Jump to content

Login/Out Session Problem

tobimichigan

By tobimichigan
in PHP Coding Help

 Share

Recommended Posts

tobimichigan Member

tobimichigan

Posted
Posted

Hello Code Gurus,

Please could anyone point what I am missing in this code?

This one is for logging in:

<?php
//session_start();
include("cn.php");

$msg = "";

if (isset($_POST['Submit']))
{

$username = $_POST['username'];
$password = $_POST['password'];

$logres = mysql_num_rows(mysql_query("select  * from admin where username='$username' and password='$password'"));
if ($logres <= 0) {
header ("Location:Login_failed.php");
	exit;
} else {
//logged in, register the session..
$_SESSION['username'] = "$username";
$_SESSION['password'] = "$password";
$_SESSION['logintime']=time();
$_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
header("Location: Welcome.php?username=".$_SESSION['username']);
}
}	
?>

 

While this one is for restricting access to pages:

<?php 
include('cn.php');
//session_start();
$session_logout = time() + 900;
if($_SESSION['logintime'] <= $session_logout){
header("location:Expired.php");
}else{
$_SESSION['logintime'] = time();
}
if(!session_is_registered(username)){
header("location:Not_Logged.php");
}
?>

 

The problem that I am faced with now is that each time I try to login with the valid credentials in the database, the code keeps bringing up the page Expired.php which is not suppose to be. It suppose to give me access to my restricted home page ie Welcome.php. Please Gents what do I do?

Link to comment
Share on other sites
schilly Regular Member

schilly

Posted
Posted 

if($_SESSION['logintime'] <= $session_logout){
header("location:Expired.php");
}else{

 

so your checking to see if the login time is less than time() + 900. This will always be true which is why it keeps loading that page.

 

you want to do $_SESSION['logintime'] + 900 <= time()

Link to comment
Share on other sites
tobimichigan Member

tobimichigan

Posted
  • Author
Posted 

if($_SESSION['logintime'] <= $session_logout){
header("location:Expired.php");
}else{

 

so your checking to see if the login time is less than time() + 900. This will always be true which is why it keeps loading that page.

 

you want to do $_SESSION['logintime'] + 900 <= time()

 

ok tough guy! You win here's the code:

 

<?php 
include('cn.php');
//session_start();
$session_logout = time() + 900;
if($_SESSION['logintime'] <= $session_logout){
header("location:Expired.php");
}else{
$_SESSION['logintime'] = time();
}
if(!session_is_registered(username)){
header("location:Not_Logged.php");
}
?>

 

 

But the Expired page is still showing.. what is really wrong here Gents?

 

Link to comment
Share on other sites
tobimichigan Member

tobimichigan

Posted
  • Author
Posted 

if($_SESSION['logintime'] <= $session_logout){
header("location:Expired.php");
}else{

 

so your checking to see if the login time is less than time() + 900. This will always be true which is why it keeps loading that page.

 

you want to do $_SESSION['logintime'] + 900 <= time()

U were right afterall Schilly, sorry if "tough guy", offended you. I fully implemented your correction and it worked this morning. I must have been sleepy last night.Thanks and Thanks again. Here's the corrected version.

Login

<?php
//session_start();
include("cn.php");

$msg = "";

if (isset($_POST['Submit']))
{

$username = $_POST['username'];
$password = $_POST['password'];

$logres = mysql_num_rows(mysql_query("select  * from admin where username='$username' and password='$password'"));
if ($logres <= 0) {
header ("Location:Login_failed.php");
	exit;
} else {
//logged in, register the session..
$_SESSION['username'] = "$username";
$_SESSION['password'] = "$password";
$_SESSION['logintime']=time();
$_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
header("Location: Welcome.php?username=".$_SESSION['username']);
}
}	
?>

 

Here's the corrected and working restrictive code:

<?php 
include('cn.php');
//session_start();
$session_logout = $_SESSION['logintime'] + 900;
if($_SESSION['logintime'] >= $session_logout){
header("location:Expired.php");
}else{
$_SESSION['logintime'] = time();
}
if(!session_is_registered(username)){
header("location:Not_Logged.php");
}
?>

 

The mistake was right where u pointed. I later changed the inequality from <= to >= then it logged in immediately.Thanks and Thanks again.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.