Jump to content

Trying to inregrate 2 logins into one main logs with both sessions and cookies


Russia

Recommended Posts

Hey guys, Im trying to combine 2 logs to seperate parts of a website into 1.

 

One of them uses sessions to store it.

And the other uses cookies to login.

 

I cant seem to get it working AT ALL.

 

Even tho the cookies are being set and I can see it being set in firefox.

 

Here is the page with the sessions.

 

<?php
if(isset($_POST['username'])){
$username = $_POST['username']; //name of the text field for usernames
$password = $_POST['password']; //likewise here just for the password
//connect to the db
$user = 'root'; 
$pswd = ''; 
$db = 'chat';
$conn = mysql_connect('localhost', $user, $pswd);
mysql_select_db($db, $conn);
//run the query to search for the username and password the match
$query = "SELECT * FROM users WHERE username = '$username' AND password ='$password'";
$result = mysql_query($query) or die("Unable to verify user because : " . mysql_error());

//this is where the actual verification happens
    if(mysql_num_rows($result) == 1){
    //the username and password match
    //so e set the session to true
    session_start();
    $_SESSION['username'] = $username;
    
    //STUFF FROM HERE TO THE OTHER COMMENT IS STUFF I ADDED MANUALLY TRYING TO GET THE COOKIES TO BE SET SO THEY WORK FOR BOTH
    $username = $_COOKIE['user_id']; 
    $pass = $_COOKIE['pass_id'];
    setcookie("user_id", "$username", time()+3600);
    setcookie("pass_id", "$pass", time()+3600);
    //END OF THE CUSTOM STUFF, IT DOESNT WORK FOR SOME REASON
    
    
    
    //and then move them to the index page or the page to which they need to go
    header('Location: index.php');
    }else{
    $err = 'Incorrect username / password.' ;
    }
    //then just above your login form or where ever you want the error to be displayed you just put in
    echo $err;
    }
    else

?>

I made comments // in the code so you can see whats going on.

 

 

 

Here is the code that uses cookies, also it uses 2 pages.

This is the one I think that mainly adds the cookies.

<?php
// Login Logic

$username = "";
$err = "";
$err_style = "";
$err_style2= "";

//Checks if there is a login cookie
if(isset($_COOKIE['user_id'])) { 

    //if there is, it logs you in and directes you to the members page
    
    $username = $_COOKIE['user_id']; 
    $pass = $_COOKIE['pass_id'];
    $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());$quer++;
    while($info = mysql_fetch_array( $check )) {
        if ($pass != $info['password']) {
        
        }
        else {
            header("Location: index.php");
        }
    }
}

//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted

    // SANITISE
    
    $username     = sanitize($_POST['username']);
    $pass                = sanitize($_POST['pass']);
    $red                = sanitize($_POST['red']);
    
        // makes sure they filled it in
    if(!$_POST['username']) {
        $err = 'You did not fill in a required section';
        $err_style = "style='border: 1px solid #CC0000'";
        $show_login = 1;
    }
        if(!$_POST['pass']) {
        $err = 'You did not fill in a required section';
        $err_style2 = "style='border: 1px solid #CC0000'";
        $show_login = 1;
    }
    // checks it against the database
    
    if (!$err) {
    $check = mysql_query("SELECT * FROM users WHERE username = '".$username."'")or die(mysql_error());$quer++;

    //Gives error if user dosen't exist
    $check2 = mysql_num_rows($check);
    
    if ($check2 == 0) {
        $err = 'User not found - please try again!';
        $err_style = "style='border: 1px solid #CC0000'";
        $show_login = 1;
    }
    
    while($info = mysql_fetch_array( $check )) {
        $info['password'] = stripslashes($info['password']);
        $pass = $pass;

        //gives error if the password is wrong
        if ($pass != $info['password']) {
            $err = 'Incorrect password, please try again.';
            $err_style2= "style='border: 1px solid #B02B2C;'";
            $show_login = 1;
        }
        else { 

        // if login is ok then we add a cookie 
        $hour = time() + 3600; 
        setcookie("user_id", $username, $hour); 
        setcookie("pass_id", $pass, $hour);    

        //then redirect them to the members area 
        
        if (!$red) {
            header("Location: index.php"); 
        } else {
            header("Location: $red.php"); 
        }
        exit;
        } 
    } 
    
    }
} 

?>

 

Here is the other page it also includes inside.

<?php 
Check.php


session_start();

//checks cookies to make sure they are logged in 


if(isset($_COOKIE['user_id'])) { 
    $username = $_COOKIE['user_id']; 
    $pass = $_COOKIE['pass_id']; 
    $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());$quer++;
    
    while($info = mysql_fetch_array( $check )) { 
        //if the cookie has the wrong password, they are taken to the login page 
        if ($pass != $info['password']) { 
            header("Location: login.php"); 
        } 

        //otherwise they are shown the admin area    
        else { 
        // Update some info
    
        setcookie ("user_id", $_COOKIE['user_id'], time() + 3600 );
        setcookie ("pass_id", $_COOKIE['pass_id'], time() + 3600 );

        // Get some basic user details, so we can use these later!
        $uname = $info['username'];
        $uID        = $info['user_id'];
        $loggedin = 1;
        $admin_user    = $info['admin'];
        } 
    } 
}

?>

 

 

Thanks for the upcoming help that you all provide.

 

If anything else is needed please post here and il provide it.

 

 

 

Link to comment
Share on other sites

In my opinion, you should start the session before doing anything else, and make sure session_start(); is at the top of every page, instead of putting it in an if statement.

 

it should be like this

<?php
session_start();

//This essentially logs the person in.
//There is no need to put the "session_start()" function in the if statement below
if (username & password) {
$_SESSION["member"] = $username;
}
?>

 

Of course it's all a matter of preference, but it keeps your scripts more tidy and (in my opinion) professional, when done in this way.

Link to comment
Share on other sites

Thanks, but I still need help integrating somehow those two login into one, so that the session and/or cookies from one login affect both scripts.

 

That would be great :)

 

You're welcome =)

 

Now I would assume both login scripts are using the same cookie/session names? I'm pretty sure that if you use the same cookie or session variable names for both logins, they will, essentially, be one in the same.

 

For example you would use

<?php
$_SESSION["member"]; 
//for both login scripts if the login succeeds
?>

 

Same with the cookies.

<?php
setcookie ("stay_on", "$username", time() +4000);
//for both login scripts
?>

 

Hope this helps!

Link to comment
Share on other sites

I did try that code, and I think I already have it in there in the first pho code I posted.

 

//this is where the actual verification happens
    if(mysql_num_rows($result) == 1){
    //the username and password match
    //so e set the session to true
    session_start();
    $_SESSION['username'] = $username;
    
    //STUFF FROM HERE TO THE OTHER COMMENT IS STUFF I ADDED MANUALLY TRYING TO GET THE COOKIES TO BE SET SO THEY WORK FOR BOTH
    $username = $_COOKIE['user_id']; 
    $pass = $_COOKIE['pass_id'];
    setcookie("user_id", "$username", time()+3600);
    setcookie("pass_id", "$pass", time()+3600);
    //END OF THE CUSTOM STUFF, IT DOESNT WORK FOR SOME REASON
    

 

Thats the main login that i want to use to combine both of them.

 

Here is the full code of it.

 

<?php
if(isset($_POST['username'])){
$username = $_POST['username']; //name of the text field for usernames
$password = $_POST['password']; //likewise here just for the password
//connect to the db
$user = 'root'; 
$pswd = ''; 
$db = 'chat';
$conn = mysql_connect('localhost', $user, $pswd);
mysql_select_db($db, $conn);
//run the query to search for the username and password the match
$query = "SELECT * FROM users WHERE username = '$username' AND password ='$password'";
$result = mysql_query($query) or die("Unable to verify user because : " . mysql_error());

//this is where the actual verification happens
    if(mysql_num_rows($result) == 1){
    //the username and password match
    //so e set the session to true
    session_start();
    $_SESSION['username'] = $username;
    
    //STUFF FROM HERE TO THE OTHER COMMENT IS STUFF I ADDED MANUALLY TRYING TO GET THE COOKIES TO BE SET SO THEY WORK FOR BOTH
    $username = $_COOKIE['user_id']; 
    $pass = $_COOKIE['pass_id'];
    setcookie("user_id", "$username", time()+3600);
    setcookie("pass_id", "$pass", time()+3600);
    //END OF THE CUSTOM STUFF, IT DOESNT WORK FOR SOME REASON
    
    
    
    //and then move them to the index page or the page to which they need to go
    header('Location: index.php');
    }else{
    $err = 'Incorrect username / password.' ;
    }
    //then just above your login form or where ever you want the error to be displayed you just put in
    echo $err;
    }
    else

?>

Link to comment
Share on other sites

Okay, first off, your setting your cookies wrong and THAT'S why it's not working.

 

The way I learned, is you write "setcookie" with a "();" containing all of the arguments to the "setcookie" function.

 

The first argument gives a name for the cookie. The second defines a value. The Third contains the expiration date of the cookie. The fourth assigns the cookie to a specific domain name. And the fifth (and last, I think), specifies a certain path within the domain you specify in the fourth argument.

 

DO:

<?php

setcookie ("username", "$username", time() + 5000, ".mywebsite.com", "/mypath");

?>

 

DONT DO:

<?php

//Your assigning a $_COOKIE variable to the variable $username, but you're not giving either $_COOKIE variables an actual value.
$username = $_COOKIE['user_id']; 
$pass = $_COOKIE['pass_id'];
setcookie("user_id", "$username", time()+3600);
setcookie("pass_id", "$pass", time()+3600);

//If you want to create cookies using variables, you want to do them like this:
$username = $_POST["username"];
$password = $_POST["password"];
setcookie("username", $username, time() + 3600);
setcookie("password", $password, time() + 3600);

?>

 

Hope this helps! Please correct me if I misunderstood your code.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.