Jump to content

PHP Membership System problem

Fruddy

By Fruddy
in PHP Coding Help

 Share

Recommended Posts

Fruddy Newbie

Fruddy

Posted
  • Author
Posted
yea, it does:
http://www.my-project.dk/test.php


Login.php:

[code]
<?php
if ($login_match == 1) {
    $_SESSION['username'] = $username;
    echo "du er logget ind som " ;
echo $username;
}else{
if (($message == "login_info") || ($message == "userinfo")) {
    if ($message == "login_info") {
    echo "Du har ikke skrevet dit brugernavn eller kodeord";
}
if ($message == "userinfo") {
    echo "dit brugernavn og kodeord matcher ikke sammen";
}
}
}
?>
<form action="checkuser.php" method="post" name="form1">
  <div align="justify">
    <table border="0" align="center">
      <tr>
        <td class="t11_grey">Brugernavn:</td></tr><tr>
        <td><input name="username" type="text" id="username"></td>
      </tr><br>
      <tr>
        <td class="t11_grey"><br>Kodeord</td></tr><tr>
        <td><input name="password" type="password" id="password"></td>
      </tr>
    <tr>
        <td><input type="submit" name="Submit" value="Submit"> <a href="http://www.my-project.dk/register.php"> <u>opret bruger</u></a></td>
      </td>
    </table>
  </div>
</form>  [/code]
  • Replies 56
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

tomfmason Advanced Member

tomfmason

Posted
Posted
I'm sorry when I said to add that to your login script I meant the checkuser.php

like this

[code]<?php
session_start();
include ('db.php');
array_pop($_POST);
if ( get_magic_quotes_gpc() ) {
    $_POST= array_map('stripslashes', $_POST);
}
$username= mysql_real_escape_string(trim($_POST['username']));
$password= mysql_real_escape_string(trim($_POST['password']));
$mdpwd= md5($password);

if ((!$username) || (!$password)) {
    $message = "login_info";
    include("login.php");
exit();
}



$sql= sprintf("SELECT COUNT(*) AS login_match FROM `users` WHERE `username` = '%s' AND `password`= '%s'", $username, $mdpwd);
$res= mysql_query($sql) or die(mysql_error());
$login_match= mysql_result($res, 0, 'login_match');

if ( $login_match == 1 ) {
    $_SESSION['username']= "$username";
    include("somepage.php");
} else {
    $message = "userinfo";
include("login.php");
exit();
}
?>[/code]

I would change the login.php back to what it was.
tomfmason Advanced Member

tomfmason

Posted
Posted
are you pasting this exact code at the top of the protected file.

[code=php:0]
session_start();
if (!$_SESSION['username']) {
  echo "You must login to view this page";
  include("login.php");
  exit(1);
}
echo "You are logged in as <b>" . $_SESSION['username'] . " </b>";[/code]

If you used that checkuser.php that I posted with this ^ piece of code at the begining of the protected file. Then you should have no trouble.
Fruddy Newbie

Fruddy

Posted
  • Author
Posted
all pople can view all sites, i just want to make sure that i am logged in.

My checkuser:
[code]<?php
session_start();
include ('database.php');
array_pop($_POST);
if ( get_magic_quotes_gpc() ) {
    $_POST= array_map('stripslashes', $_POST);
}
$username= mysql_real_escape_string(trim($_POST['username']));
$password= mysql_real_escape_string(trim($_POST['password']));
$mdpwd= md5($password);

if ((!$username) || (!$password)) {
    $message = "login_info";
    include("login.php");
exit();
}



$sql= sprintf("SELECT COUNT(*) AS login_match FROM `users` WHERE `username` = '%s' AND `password`= '%s'", $username, $mdpwd);
$res= mysql_query($sql) or die(mysql_error());
$login_match= mysql_result($res, 0, 'login_match');

if ( $login_match == 1 ) {
    $_SESSION['username']= "$username";
  echo "Du er nu logget ind som<b> ";
echo $username;
echo "</b>";
} else {
    $message = "userinfo";
include("login.php");
exit();
}
?>[/code]


The login bar:
[code]   <?php
session_start();
if (!$_SESSION['username']) {
include ("login.php");
  exit(1);
}
else {
echo "Du er logget ind som <b>" . $_SESSION['username'] . " </b>";}
?>[/code]



tomfmason Advanced Member

tomfmason

Posted
Posted
Ok now in your checkuser.php change this
[code=php:0]if ( $login_match == 1 ) {
    $_SESSION['username']= "$username";
   echo "Du er nu logget ind som<b> ";
  echo $username;
  echo "</b>";
} else {
    $message = "userinfo";
    include("login.php");
    exit();
}
?>[/code]

[b]To this[/b]

[code=php:0]
if ( $login_match == 1 ) {
    $_SESSION['username']= "$username";
    echo "Du er nu logget ind som<b> ";
    include("some_protected_page.php");//this is were you want people to go after login
echo "</b>";
} else {
    $message = "userinfo";
    include("login.php");
    exit();
}[/code]



Now say you have a file called some_protected_page.php You would do this.

[code]
<?php
session_start();
if (!$_SESSION['username']) {
   echo "You must login to view this page";
   include("login.php");
   exit(1);
}
?>
<!---html goes below here--->
<html>
<head><title>Some Protected Page</title></head>

<body>
<p>
   <?php echo 'Hello <b> ' . $_SESSION['username'] . '</b> you are now viewing a protected page.'; ?>
</p>
</body>
</html>[/code]


Give this a try and you will see the proper use
  • 3 months later...
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.