[SOLVED] simple login help

[mikevarela]

have a login form, then redirect to successful page upon verifying credentials

 

here's the success page

 

<?php
session_start();
if(!session_is_registered(email)) {
header("location: /client_login.php");
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>NuanceTone Client Access</title>
</head>
<body>
<p>Welcome <strong><?php echo $_SESSION['email']; ?></strong></p>
</body>
</html>

 

and here's the html output, whoch is driving me crazy cause it isn't what I want and I know it's simple.

 

Notice: Use of undefined constant email - assumed 'email' in /Users/Mike/Sites/test/login_success.php on line 3
Welcome ************

[lonewolf217]

what about

 

<?php
if(!isset($_SESSION['email'])) {
   header("location: /client_login.php");
}

 

I am not entirely sure what the other function does, but from this it looks like it shouldn't work

http://us2.php.net/manual/en/function.session-is-registered.php

[mikevarela]

yeah, this is exactly what i was looking for. Feel a little retarded, thanks

[lonewolf217]

cool, dont forget to mark the topic solved

[mikevarela]

Actually, just implemented it and I get a redirect back to the login form, seems like the $_SESSION['email'] wasn't correctly set or remembered. Can't figure out why cause I have session_start(); at the beginning of the check.php and login_success.php files.

 

----

Sorry for all the code, but think it might help

 

check login page

 

<?php

session_start();

ob_start();


// Setup variables for database
$host="localhost"; // Host name
$username="root@localhost"; // Mysql username
$password=""; // Mysql password
$db_name="test"; // Database name
$tbl_name="members"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// Define $email and $password
$email=$_POST['email'];
$password=$_POST['password'];

// To protect MySQL injection (more detail about MySQL injection)
$email = stripslashes($email);
$password = stripslashes($password);
$email = mysql_real_escape_string($email);
$password = mysql_real_escape_string($password);

$sql="SELECT * FROM $tbl_name WHERE email='$email' and password='$password'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $email and $password, table row must be 1 row

if($count==1){
// Register $email, $password and redirect to file "login_success.php"
//session_register("email");
//session_register("password");

$_SESSION['email'];
$_SESSION['password'];
header("location: login_success.php");
}
else {
echo "<p>Wrong Email or Password</p>";
}

ob_end_flush();

 

 

 

--------------------

and login success page

 

 

<?php
session_start();

if(!isset($_SESSION['email'])) {
   header("location: client_login.php");
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>NuanceTone Client Access</title>
</head>
<body>
<p>Welcome <strong><?php echo $_SESSION['email']; ?></strong></p>
</body>
</html>

[TeNDoLLA]

Thats because you don't "set" the session variables. Give them some value. Even empty string or NULL will do.

[lonewolf217]

10 seconds too late, but yes, you aren't declaring a value for these two, assume you mean to do something like this

<?php
$_SESSION['email'] = $email;
$_SESSION['password'] = $password;

[mikevarela]

Thanks guys, last post worked.