twilitegxa Posted July 11, 2009 Share Posted July 11, 2009 In the following script, it allows the user to log in, and displays the page that points to the secret page link, but when you click the secret page link, it keeps directing you back to the log in page. Can someone see what I'm doing wrong? Here is all the scripts being used: Log In Form: <html> <head> <title>User Login Form</title> </head> <body> <h1>Login Form</h1> <form method="post" action="listing15.8.php"> <p><strong>Username:</strong> <input type="text" name="username"></p> <p><strong>Password:</strong> <input type="password" name="password"></p> <p><input type="submit" name="submit" value="Login"</p> </form> </body> </html> User Log In Page: <?php //check for required fields from the form if ((!$_POST['username']) || (!$_POST['password'])) { header("Location: listing15.7.php"); exit; } //connect to server and select database $conn = mysql_connect("localhost", "root", "") or die(mysql_error()); mysql_select_db("smrpg",$conn) or die(mysql_error()); //create and issue the query $sql = "select f_name, l_name from auth_users where username = '$_POST[username]' AND password = password('$_POST[password]')"; $result = mysql_query($sql,$conn) or die(mysql_error()); //get the number of rows in the result set; should be 1 if a match if (mysql_num_rows($result) == 1) { //if authorized, get the value of f_name l_name $f_name = mysql_result($result, 0, 'f_name'); $l_name = mysql_result($result, 0, 'l_name'); //set authorization cookie setcookie("auth", "1", 0, "/", "yourdomain.com", 0); //prepare message for printing, and user menu $msg = "<p>$f_name $l_name is authorized!</p>"; $msg .= "<p>Authorized Users' Menu:</p>"; $msg .= "<ul><li><a href=\"listing15.9.php\">secret page</a></li></ul>"; } else { //redirect back to login if not authorized header("Location: listing15.7.php"); exit; } ?> <html> <head> <title>Listing 15.8 User Login</title> </head> <body> <?php print "$msg"; ?> </body> </html> Secret/Restricted Page: <?php if ($_COOKIE['auth'] == "1") { $msg = "<p>You are an authorized user.</p>"; } else { //redirect back to login form if not authorized header("Location: listing15.7.php"); exit; } ?> <html> <head> <title>Listing 15.9 Accessing a restricted page</title> </head> <body> <?php print "$msg"; ?> </body> </html> What am I doing wrong? Quote Link to comment Share on other sites More sharing options...
AviNahum Posted July 11, 2009 Share Posted July 11, 2009 i think the problem is in setcookie... look again at the manual setcookie(name, value, expire, path, domain); so your cookies expire is 0 try this: setcookie("cookie_name", "1", time()+3600); Quote Link to comment Share on other sites More sharing options...
twilitegxa Posted July 11, 2009 Author Share Posted July 11, 2009 Thank you so much! That was exactly the right solution! Quote Link to comment Share on other sites More sharing options...
AviNahum Posted July 11, 2009 Share Posted July 11, 2009 your welcome, if you have some more questions, ask... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.