Jump to content

Session help

Worqy

By Worqy
in PHP Coding Help

Recommended Posts

Worqy Member

Worqy

Posted
Posted

Hello.

I'm very new to this forum, just 5minutes of membership. And I'm very new to PHP to.

I need some help setting up a session system on my login script.

Here is my PHP files:

login.php

# <html>
# <form name="form1" method="post" action="checklogin.php">
# <head>
#     <meta http-equiv="Content-Language" content="fi">
#     <title>Login</title>
# </head>
# <body bgcolor="#666666">
#  
#  
# <p align="center"><font face="Aharoni" size="5">Login</font></p>
# <p align="left">             
# Login</p>
#  
# <input name="myusername" type="text" id="myusername"> 
# <p>
# <input name="mypassword" type="password" id="mypassword"></p>
#            
# <input type="submit" name="Submit" value="Login">
# </body>
# </form>
# </html>

 

login_success.php

   1. <?php
   2. // Check if session is not registered , redirect back to main page.
   3. // Put this code in first line of web page.
   4. session_start();
   5. if(!session_is_registered(myusername)){
   6. header("Location:login.php");
   7. }
   8. ?>
   9.  
  10. <html>
  11.  
  12. <head>
  13. <meta http-equiv="Content-Language" content="fi">
  14. <meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
  15. <title>Login Success</title>
  16.  
  17. <body bgcolor="#666666" onload="FP_preloadImgs(/*url*/'button6.jpg',/*url*/'button7.jpg',/*url*/'button9.jpg',/*url*/'buttonA.jpg',/*url*/'buttonC.jpg',/*url*/'buttonD.jpg')">
  18.  
  19. <p align="center"> </p>
  20. <p align="center"><i><font size="5" face="Aharoni">You have been logged in
  21. successfully!</font></i></p>
  22. <p align="center"> </p>
  23. <p align="left"> </p>
  24. <p align="left"> </p>
  25. <p align="left"><a href="index.php">
  26. <img border="0" id="img2" src="button8.jpg" height="20" width="100" alt="Main Page" onmouseover="FP_swapImg(1,0,/*id*/'img2',/*url*/'button9.jpg')" onmouseout="FP_swapImg(0,0,/*id*/'img2',/*url*/'button8.jpg')" onmousedown="FP_swapImg(1,0,/*id*/'img2',/*url*/'buttonA.jpg')" onmouseup="FP_swapImg(0,0,/*id*/'img2',/*url*/'button9.jpg')" fp-style="fp-btn: Brick Row 9" fp-title="Main Page"></a></p>
  27. <p align="left"><a href="cpanel.php">
  28. <img border="0" id="img3" src="buttonB.jpg" height="20" width="100" alt="cPanel" onmouseover="FP_swapImg(1,0,/*id*/'img3',/*url*/'buttonC.jpg')" onmouseout="FP_swapImg(0,0,/*id*/'img3',/*url*/'buttonB.jpg')" onmousedown="FP_swapImg(1,0,/*id*/'img3',/*url*/'buttonD.jpg')" onmouseup="FP_swapImg(0,0,/*id*/'img3',/*url*/'buttonC.jpg')" fp-style="fp-btn: Brick Row 9" fp-title="cPanel"></a></p>
  29. <p align="left"><a href="logout.php">
  30. <img border="0" id="img1" src="button5.jpg" height="20" width="100" alt="Logout" onmouseover="FP_swapImg(1,0,/*id*/'img1',/*url*/'button6.jpg')" onmouseout="FP_swapImg(0,0,/*id*/'img1',/*url*/'button5.jpg')" onmousedown="FP_swapImg(1,0,/*id*/'img1',/*url*/'button7.jpg')" onmouseup="FP_swapImg(0,0,/*id*/'img1',/*url*/'button6.jpg')" fp-style="fp-btn: Brick Row 9" fp-title="Logout"></a></p>
  31.  
  32. </body>
  33.  
  34. </html>
  35. 

and the coming cPanel.php

   1. <?php
   2.  
   3. session_start();
   4.  
   5. if (!(isset($_SESSION['login']) && $_SESSION['login'] != '')) {
   6. header ("Location: login.php");
   7. }
   8.  
   9. ?>
  10.  
  11. <html>
  12. <head>
  13.     <title>Control Panel</title>
  14. </head>
  15. <body>
  16.  
  17. Control Panel
  18.  
  19. </body>
  20. </html>

 

Now I've tried to set up somekind of session system in the cPanel.php, but it doesn't work. I locates me to the login.php even if I'm logged in!

//KevinR

Link to comment
https://forums.phpfreaks.com/topic/191349-session-help/
Share on other sites
wildteen88 Regular Member

wildteen88

Posted
Posted

Don't use session_resister when creating your _SESSION variables. Always do

$_SESSION['var_name'] = 'some value';

 

Also when checking if a session variable exists use isset rather than using session_is_registered

if(isset($_SESSION['var_name']))
{
    // do what ever
}

 

session_resister and session_is_registered are old functions which should no longer be used.

 

In any page you use session make sure you have session_start at the start of your scripts.

Link to comment
https://forums.phpfreaks.com/topic/191349-session-help/#findComment-1008998
Share on other sites
Worqy Member

Worqy

Posted
  • Author
Posted

Now my does look like this:

checklogin.php

<?php
$host="localhost"; // Host name
$username="root"; // Mysql username
$password="160995kk"; // Mysql password
$db_name="Game"; // Database name
$tbl_name="members"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
$_SESSION['myusername'] = 'sUsername';
$_SESSION['mypassword'] = 'sPassword';
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

 

login_success.php

<?php
// Check if session is not registered , redirect back to main page.
// Put this code in first line of web page.
session_start();
if(isset($_SESSION['sUsername']))
header("Location:login.php");

?>

<html> 

<head>
<meta http-equiv="Content-Language" content="fi">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Login Success</title>

<body bgcolor="#666666" onload="FP_preloadImgs(/*url*/'button6.jpg',/*url*/'button7.jpg',/*url*/'button9.jpg',/*url*/'buttonA.jpg',/*url*/'buttonC.jpg',/*url*/'buttonD.jpg')">

<p align="center"> </p>
<p align="center"><i><font size="5" face="Aharoni">You have been logged in 
successfully!</font></i></p>
<p align="center"> </p>
<p align="left"> </p>
<p align="left"> </p>
<p align="left"><a href="index.php">
<img border="0" id="img2" src="button8.jpg" height="20" width="100" alt="Main Page" onmouseover="FP_swapImg(1,0,/*id*/'img2',/*url*/'button9.jpg')" onmouseout="FP_swapImg(0,0,/*id*/'img2',/*url*/'button8.jpg')" onmousedown="FP_swapImg(1,0,/*id*/'img2',/*url*/'buttonA.jpg')" onmouseup="FP_swapImg(0,0,/*id*/'img2',/*url*/'button9.jpg')" fp-style="fp-btn: Brick Row 9" fp-title="Main Page"></a></p>
<p align="left"><a href="cpanel.php">
<img border="0" id="img3" src="buttonB.jpg" height="20" width="100" alt="cPanel" onmouseover="FP_swapImg(1,0,/*id*/'img3',/*url*/'buttonC.jpg')" onmouseout="FP_swapImg(0,0,/*id*/'img3',/*url*/'buttonB.jpg')" onmousedown="FP_swapImg(1,0,/*id*/'img3',/*url*/'buttonD.jpg')" onmouseup="FP_swapImg(0,0,/*id*/'img3',/*url*/'buttonC.jpg')" fp-style="fp-btn: Brick Row 9" fp-title="cPanel"></a></p>
<p align="left"><a href="logout.php">
<img border="0" id="img1" src="button5.jpg" height="20" width="100" alt="Logout" onmouseover="FP_swapImg(1,0,/*id*/'img1',/*url*/'button6.jpg')" onmouseout="FP_swapImg(0,0,/*id*/'img1',/*url*/'button5.jpg')" onmousedown="FP_swapImg(1,0,/*id*/'img1',/*url*/'button7.jpg')" onmouseup="FP_swapImg(0,0,/*id*/'img1',/*url*/'button6.jpg')" fp-style="fp-btn: Brick Row 9" fp-title="Logout"></a></p>

</body>

</html>

 

cpanel.php

<?php

session_start();

if(isset($_SESSION['sUsername']) && isset($_SESSION['sPassword'])){
    echo "Hello!";
}


?> 

<html>
<head>
<title>Control Panel</title>
</head>
<body>

Control Panel

</body>
</html>

 

logout.php

<?php
session_start();
session_destroy();
?>

 

But I can still got access to cpanel.php even if I logout...

 

Ps. Osrry for that I havent posted in a long time. My pc broke down

Link to comment
https://forums.phpfreaks.com/topic/191349-session-help/#findComment-1011901
Share on other sites
wildteen88 Regular Member

wildteen88

Posted
Posted
But I can still got access to cpanel.php even if I logout...

In cpanel.php you have no code that stops users that are not logged in from accessing it. You should change these lines in cpanel.php

if(isset($_SESSION['sUsername']) && isset($_SESSION['sPassword'])){
    echo "Hello!";
}

to

if(!isset($_SESSION['sUsername'], $_SESSION['sPassword'])){
    header('Location: login.php'); exit;
}

Link to comment
https://forums.phpfreaks.com/topic/191349-session-help/#findComment-1012052
Share on other sites
Worqy Member

Worqy

Posted
  • Author
Posted

But I can still got access to cpanel.php even if I logout...

In cpanel.php you have no code that stops users that are not logged in from accessing it. You should change these lines in cpanel.php

if(isset($_SESSION['sUsername']) && isset($_SESSION['sPassword'])){
    echo "Hello!";
}

to

if(!isset($_SESSION['sUsername'], $_SESSION['sPassword'])){
    header('Location: login.php'); exit;
}

 

But now I get this problem: I login, I go to cPanel, and I directs me back to login.php

Link to comment
https://forums.phpfreaks.com/topic/191349-session-help/#findComment-1012071
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.