Jump to content

Archived

This topic is now archived and is closed to further replies.

bigdaddykraven

Login System on PHP 5 (Help Please)

Recommended Posts

Hey Everyone, I have a bit of a problem. I had this script I put together from a mixture of other scripts and modified it to where it would work on my roleplaying character site. When I had to move to a new host, I went from a post 4.1 PHP server to a PHP 5 server. Prior to the switch, the session_register command was being used and as you know, it no longer supports that with globals turned off.

So tried to change it to $_SESSION ['login']; yet it still gives me the same result. What happens when you log in correctly, it simply loads the login page once more. I have the pages set to where you go to them, it checks for the logged in session and then if not, will HEADER revert to the login page. The problem is, I don't think it's keeping the session when I login. It's sending me to the posting page, but saying I'm not logged in and pushing me back to the login page.

Funny thing is, if you put in an incorrect password, it registers as being incorrect and will direct you to the OOPS, page, proving that it is in the reading of the session. I'll include the scripts:

[b]Protected Page[/b]
[code=php:0]<?php
session_start();
if($login=="") {
Header("Location: login.php");
} else {
?>
Page Contents go below this.
<?php
}
?>
[/code]

[b]Login Function[/b]
[code=php:0]<?php
session_start();
$db_host="localhost"; // Your mySQL host, normally localhost
$db_user="mydbhere"; // Your database username
$db_pass="mypasswordhere"; // Your database password
$db="mydbhere"; // the database you are trying to connect to
$connection=mysql_connect ("$db_host", "$db_user", "$db_pass") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("$db");

$username=$_POST["username"];
$pw=$_POST["password"];

$q="SELECT * from users where username='$username' and password='$pw'";
$result= mysql_query($q, $connection) or die
("Could not execute query : $q." . mysql_error());

if (mysql_num_rows($result) == 0)
{

echo "<div align=center><b>Oops! Your login is wrong. Please click back and try again.</b></div>";

}
else
{
$r=mysql_fetch_array($result);
$login=$r["username"];
$_SESSION["login"];
//session_register("login"); //This is the old script that I replaced because register_globals are off
Header("Location: roleplaypost.php"); // Place the location of the file you want to go to.
}

?>
[/code]

I don't want to enable the globals (I don't have that option, .htaccess crashes my website when I put in the coding to allow for this. If anyone wants to check it out, I can set up a false user password/login. Any and all help would be great, thank you.

Share this post


Link to post
Share on other sites
[code=php:0]
<?php
session_start();
if($login=="") {
Header("Location: login.php");
} else {
?>
Page Contents go below this.
<?php
}
?>
[/code]

nothing is setting $login... Try making it a session variable like $_SESSION['login'] and do the same for the login script...

Share this post


Link to post
Share on other sites
$_SESSION['login'];

I tried setting it just before the if($login==""); if you look it is already set in the login function script, at the bottom. Also, in the bottom of the login function, it sets $login=$r["username"];

Strange because it worked fine as is (although with session_register("login"); instead of $_SESSION).

When I made the change I mentioned above, it continued to do the same thing.

Share this post


Link to post
Share on other sites
[code=php:0]
$_SESSION["login"];
[/code]
Does absolutly nothing... change that to
$_SESSION['login'] = "logged";
and change
[code=php:0]
<?php
session_start();
if($login=="") {
Header("Location: login.php");
} else {
?>
Page Contents go below this.
<?php
}
?>
[/code]
to
[code=php:0]
<?php
session_start();
$login = $_SESSION['login'];
if($login == "logged") {
Header("Location: login.php");
} else {
?>
Page Contents go below this.
<?php
}
?>
[/code]

Share this post


Link to post
Share on other sites
It still keeps throwing me back to the login page. I'm going to have a play with it for a bit and see if I can find what part is exactly the problem... IF I get anywhere or fail miserably, I'll let you know. Thanks for your help.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.