Jump to content

Recommended Posts

I'm trying to make a simple password protected (login) site, but the variable "$session->logged_in" doesn't seem to get any values (either true or false)

 

the form

<?php
include("structure.php"); 
include("session.php"); 
global $session;

?>
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
<link rel='stylesheet' href='http://mindu.mine.nu/amazing_solutions/gallo_negro/css/style.css' type='text/css' />
<title>Gallo Negro</title>
</head>
<body>
<div id="sitecontainer">
<div id="contentcontainer">
<div id="content">
<div id="center_box">
<?php
if (!$session->logged_in ) {
?>
<h1>VÄLKOMMEN ADMINS: LOGGA IN!</h1>
<form action="process.php" method="post"/> 
<input type="password" name="pass" maxlength="30" onBlur="if(this.value=='')this.value='Lösenord123';" onClick="if(this.value=='Lösenord123')this.value='';" value="Lösenord123"/> 
<input type="submit" value="Logga in" name="sublogin"/>
<?php
}
else{
?>
<p>Inloggad</p>
<a href="process.php">Logga ut</a>
<?php
}
?>
</div><!--end of #center_box -->
</div><!--end of #content -->
</div><!--end of #contentcontainer -->
<?php footer();?>
</div><!--end of #sitecontainer -->
</body>
</html>

 

process.php

<?php
include("session.php");
class Process
{
/* Class constructor */
   function Process(){
   global $session;
   /* User submitted password form */
   if(isset($_POST['pass'])){
   		$this->procLogin();
   }
   
	/* User is directed here because he want's to log out*/
   else if($session->logged_in){
   		$this->procLogout();
   }
   
   /**
	* Should not get here, which means user is viewing this page
	* by mistake and is redirected.
	*/
   else{
   		header("Location: google.se");
   }
   
   }
   	   function procLogin(){
   		global $session;
		/*Login attempt*/
		$retval = $session->login($_POST['pass']);


		/* Login successful */
      		if($retval==true){
		$session->logged_in=true;
         		header("Location: http://mindu.mine.nu/amazing_solutions/gallo_negro/gallologin.php");
      		}

		/* Login failed */
      		else{
		$session->logged_in=false;
         	header("Location: http://mindu.mine.nu/amazing_solutions/gallo_negro/gallologin.php");
  		}
   
   function procLogout(){
	   	global $session;
		 $retval = $session->logout();
      		 header("Location: main.php");
   }
   }

}
/* Initialize process */
$process = new Process;
?>

 

session.php

<?php

class Session
{
var $logged_in;
var $password;
var $referrer;
var $url;          //The page url current being viewed

   /* Class constructor */
   function Session(){
      $this->startSession();
   }
   
   function startSession(){
    session_start();//Tell PHP to start the session 
$_SESSION['logged_in'] = false;
$_SESSION['password'] = "password";
$password=$_SESSION['password'];

  /* Determine if user is logged in */
      //$this->logged_in = $this->checkLogin();
  
  /* Set referrer page */
      if(isset($_SESSION['url'])){
         $this->referrer = $_SESSION['url'];
      }else{
         $this->referrer = "/";
      }
  
  /* Set current url */
      $this->url = $_SESSION['url'] = $_SERVER['PHP_SELF'];
   }
   
   

 function login($pass){
      /* Password error checking */      
  if($_SESSION['password'] != $pass) {

	  return false;
	  
  }

      /* password correct, register session variables */
      $this->password  = $_SESSION['password'];

      /* Login completed successfully */

      return true;
  
   }

  
}
$session = new Session;	  


?>

 

 

Hi there.

 

I don't see that process.php is actually part of the program. Can you point to the place where it is included?

 

 

The process.php is activated everytime I send the form:

<form action="process.php" method="post"/> 

 

or everytime I click on the logut link

 

Ok, I changed the code a little bit. while I was debugging, I noticed that $_SESSION['logged_in'] = false; doesn't show anything while $_SESSION['logged_in'] = true shows "1".

if($_SESSION['password'] != $pass) {... //does work

 

<?php
include("structure.php"); 
include("session.php"); 
global $session;

?>
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
<link rel='stylesheet' href='http://mindu.mine.nu/amazing_solutions/gallo_negro/css/style.css' type='text/css' />
<title>Gallo Negro</title>
</head>

<body>

<div id="sitecontainer">

<div id="contentcontainer">
<div id="content">

<div id="center_box">
<?php
if ($session->logged_in==false ) {
?>

<h1>VÄLKOMMEN ADMINS: LOGGA IN!</h1>
<form action="process.php" method="post"/> 
<input type="password" name="pass" maxlength="30" onBlur="if(this.value=='')this.value='Lösenord123';" onClick="if(this.value=='Lösenord123')this.value='';" value="Lösenord123"/> 
<input type="submit" value="Logga in" name="sublogin"/>
<?php
}
else{



?>
<p>Inloggad</p>
<a href="process.php">Logga ut</a>
<?php
}
?>

</div><!--end of #center_box -->


</div><!--end of #content -->

</div><!--end of #contentcontainer -->
<?php footer();?>


</div><!--end of #sitecontainer -->


<script type="text/javascript" src="http://jqueryjs.googlecode.com/files/jquery-1.2.6.min.js"></script>
<script type="text/javascript" src="safe-ajax.js"></script>
</body>

</html>

 

 

<?php
include("session.php");
class Process
{
/* Class constructor */
   function Process(Session $session){
   
   /* User submitted password form */
   if(isset($_POST['pass'])){
   		$this->procLogin();
   }
   
	/* User is directed here because he want's to log out*/
   else if($session->logged_in==true){
   		$this->procLogout();
   }
   
   /**
	* Should not get here, which means user is viewing this page
	* by mistake and is redirected.
	*/
   else{
   		header("Location: google.se");
   }
   
   }
   	   function procLogin(Session $session){
   		
		/*Login attempt*/
		$retval = $session->login($_POST['pass']);


		/* Login successful */
      		if($retval==true){
		$session->logged_in=true;
         		header("Location: http://mindu.mine.nu/amazing_solutions/gallo_negro/gallologin.php");
      		}

		/* Login failed */
      		else{
		$session->logged_in=false;
         	header("Location: http://mindu.mine.nu/amazing_solutions/gallo_negro/gallologin.php");
  		}
   
   function procLogout(Session $session){
	   	
		 $retval = $session->logout();
      		 header("Location: http://mindu.mine.nu/amazing_solutions/gallo_negro/gallologin.php");
   }
   }

}
/* Initialize process */
$process = new Process;
?>

 

<?php

class Session
{
var $logged_in;
var $password;
var $referrer;
var $url;          //The page url current being viewed

   /* Class constructor */
   function Session(){
      $this->startSession();
   }
   
   function startSession(){
    session_start();//Tell PHP to start the session 
$_SESSION['password'] = "password";
$password=$_SESSION['password'];

  /* Determine if user is logged in */
      //$this->logged_in = $this->checkLogin();
  
  /* Set referrer page */
      if(isset($_SESSION['url'])){
         $this->referrer = $_SESSION['url'];
      }else{
         $this->referrer = "/";
      }
  
  /* Set current url */
      $this->url = $_SESSION['url'] = $_SERVER['PHP_SELF'];
   }
   
   

 function login($pass){
      /* Password error checking */      
  if($_SESSION['password'] != $pass) {
	  
	$_SESSION['logged_in'] = false;

	  return false;
	  
  }

      /* password correct, register session variables */
      $this->password  = $_SESSION['password'];

      /* Login completed successfully */
$_SESSION['logged_in'] = true; 

      return true;
  
   }
   
   	 function logout(){
	 unset($_SESSION['logged_in']);

      /* Reflect fact that user has logged out */
      $this->logged_in = false;
  
   }

  
}
$session = new Session;	  


?>

 

Is there still a problem you are looking for advice with? I ask because you did not ask a question in your last post.

 

Haha, oh sorry. What I meant was that "false" didn't gave any value while "true" gave "1" (I tested debugging with die()). What is the problem?

die() simply prints strings... false is the empty string, there you have automatic type conversion.

 

If you are still asking what is the problem with the code, it is still the same, unless you changed that...

 

You do not keep information about the fact the person logged in across requests. So the person logs in on a post, on the next get the $session is created anew, without it being logged in. In other words, your "Session" is not doing the thing that is the essence of being a Session.

 

Consider that, and try to figure out how you are going to deal with it. Usually people use $_SESSION to hold an identifier and check whether the person requesting the page is logged in already. That's really pretty much your only option.

 

</incoherentMorningTalk>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.