tobimichigan Posted March 22, 2010 Share Posted March 22, 2010 Hello Code Gurus, Please could anyone point what I am missing in this code? This one is for logging in: <?php //session_start(); include("cn.php"); $msg = ""; if (isset($_POST['Submit'])) { $username = $_POST['username']; $password = $_POST['password']; $logres = mysql_num_rows(mysql_query("select * from admin where username='$username' and password='$password'")); if ($logres <= 0) { header ("Location:Login_failed.php"); exit; } else { //logged in, register the session.. $_SESSION['username'] = "$username"; $_SESSION['password'] = "$password"; $_SESSION['logintime']=time(); $_SESSION['ip'] = $_SERVER['REMOTE_ADDR']; header("Location: Welcome.php?username=".$_SESSION['username']); } } ?> While this one is for restricting access to pages: <?php include('cn.php'); //session_start(); $session_logout = time() + 900; if($_SESSION['logintime'] <= $session_logout){ header("location:Expired.php"); }else{ $_SESSION['logintime'] = time(); } if(!session_is_registered(username)){ header("location:Not_Logged.php"); } ?> The problem that I am faced with now is that each time I try to login with the valid credentials in the database, the code keeps bringing up the page Expired.php which is not suppose to be. It suppose to give me access to my restricted home page ie Welcome.php. Please Gents what do I do? Link to comment https://forums.phpfreaks.com/topic/196162-loginout-session-problem/ Share on other sites More sharing options...
schilly Posted March 22, 2010 Share Posted March 22, 2010 if($_SESSION['logintime'] <= $session_logout){ header("location:Expired.php"); }else{ so your checking to see if the login time is less than time() + 900. This will always be true which is why it keeps loading that page. you want to do $_SESSION['logintime'] + 900 <= time() Link to comment https://forums.phpfreaks.com/topic/196162-loginout-session-problem/#findComment-1030128 Share on other sites More sharing options...
tobimichigan Posted March 22, 2010 Author Share Posted March 22, 2010 if($_SESSION['logintime'] <= $session_logout){ header("location:Expired.php"); }else{ so your checking to see if the login time is less than time() + 900. This will always be true which is why it keeps loading that page. you want to do $_SESSION['logintime'] + 900 <= time() ok tough guy! You win here's the code: <?php include('cn.php'); //session_start(); $session_logout = time() + 900; if($_SESSION['logintime'] <= $session_logout){ header("location:Expired.php"); }else{ $_SESSION['logintime'] = time(); } if(!session_is_registered(username)){ header("location:Not_Logged.php"); } ?> But the Expired page is still showing.. what is really wrong here Gents? Link to comment https://forums.phpfreaks.com/topic/196162-loginout-session-problem/#findComment-1030154 Share on other sites More sharing options...
schilly Posted March 22, 2010 Share Posted March 22, 2010 ok tough guy! was that suppose to mean something? I told you what was wrong and gave you the solution. Link to comment https://forums.phpfreaks.com/topic/196162-loginout-session-problem/#findComment-1030160 Share on other sites More sharing options...
tobimichigan Posted March 23, 2010 Author Share Posted March 23, 2010 Hey nothing personal but ur solution isn't working... Link to comment https://forums.phpfreaks.com/topic/196162-loginout-session-problem/#findComment-1030381 Share on other sites More sharing options...
tobimichigan Posted March 23, 2010 Author Share Posted March 23, 2010 if($_SESSION['logintime'] <= $session_logout){ header("location:Expired.php"); }else{ so your checking to see if the login time is less than time() + 900. This will always be true which is why it keeps loading that page. you want to do $_SESSION['logintime'] + 900 <= time() U were right afterall Schilly, sorry if "tough guy", offended you. I fully implemented your correction and it worked this morning. I must have been sleepy last night.Thanks and Thanks again. Here's the corrected version. Login <?php //session_start(); include("cn.php"); $msg = ""; if (isset($_POST['Submit'])) { $username = $_POST['username']; $password = $_POST['password']; $logres = mysql_num_rows(mysql_query("select * from admin where username='$username' and password='$password'")); if ($logres <= 0) { header ("Location:Login_failed.php"); exit; } else { //logged in, register the session.. $_SESSION['username'] = "$username"; $_SESSION['password'] = "$password"; $_SESSION['logintime']=time(); $_SESSION['ip'] = $_SERVER['REMOTE_ADDR']; header("Location: Welcome.php?username=".$_SESSION['username']); } } ?> Here's the corrected and working restrictive code: <?php include('cn.php'); //session_start(); $session_logout = $_SESSION['logintime'] + 900; if($_SESSION['logintime'] >= $session_logout){ header("location:Expired.php"); }else{ $_SESSION['logintime'] = time(); } if(!session_is_registered(username)){ header("location:Not_Logged.php"); } ?> The mistake was right where u pointed. I later changed the inequality from <= to >= then it logged in immediately.Thanks and Thanks again. Link to comment https://forums.phpfreaks.com/topic/196162-loginout-session-problem/#findComment-1030402 Share on other sites More sharing options...
schilly Posted March 23, 2010 Share Posted March 23, 2010 np =) Link to comment https://forums.phpfreaks.com/topic/196162-loginout-session-problem/#findComment-1030654 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.