION['auth']!='yes') 
   session_destroy();
header("Location: home.php");
?>

hmm thats now working. im ALWAYS logged in for some reason. I restricted a page like this and it worked earlier...sent me to the login page because i wasn't logged in. i have this to tell me if im logged in.

<?php
	 if (@$_SESSION['auth'] = "yes")
           {
            echo "signed in";
           }
	  else 
              {
               echo "Log in please";
              }			   
?>  

and then i have this to logout but it still displays 'signed in'. I made a button to run the logout script...and this isn't working.

<?php
session_start();
if(isset($_SESSION['auth']) && $_SESSION['auth']!='yes') 
   session_destroy();
   $_SESSION['auth']=="";
header("Location: /test/project12.php");
?>

heres my login script if that helps, i just noticed it doesn't work either...i tried to modify it, but it just goes back to the homepage(project12.php) whatever i type in the form field....

 

<?php
/* Program: Login.php
* Desc:    Login program for the Members Only. 
*          (1) enter a new login name. Login Names and 
*          passwords are stored in a MySQL database. 
*/
session_start();                                      # 9
include("caneck.inc");                                  #10
switch (@$_POST['do'])                                #11
{
   case "login":  
   
     $cxn = mysqli_connect($host, $user,$passwd,$dbname) 
            or die ("Couldn't connect to server.");    #15

		//clean input
     $cleanusername1 = strip_tags(trim($_POST[fusername]));
     $cleanusername2 = mysqli_real_escape_string($cxn,$cleanusername1);        

 $cleanpass1 = strip_tags(trim($_POST[fusername]));
 $cleanpass2 = mysqli_real_escape_string($cxn,$cleanpass1);

     $sql = "SELECT loginName, active FROM Member 
             WHERE loginName='$cleanusername2'";     #18
     $result = mysqli_query($cxn,$sql)
               or die("Couldn't execute query.");      #20
     $num = mysqli_num_rows($result); 
     $row = mysqli_fetch_assoc($result);	 
     if ($num > 0)  // login name was found            #22
     {
        $sql = "SELECT loginName FROM Member 
                WHERE loginName='$cleanusername2'
                AND password=md5('$cleanpass2')";
        $result2 = mysqli_query($cxn,$sql)
                   or die("Couldn't execute query 2.");
        $num2 = mysqli_num_rows($result2);
        if ($num2 > 0)  // password is correct         #30
        {
	    
	   if($row['active'] < 1)//check if they are confirmed
			{
				header("Location: /test/project12.php"); 
			}
		else{	
           $_SESSION['auth']="yes";                    #32
           $logname=$_POST['fusername']; 
           $_SESSION['logname'] = $logname;
           $_SESSION['active'] = $row['active'];		   #34
           $today = date("Y-m-d h:i:s");               #35
           $sql = "INSERT INTO Login (loginName,loginTime)
                   VALUES ('$logname','$today')";
           $result = mysqli_query($cxn,$sql) 
                     or die("Can't execute insert query.");
           header("Location: /test/testdis.php");        #40
                }       
	}
        else    // password is not correct             #42
        {
           $message="The Login Name, '$_POST[fusername]' 
                     exists, but you have not entered the 
                     correct password! Please try again.<br>";
           
	   header("Location: /Members/Login.php");
        } 
     }                                                 #49
     elseif ($num == 0)  // login name not found       #50
     {   
        $message = "The Login Name you entered does not 
                    exist! Please try again.<br>";
       
	 header("Location: /test/project12.php");
     }
   break;                                              #56

    default:                                          #223
        include("login_form2.php");
  }
   
   ?>

 

Let's go back to the basic operators:

 

Assignment operator:

$a = 1

Assigns value 1 to variable a

 

Equal operator:

if($a==1)

Check to see if variable a is equal to 1

 

Not equal operator (not and equal operator combined ;)):

if($a!=1)

Check to see if variable a is not equal to 1

 

So...

<?php
if (isset($_SESSION['auth']) && $_SESSION['auth']== "yes") {
    echo "signed in";
} else {
    echo "Log in please";
}			   
?> 

<?php
session_start();
if(isset($_SESSION['auth']) && $_SESSION['auth']!='yes') {
   session_destroy();
   $_SESSION['auth']=""; // you want to set this, not compare it 
}
header("Location: /test/project12.php"); // always redirect
?>

still not working...i don't freaking understand...

 

i have this to tell me if im logged in

if (@$_SESSION['auth'] = "yes")
           {
            echo "Signed In";
           }
	  else 
              {
               echo "Log in please";
              }			   

 

i have this to restric a certain page, but im always loggen in so i can always access it

if (@$_SESSION['auth'] != "yes")
{
   header("Location: /Members/Login2.php");
   }

and then the logout script which does nothing...the logout button is located on the same page im redirecting to(project12.php)

<?php
session_start();
if(isset($_SESSION['auth']) && $_SESSION['auth']!='yes') {
   session_destroy();
   $_SESSION['auth']=""; // you want to set this, not compare it 
}
header("Location: /test/project12.php"); // always redirect to home
?>

Well, I admit I made a mistake in my earlier code:

<?php
session_start();
if(isset($_SESSION['auth']) && $_SESSION['auth']!='yes') {
   session_destroy();
   $_SESSION['auth']=""; // you want to set this, not compare it 
}
header("Location: /test/project12.php"); // always redirect to home
?>

 

should be:

<?php
session_start();
if(isset($_SESSION['auth']) && $_SESSION['auth']=='yes') {
   session_destroy();
   $_SESSION['auth']=""; // you want to set this, not compare it 
}
header("Location: /test/project12.php"); // always redirect to home
?>

my apologies

nada...welp i have figured something wierd out....this snipped will always say Signed In...no clue why...i made that session up...it doesn't exist anywhere except right there...there shouldn't be ANYTHING in it, especially a word.

 

if ($_SESSION['author'] =  "yes")
           {
            echo "Signed In";
           }
	  else 
              {
               echo "Log in please";
              }			   

FINALLY GOT IT WORKING...not sure what i did..here are the parts if anyone is interested ha

 

to tell me if logged in or not

<?php
	 if (@$_SESSION['auth'] != "yes")
           {
            echo "Log in please";
           }
	  else 
              {
               echo "Signed In";
              }			   
?>  

 

logout script

 

<?php
session_start();
session_unset();
session_destroy();
unset($_SESSION['auth']);
header("Location: /test/project12.php"); // always redirect
?>

 

nada...welp i have figured something wierd out....this snipped will always say Signed In...no clue why...i made that session up...it doesn't exist anywhere except right there...there shouldn't be ANYTHING in it, especially a word.

 

if ($_SESSION['author'] =  "yes")
           {
            echo "Signed In";
           }
	  else 
              {
               echo "Log in please";
              }			   

Just thought I would pint where the error was; you where trying to change the variable instead of checking it. So where you've said if ($_SESSION['author'] =  "yes") that means change the session to yes when it should of been

if ($_SESSION['author'] ==  "yes")

 

Notice the difference? There is an extra equals sign.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.