Ifaiden Posted June 26, 2010 Share Posted June 26, 2010 I'm trying to make a simple password protected (login) site, but the variable "$session->logged_in" doesn't seem to get any values (either true or false) the form <?php include("structure.php"); include("session.php"); global $session; ?> <!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'> <html xmlns='http://www.w3.org/1999/xhtml'> <head> <meta http-equiv='Content-Type' content='text/html; charset=utf-8' /> <link rel='stylesheet' href='http://mindu.mine.nu/amazing_solutions/gallo_negro/css/style.css' type='text/css' /> <title>Gallo Negro</title> </head> <body> <div id="sitecontainer"> <div id="contentcontainer"> <div id="content"> <div id="center_box"> <?php if (!$session->logged_in ) { ?> <h1>VÄLKOMMEN ADMINS: LOGGA IN!</h1> <form action="process.php" method="post"/> <input type="password" name="pass" maxlength="30" onBlur="if(this.value=='')this.value='Lösenord123';" onClick="if(this.value=='Lösenord123')this.value='';" value="Lösenord123"/> <input type="submit" value="Logga in" name="sublogin"/> <?php } else{ ?> <p>Inloggad</p> <a href="process.php">Logga ut</a> <?php } ?> </div><!--end of #center_box --> </div><!--end of #content --> </div><!--end of #contentcontainer --> <?php footer();?> </div><!--end of #sitecontainer --> </body> </html> process.php <?php include("session.php"); class Process { /* Class constructor */ function Process(){ global $session; /* User submitted password form */ if(isset($_POST['pass'])){ $this->procLogin(); } /* User is directed here because he want's to log out*/ else if($session->logged_in){ $this->procLogout(); } /** * Should not get here, which means user is viewing this page * by mistake and is redirected. */ else{ header("Location: google.se"); } } function procLogin(){ global $session; /*Login attempt*/ $retval = $session->login($_POST['pass']); /* Login successful */ if($retval==true){ $session->logged_in=true; header("Location: http://mindu.mine.nu/amazing_solutions/gallo_negro/gallologin.php"); } /* Login failed */ else{ $session->logged_in=false; header("Location: http://mindu.mine.nu/amazing_solutions/gallo_negro/gallologin.php"); } function procLogout(){ global $session; $retval = $session->logout(); header("Location: main.php"); } } } /* Initialize process */ $process = new Process; ?> session.php <?php class Session { var $logged_in; var $password; var $referrer; var $url; //The page url current being viewed /* Class constructor */ function Session(){ $this->startSession(); } function startSession(){ session_start();//Tell PHP to start the session $_SESSION['logged_in'] = false; $_SESSION['password'] = "password"; $password=$_SESSION['password']; /* Determine if user is logged in */ //$this->logged_in = $this->checkLogin(); /* Set referrer page */ if(isset($_SESSION['url'])){ $this->referrer = $_SESSION['url']; }else{ $this->referrer = "/"; } /* Set current url */ $this->url = $_SESSION['url'] = $_SERVER['PHP_SELF']; } function login($pass){ /* Password error checking */ if($_SESSION['password'] != $pass) { return false; } /* password correct, register session variables */ $this->password = $_SESSION['password']; /* Login completed successfully */ return true; } } $session = new Session; ?> Quote Link to comment Share on other sites More sharing options...
dabaR Posted June 27, 2010 Share Posted June 27, 2010 Hi there. I don't see that process.php is actually part of the program. Can you point to the place where it is included? Quote Link to comment Share on other sites More sharing options...
Ifaiden Posted June 27, 2010 Author Share Posted June 27, 2010 Hi there. I don't see that process.php is actually part of the program. Can you point to the place where it is included? The process.php is activated everytime I send the form: <form action="process.php" method="post"/> or everytime I click on the logut link Quote Link to comment Share on other sites More sharing options...
phant0m Posted June 27, 2010 Share Posted June 27, 2010 do you get any errors? Have you tried error_reporting(E_ALL); and display_errors? Quote Link to comment Share on other sites More sharing options...
dabaR Posted June 27, 2010 Share Posted June 27, 2010 Hi, The problem is that $session is created anew every time a page is loaded, and the fact that you actually logged in on last load is ignored. Quote Link to comment Share on other sites More sharing options...
ignace Posted June 28, 2010 Share Posted June 28, 2010 Instead of: function Process(){ global $session; Use: function Process( Session $session ){ Which is a far better practice Quote Link to comment Share on other sites More sharing options...
Ifaiden Posted June 28, 2010 Author Share Posted June 28, 2010 Ok, I changed the code a little bit. while I was debugging, I noticed that $_SESSION['logged_in'] = false; doesn't show anything while $_SESSION['logged_in'] = true shows "1". if($_SESSION['password'] != $pass) {... //does work <?php include("structure.php"); include("session.php"); global $session; ?> <!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'> <html xmlns='http://www.w3.org/1999/xhtml'> <head> <meta http-equiv='Content-Type' content='text/html; charset=utf-8' /> <link rel='stylesheet' href='http://mindu.mine.nu/amazing_solutions/gallo_negro/css/style.css' type='text/css' /> <title>Gallo Negro</title> </head> <body> <div id="sitecontainer"> <div id="contentcontainer"> <div id="content"> <div id="center_box"> <?php if ($session->logged_in==false ) { ?> <h1>VÄLKOMMEN ADMINS: LOGGA IN!</h1> <form action="process.php" method="post"/> <input type="password" name="pass" maxlength="30" onBlur="if(this.value=='')this.value='Lösenord123';" onClick="if(this.value=='Lösenord123')this.value='';" value="Lösenord123"/> <input type="submit" value="Logga in" name="sublogin"/> <?php } else{ ?> <p>Inloggad</p> <a href="process.php">Logga ut</a> <?php } ?> </div><!--end of #center_box --> </div><!--end of #content --> </div><!--end of #contentcontainer --> <?php footer();?> </div><!--end of #sitecontainer --> <script type="text/javascript" src="http://jqueryjs.googlecode.com/files/jquery-1.2.6.min.js"></script> <script type="text/javascript" src="safe-ajax.js"></script> </body> </html> <?php include("session.php"); class Process { /* Class constructor */ function Process(Session $session){ /* User submitted password form */ if(isset($_POST['pass'])){ $this->procLogin(); } /* User is directed here because he want's to log out*/ else if($session->logged_in==true){ $this->procLogout(); } /** * Should not get here, which means user is viewing this page * by mistake and is redirected. */ else{ header("Location: google.se"); } } function procLogin(Session $session){ /*Login attempt*/ $retval = $session->login($_POST['pass']); /* Login successful */ if($retval==true){ $session->logged_in=true; header("Location: http://mindu.mine.nu/amazing_solutions/gallo_negro/gallologin.php"); } /* Login failed */ else{ $session->logged_in=false; header("Location: http://mindu.mine.nu/amazing_solutions/gallo_negro/gallologin.php"); } function procLogout(Session $session){ $retval = $session->logout(); header("Location: http://mindu.mine.nu/amazing_solutions/gallo_negro/gallologin.php"); } } } /* Initialize process */ $process = new Process; ?> <?php class Session { var $logged_in; var $password; var $referrer; var $url; //The page url current being viewed /* Class constructor */ function Session(){ $this->startSession(); } function startSession(){ session_start();//Tell PHP to start the session $_SESSION['password'] = "password"; $password=$_SESSION['password']; /* Determine if user is logged in */ //$this->logged_in = $this->checkLogin(); /* Set referrer page */ if(isset($_SESSION['url'])){ $this->referrer = $_SESSION['url']; }else{ $this->referrer = "/"; } /* Set current url */ $this->url = $_SESSION['url'] = $_SERVER['PHP_SELF']; } function login($pass){ /* Password error checking */ if($_SESSION['password'] != $pass) { $_SESSION['logged_in'] = false; return false; } /* password correct, register session variables */ $this->password = $_SESSION['password']; /* Login completed successfully */ $_SESSION['logged_in'] = true; return true; } function logout(){ unset($_SESSION['logged_in']); /* Reflect fact that user has logged out */ $this->logged_in = false; } } $session = new Session; ?> Quote Link to comment Share on other sites More sharing options...
dabaR Posted June 29, 2010 Share Posted June 29, 2010 Is there still a problem you are looking for advice with? I ask because you did not ask a question in your last post. Quote Link to comment Share on other sites More sharing options...
Ifaiden Posted June 30, 2010 Author Share Posted June 30, 2010 Is there still a problem you are looking for advice with? I ask because you did not ask a question in your last post. Haha, oh sorry. What I meant was that "false" didn't gave any value while "true" gave "1" (I tested debugging with die()). What is the problem? Quote Link to comment Share on other sites More sharing options...
dabaR Posted June 30, 2010 Share Posted June 30, 2010 die() simply prints strings... false is the empty string, there you have automatic type conversion. If you are still asking what is the problem with the code, it is still the same, unless you changed that... You do not keep information about the fact the person logged in across requests. So the person logs in on a post, on the next get the $session is created anew, without it being logged in. In other words, your "Session" is not doing the thing that is the essence of being a Session. Consider that, and try to figure out how you are going to deal with it. Usually people use $_SESSION to hold an identifier and check whether the person requesting the page is logged in already. That's really pretty much your only option. </incoherentMorningTalk> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.