u214 Posted May 8, 2011 Share Posted May 8, 2011 Hello guys. I'm in need of help. I want to know who to make a full working session. When a player logs in, the session starts. There will be a new button "My Page", he can go there at any time. When he logs off, that button disappears ( Session over ). I'm so bad at explaining stuff. Hope y'all really understood me. This piece of code is used to log the user in: <?php session_start(); include("config.php"); if(isset($_SESSION["Username"])) { $user = $_SESSION["Username"]; $pass = md5($_SESSION["Password"]); } else { $user = $_POST["User"]; $pass = md5($_POST["Password"]); $_SESSION['Username'] = $user; $_SESSION['Password'] = $pass; $escuser = mysql_real_escape_string($user); $escpass = mysql_real_escape_string($pass); } $result = mysql_query("SELECT * FROM playerinfo WHERE user = '$escuser'"); $num_rows = mysql_num_rows($result); if($num_rows == 0) { echo('That username does not exist...'); echo '<a href="http://yu-ki-ko.com/fsns/""> Go back!</a>'; unset($_SESSION['Username']); unset($_SESSION['Password']); die; } $row = mysql_fetch_row($result); if($row[1] !== $escpass) { echo('Wrong Password!...'); echo '<a href="http://yu-ki-ko.com/fsns/""> Go Back!</a>'; unset($_SESSION['Username']); unset($_SESSION['Password']); die; } ?> Not sure if its working properly or not. I'm stuck at that part. Quote Link to comment Share on other sites More sharing options...
trq Posted May 8, 2011 Share Posted May 8, 2011 Not sure if its working properly or not. I'm stuck at that part. If your unsure of this then what exactly do you want help with? Quote Link to comment Share on other sites More sharing options...
spiderwell Posted May 8, 2011 Share Posted May 8, 2011 i think what you want is this: mypage.php is only viewable when logged in. so on that page have the session start, check if the session holds the username and/or hashed password. personally i would suggest just the presence of username in the session is enough to 'pass the test'. if that is found let the page execute, else unset/kill the session and redirect away back to the login Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.