justinede Posted June 21, 2009 Share Posted June 21, 2009 Hello All, I used a really simple login system from: http://www.phpeasystep.com/phptu/6.html I am having issues with the login_success page where it wont echo the person's username. I have this at the top making sure the user is logged in before they can see this page. <? session_start(); if(!session_is_registered(myusername)){ header("location:http://justinledelson.com"); } ?> I am putting <?php echo($myusername);?> where i want it to say Welcome: user Also, is it possible to say Welcome: user in the title? Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted June 21, 2009 Share Posted June 21, 2009 session_is_registered (and the other two related functions) was depreciated and turned off long ago in php4.2 in the year 2002. You need to use the $_SESSION array to both set and reference session variables. Quote Link to comment Share on other sites More sharing options...
justinede Posted June 21, 2009 Author Share Posted June 21, 2009 so would i just replace that with $_SESSION? i did this and i get an error. this is my new code: <? session_start(); if($_SESSION(myusername)){ header("location:http://justinledelson.com"); } ?> Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted June 21, 2009 Share Posted June 21, 2009 [] are used in arrays. <?php session_start(); if(isset($_SESSION['myusername'])){ header("location:http://justinledelson.com"); exit; // every header redirect needs an exit after it unless you are absolutely certain you want the rest of the code on the page to be executed while the browser performs the redirect. } ?> Also in the above code - Only use full php opening tags to make sure your code will be parsed on any server; use isset() to test a variable that might or might not exist to avoid generating an error; associative array index names are strings and must be quoted to avoid generating an error; and every header redirect needs an exit/die statement after it to prevent the remainder of the code on the page from being executed. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted June 21, 2009 Share Posted June 21, 2009 Your original code was testing if the session variable was NOT registered. Your revised code dropped the NOT condition, which I duplicated in the post above. My last post, with the NOT condition added - <?php session_start(); if(!isset($_SESSION['myusername'])){ header("location:http://justinledelson.com"); exit; // every header redirect needs an exit after it unless you are absolutely certain you want the rest of the code on the page to be executed while the browser performs the redirect. } ?> Quote Link to comment Share on other sites More sharing options...
justinede Posted June 21, 2009 Author Share Posted June 21, 2009 after using that, it just keeps redirecting me. i cant get in to see my page. would i need to modify the part in my check login? <?php ob_start(); $host=""; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name=""; // Database name $tbl_name=""; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Define $myusername and $mypassword $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:users/$myusername"); } else { echo "Wrong Username or Password"; } ob_end_flush(); ?> Quote Link to comment Share on other sites More sharing options...
wildteen88 Posted June 21, 2009 Share Posted June 21, 2009 You need to change session_register("myusername"); session_register("mypassword"); to $_SESSION['myusername'] = $myusername; $_SESSION['mypassword'] = $mypassword; Quote Link to comment Share on other sites More sharing options...
justinede Posted June 21, 2009 Author Share Posted June 21, 2009 for some reason, it still dosnt want to work. Keeps redirecting me. I will paste what I have. <?php ob_start(); $host=""; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name=""; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Define $myusername and $mypassword $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" $_SESSION['myusername'] = $myusername; $_SESSION['mypassword'] = $mypassword; header("location:users/$myusername"); } else { echo "Wrong Username or Password"; } ob_end_flush(); ?> and <?php session_start(); if(!isset($_SESSION['myusername'])){ header("location:http://justinledelson.com"); exit; // every header redirect needs an exit after it unless you are absolutely certain you want the rest of the code on the page to be executed while the browser performs the redirect. } ?> Quote Link to comment Share on other sites More sharing options...
wildteen88 Posted June 21, 2009 Share Posted June 21, 2009 Looks like you're not calling session_start in your login script. session_start() should be called at the start if your script whenever you are assigning or using your $_SESSION variables. Quote Link to comment Share on other sites More sharing options...
justinede Posted June 21, 2009 Author Share Posted June 21, 2009 oh yes. now it works.. possibly could you help me with another thing? so i am a user (Justin) and i log in and after everything is verified, I get sent to a page named Justin.php. on this page is this: <?php session_start(); if(!isset($_SESSION['myusername'])){ header("location:http://justinledelson.com"); exit; // every header redirect needs an exit after it unless you are absolutely certain you want the rest of the code on the page to be executed while the browser performs the redirect. } ?> this makes sure that no one who hasnt logged in can see that page. Right now, i have two accounts, if i log into one i can see the other users page and vise versa. I want to make it so no one but Justin can see that page. so if $myusername isnt Justin, i would get redirected back to index just like the people who hadnt logged in. Quote Link to comment Share on other sites More sharing options...
chmpdog Posted June 21, 2009 Share Posted June 21, 2009 here try this: <?php session_start(); if($_SESSION['myusername'] == "justin"){ header("location:http://justinledelson.com"); } else { exit; // every header redirect needs an exit after it unless you are absolutely certain you want the rest of the code on the page to be executed while the browser performs the redirect. } ?> Quote Link to comment Share on other sites More sharing options...
justinede Posted June 21, 2009 Author Share Posted June 21, 2009 I added that . Now when i login with justin, it instantly redirects me back to index. If i log in as someone else and try to go to justin.php, it gives me a blank screen. Quote Link to comment Share on other sites More sharing options...
pkedpker Posted June 21, 2009 Share Posted June 21, 2009 I added that but now if i log in it just shows a blank white screen on my page. because it doesn't do the header anymore it goes to the exit; and exit; terminates the script. Quote Link to comment Share on other sites More sharing options...
justinede Posted June 21, 2009 Author Share Posted June 21, 2009 I added that . Now when i login with justin, it instantly redirects me back to index. If i log in as someone else and try to go to justin.php, it gives me a blank screen. Quote Link to comment Share on other sites More sharing options...
justinede Posted June 21, 2009 Author Share Posted June 21, 2009 nevermind I fixed it.. here is what i am using. <?php session_start(); if($_SESSION['myusername'] !== "Justin"){ header("location:http://justinledelson.com"); exit; // every header redirect needs an exit after it unless you are absolutely certain you want the rest of the code on the page to be executed while the browser performs the redirect. } else { } ?> what this is saying is that if I am Justin, I can see this page. If am not logged in or I am a user not named justin it will redirect me to index. Quote Link to comment Share on other sites More sharing options...
pkedpker Posted June 21, 2009 Share Posted June 21, 2009 what do u want it to do? you could do <?php session_start(); if($_SESSION['myusername'] !== "Justin"){ header("location:http://justinledelson.com"); } else { header("location:http://indexSiteGoesHere.com"); } ?> you don't need the exit anywhere.. the php script is small it exits there anyways Quote Link to comment Share on other sites More sharing options...
justinede Posted June 21, 2009 Author Share Posted June 21, 2009 i posted something before you posted that. Quote Link to comment Share on other sites More sharing options...
pkedpker Posted June 21, 2009 Share Posted June 21, 2009 just saying u dont need the exit; anywhere.. if thats your whole script.. its useless Quote Link to comment Share on other sites More sharing options...
justinede Posted June 21, 2009 Author Share Posted June 21, 2009 oh alright. i will get rid of it. Quote Link to comment Share on other sites More sharing options...
chmpdog Posted June 21, 2009 Share Posted June 21, 2009 I put the root in the header redirect you need to put the page you want there. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted June 22, 2009 Share Posted June 22, 2009 Since the posted code would be put at the start of any page you want to restrict access to, you would not redirect when the if() test was false, because the remainder of the code on that page is the protected content that you only want to display if the visitor is authorized to receive that content. You would also put an exit/die after the redirect that is in the if() conditional to prevent the remainder of the code on the page from being executed while the browser is performing the redirect. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.