tobimichigan Posted March 22, 2010 Share Posted March 22, 2010 Hello Code Gurus, Please could anyone point what I am missing in this code? This one is for logging in: <?php //session_start(); include("cn.php"); $msg = ""; if (isset($_POST['Submit'])) { $username = $_POST['username']; $password = $_POST['password']; $logres = mysql_num_rows(mysql_query("select * from admin where username='$username' and password='$password'")); if ($logres <= 0) { header ("Location:Login_failed.php"); exit; } else { //logged in, register the session.. $_SESSION['username'] = "$username"; $_SESSION['password'] = "$password"; $_SESSION['logintime']=time(); $_SESSION['ip'] = $_SERVER['REMOTE_ADDR']; header("Location: Welcome.php?username=".$_SESSION['username']); } } ?> While this one is for restricting access to pages: <?php include('cn.php'); //session_start(); $session_logout = time() + 900; if($_SESSION['logintime'] <= $session_logout){ header("location:Expired.php"); }else{ $_SESSION['logintime'] = time(); } if(!session_is_registered(username)){ header("location:Not_Logged.php"); } ?> The problem that I am faced with now is that each time I try to login with the valid credentials in the database, the code keeps bringing up the page Expired.php which is not suppose to be. It suppose to give me access to my restricted home page ie Welcome.php. Please Gents what do I do? Quote Link to comment Share on other sites More sharing options...
schilly Posted March 22, 2010 Share Posted March 22, 2010 if($_SESSION['logintime'] <= $session_logout){ header("location:Expired.php"); }else{ so your checking to see if the login time is less than time() + 900. This will always be true which is why it keeps loading that page. you want to do $_SESSION['logintime'] + 900 <= time() Quote Link to comment Share on other sites More sharing options...
tobimichigan Posted March 22, 2010 Author Share Posted March 22, 2010 if($_SESSION['logintime'] <= $session_logout){ header("location:Expired.php"); }else{ so your checking to see if the login time is less than time() + 900. This will always be true which is why it keeps loading that page. you want to do $_SESSION['logintime'] + 900 <= time() ok tough guy! You win here's the code: <?php include('cn.php'); //session_start(); $session_logout = time() + 900; if($_SESSION['logintime'] <= $session_logout){ header("location:Expired.php"); }else{ $_SESSION['logintime'] = time(); } if(!session_is_registered(username)){ header("location:Not_Logged.php"); } ?> But the Expired page is still showing.. what is really wrong here Gents? Quote Link to comment Share on other sites More sharing options...
schilly Posted March 22, 2010 Share Posted March 22, 2010 ok tough guy! was that suppose to mean something? I told you what was wrong and gave you the solution. Quote Link to comment Share on other sites More sharing options...
tobimichigan Posted March 23, 2010 Author Share Posted March 23, 2010 Hey nothing personal but ur solution isn't working... Quote Link to comment Share on other sites More sharing options...
tobimichigan Posted March 23, 2010 Author Share Posted March 23, 2010 if($_SESSION['logintime'] <= $session_logout){ header("location:Expired.php"); }else{ so your checking to see if the login time is less than time() + 900. This will always be true which is why it keeps loading that page. you want to do $_SESSION['logintime'] + 900 <= time() U were right afterall Schilly, sorry if "tough guy", offended you. I fully implemented your correction and it worked this morning. I must have been sleepy last night.Thanks and Thanks again. Here's the corrected version. Login <?php //session_start(); include("cn.php"); $msg = ""; if (isset($_POST['Submit'])) { $username = $_POST['username']; $password = $_POST['password']; $logres = mysql_num_rows(mysql_query("select * from admin where username='$username' and password='$password'")); if ($logres <= 0) { header ("Location:Login_failed.php"); exit; } else { //logged in, register the session.. $_SESSION['username'] = "$username"; $_SESSION['password'] = "$password"; $_SESSION['logintime']=time(); $_SESSION['ip'] = $_SERVER['REMOTE_ADDR']; header("Location: Welcome.php?username=".$_SESSION['username']); } } ?> Here's the corrected and working restrictive code: <?php include('cn.php'); //session_start(); $session_logout = $_SESSION['logintime'] + 900; if($_SESSION['logintime'] >= $session_logout){ header("location:Expired.php"); }else{ $_SESSION['logintime'] = time(); } if(!session_is_registered(username)){ header("location:Not_Logged.php"); } ?> The mistake was right where u pointed. I later changed the inequality from <= to >= then it logged in immediately.Thanks and Thanks again. Quote Link to comment Share on other sites More sharing options...
schilly Posted March 23, 2010 Share Posted March 23, 2010 np =) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.