Jump to content

PHP Membership System problem

Fruddy

By Fruddy
in PHP Coding Help

Recommended Posts

Fruddy Newbie

Fruddy

Posted
  • Author
Posted
yea, it does:
http://www.my-project.dk/test.php


Login.php:

[code]
<?php
if ($login_match == 1) {
    $_SESSION['username'] = $username;
    echo "du er logget ind som " ;
echo $username;
}else{
if (($message == "login_info") || ($message == "userinfo")) {
    if ($message == "login_info") {
    echo "Du har ikke skrevet dit brugernavn eller kodeord";
}
if ($message == "userinfo") {
    echo "dit brugernavn og kodeord matcher ikke sammen";
}
}
}
?>
<form action="checkuser.php" method="post" name="form1">
  <div align="justify">
    <table border="0" align="center">
      <tr>
        <td class="t11_grey">Brugernavn:</td></tr><tr>
        <td><input name="username" type="text" id="username"></td>
      </tr><br>
      <tr>
        <td class="t11_grey"><br>Kodeord</td></tr><tr>
        <td><input name="password" type="password" id="password"></td>
      </tr>
    <tr>
        <td><input type="submit" name="Submit" value="Submit"> <a href="http://www.my-project.dk/register.php"> <u>opret bruger</u></a></td>
      </td>
    </table>
  </div>
</form>  [/code]
  • Replies 56
  • Created
  • Last Reply
tomfmason Advanced Member

tomfmason

Posted
Posted
I'm sorry when I said to add that to your login script I meant the checkuser.php

like this

[code]<?php
session_start();
include ('db.php');
array_pop($_POST);
if ( get_magic_quotes_gpc() ) {
    $_POST= array_map('stripslashes', $_POST);
}
$username= mysql_real_escape_string(trim($_POST['username']));
$password= mysql_real_escape_string(trim($_POST['password']));
$mdpwd= md5($password);

if ((!$username) || (!$password)) {
    $message = "login_info";
    include("login.php");
exit();
}



$sql= sprintf("SELECT COUNT(*) AS login_match FROM `users` WHERE `username` = '%s' AND `password`= '%s'", $username, $mdpwd);
$res= mysql_query($sql) or die(mysql_error());
$login_match= mysql_result($res, 0, 'login_match');

if ( $login_match == 1 ) {
    $_SESSION['username']= "$username";
    include("somepage.php");
} else {
    $message = "userinfo";
include("login.php");
exit();
}
?>[/code]

I would change the login.php back to what it was.
tomfmason Advanced Member

tomfmason

Posted
Posted
are you pasting this exact code at the top of the protected file.

[code=php:0]
session_start();
if (!$_SESSION['username']) {
  echo "You must login to view this page";
  include("login.php");
  exit(1);
}
echo "You are logged in as <b>" . $_SESSION['username'] . " </b>";[/code]

If you used that checkuser.php that I posted with this ^ piece of code at the begining of the protected file. Then you should have no trouble.
Fruddy Newbie

Fruddy

Posted
  • Author
Posted
all pople can view all sites, i just want to make sure that i am logged in.

My checkuser:
[code]<?php
session_start();
include ('database.php');
array_pop($_POST);
if ( get_magic_quotes_gpc() ) {
    $_POST= array_map('stripslashes', $_POST);
}
$username= mysql_real_escape_string(trim($_POST['username']));
$password= mysql_real_escape_string(trim($_POST['password']));
$mdpwd= md5($password);

if ((!$username) || (!$password)) {
    $message = "login_info";
    include("login.php");
exit();
}



$sql= sprintf("SELECT COUNT(*) AS login_match FROM `users` WHERE `username` = '%s' AND `password`= '%s'", $username, $mdpwd);
$res= mysql_query($sql) or die(mysql_error());
$login_match= mysql_result($res, 0, 'login_match');

if ( $login_match == 1 ) {
    $_SESSION['username']= "$username";
  echo "Du er nu logget ind som<b> ";
echo $username;
echo "</b>";
} else {
    $message = "userinfo";
include("login.php");
exit();
}
?>[/code]


The login bar:
[code]   <?php
session_start();
if (!$_SESSION['username']) {
include ("login.php");
  exit(1);
}
else {
echo "Du er logget ind som <b>" . $_SESSION['username'] . " </b>";}
?>[/code]



tomfmason Advanced Member

tomfmason

Posted
Posted
Ok now in your checkuser.php change this
[code=php:0]if ( $login_match == 1 ) {
    $_SESSION['username']= "$username";
   echo "Du er nu logget ind som<b> ";
  echo $username;
  echo "</b>";
} else {
    $message = "userinfo";
    include("login.php");
    exit();
}
?>[/code]

[b]To this[/b]

[code=php:0]
if ( $login_match == 1 ) {
    $_SESSION['username']= "$username";
    echo "Du er nu logget ind som<b> ";
    include("some_protected_page.php");//this is were you want people to go after login
echo "</b>";
} else {
    $message = "userinfo";
    include("login.php");
    exit();
}[/code]



Now say you have a file called some_protected_page.php You would do this.

[code]
<?php
session_start();
if (!$_SESSION['username']) {
   echo "You must login to view this page";
   include("login.php");
   exit(1);
}
?>
<!---html goes below here--->
<html>
<head><title>Some Protected Page</title></head>

<body>
<p>
   <?php echo 'Hello <b> ' . $_SESSION['username'] . '</b> you are now viewing a protected page.'; ?>
</p>
</body>
</html>[/code]


Give this a try and you will see the proper use
  • 3 months later...

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.