Lukeidiot Posted August 5, 2011 Share Posted August 5, 2011 Hey guys, For 90% of the hosts I use, my login session script works. Now on the other hand, I just got one of those 10% login session bugs (I am pretty sure its a host configuration bug, but I want to see if I can edit my current login script to work 100% of the time). Here is my current login script code: <?php session_start(); if(isset($_POST['Login'])) { $email = $_POST['username']; $password = $_POST['password']; $email2 = strtolower(mysql_real_escape_string($_POST['username'])); $password2 = strtolower(mysql_real_escape_string($_POST['password'])); $sql = "SELECT * FROM rsp_users WHERE email = '$email2' OR username = '$email2' and password = '$password2'"; $sqlexe = mysql_query($sql) or die("MySQL error ".mysql_errno().": ".mysql_error().""); $row = mysql_fetch_assoc($sqlexe); $rowemail = strtolower($row['email']); $rowusername = strtolower($row['username']); $rowpassword = strtolower($row['password']); if (($email2 == $rowemail && $password2 == $rowpassword && $email2 != '' && $password2 != '') || ($email2 == $rowusername && $password2 == $rowpassword && $email2 != '' && $password2 != '')) { //session_register('id'); //session_register('email'); session_start('username'); $_SESSION['username'] = $row['username']; $ip = $_SERVER['REMOTE_ADDR']; $time = time(); echo "<script>window.location='?goto=rslogin.php&go=home'</script>"; mysql_query("INSERT INTO rsp_logins (username, ipaddress, time, successful_login) VALUES ('$row[username]','$ip','$time','1')"); } else { echo "<br><strong><font color='red'>Email or Password Incorrect!</font></strong>"; $ip = $_SERVER['REMOTE_ADDR']; $time = time(); $user = strtolower(mysql_real_escape_string($_POST['username'])); mysql_query("INSERT INTO rsp_logins (username, ipaddress, time, successful_login) VALUES ('$user','$ip','$time','0')"); } } if(isset($_SESSION['username'])) { //include('header.php'); echo "Weclome <b>$_SESSION[username]</b>, you are already logged in "; } else { //include('header.php'); echo "<form method='post' action=''>"; echo "<fieldset>"; echo "<legend>Login</legend>"; echo " Username<br /> <input type='text' name='username' /> <br /> <br /> Password <br /> <input name='password' type='password' id='password' /> <br /> <input type='submit' class='button' name='Login' value='Login' /> <br /> <br /> Not Registered? <a href='http://runescapesr.com/ucp.php?mode=register'>Sign-up</a>.<br> Forgot Password? <a href='?goto=forgot'>Click Here</a>. </form>"; echo "</fieldset>"; } ?> As you can see, I am "logged in" but the other script doesn't recognize that I am logged in. The "Logout" is dynamic and only shows according to this peice of code: <?php if($_SESSION){ ?> <li class="root" > <a class="orphan item bullet" href="?goto=logout.php&logout=true"> <span> Logout </span> </a> </li> <?php } ?> And here is the dynamic code that I use on the bottom: <?php if($_SESSION['username']){ ?> Logged in as: <strong><?php echo $_SESSION['username']; ?></strong> <?php } else { ?> Welcome <strong>Guest</strong>, <a href="http://runescapesr.com/beta/?goto=register&signup=true">registering</a> is completely free! <?php } ?> Why doesn't it recognize when I try to use <?php if($_SESSION['username']){ ?> but it does when I try to use this: <?php if($_SESSION){ ?> Quote Link to comment Share on other sites More sharing options...
gizmola Posted August 5, 2011 Share Posted August 5, 2011 Start with -- if you're trying to check for the existence of a variable then use isset(). However let's say you have $_SESSION['username'] = ''. What do you think isset() will return? If you're trying to determine if the username actually contains something then try if (isset($_SESSION['username'] || empty(trim($_SESSION['username'])). With that said, the obvious issue with your script is that you are doing session_start() twice. You need to start the session at the start of the script whether or not a person is logged in, and there is no reason to do a 2nd session_start() after that. Quote Link to comment Share on other sites More sharing options...
Lukeidiot Posted August 5, 2011 Author Share Posted August 5, 2011 Start with -- if you're trying to check for the existence of a variable then use isset(). However let's say you have $_SESSION['username'] = ''. What do you think isset() will return? If you're trying to determine if the username actually contains something then try if (isset($_SESSION['username'] || empty(trim($_SESSION['username'])). With that said, the obvious issue with your script is that you are doing session_start() twice. You need to start the session at the start of the script whether or not a person is logged in, and there is no reason to do a 2nd session_start() after that. I've deleted the multiple session_starts(), and also changed to if(isset($_SESSION['username'])) however it still is producing the same error. Any ideas? Quote Link to comment Share on other sites More sharing options...
phpSensei Posted August 5, 2011 Share Posted August 5, 2011 You weren't even logged in properly the first time <?php if($_SESSION){ ?> to <?php if(isset($_SESSION['username'] || empty(trim($_SESSION['username'])){ ?> This doesn't mean your logged in, the session can still have no value returned yet be set. print $_SESSION['username'] and see the output on the page. Quote Link to comment Share on other sites More sharing options...
Lukeidiot Posted August 7, 2011 Author Share Posted August 7, 2011 You weren't even logged in properly the first time <?php if($_SESSION){ ?> to <?php if(isset($_SESSION['username'] || empty(trim($_SESSION['username'])){ ?> This doesn't mean your logged in, the session can still have no value returned yet be set. print $_SESSION['username'] and see the output on the page. I wonder stand that, and I've tried it. The problem I am facing is that the $_SESSION is not registering. Any ideas? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.