New Tab login session

[ecabrera]

OK when i go to my website and login i stay login in intill i sign out but when im stilled loged in and click new tab and type my website i see the login table but im already loged in so i have to click on my logo to time to make the login table go away why if you need the login code i would be happy to give it to use

[msaz87]

Show the code

[ecabrera]

<?php
$title = "Login";
?>
<?php require("styles/top.php"); ?>
<div id='full'>
<?php

$form = "<form action='login.php' method='post'>
<center><table>
<tr>
	<td>Email:</td>
	<td><input type='text' name='email' class='textbox' size='35'></td>
	<td><a href='register.php'>Register</a></td>
</tr>
<tr>
	<td>Password:</td>
	<td><input type='password' name='password' class='textbox' size='35'></td>
	<td><input type='submit' name='loginbtn' value='Login' class='button'></td>
</tr>
</table></center>
</form>";

if ($_POST['loginbtn']){
	$email = strip_tags($_POST['email']);
	$password = strip_tags($_POST['password']);

	if ($email && $password){

		require("scripts/connect.php");
		$pass = md5(md5($password));

		$query = mysql_query("SELECT * FROM users WHERE email='$email' AND password='$pass'");
		$numrows = mysql_num_rows($query);

		if ($numrows == 1){

			$row = mysql_fetch_assoc($query);
			$dbid = $row['id'];
			$dbuser = $row['username'];
			$active = $row['active'];

			if ($active == 1){

				$date = date("F d, Y");
				mysql_query("UPDATE users SET last_login='$date' WHERE id='$dbid'");

				$_SESSION['username'] = $dbuser;
				$_SESSION['userid'] = $dbid;

				echo "<body onLoad=\"setTimeout('redirect();', 1000);\">";
				echo "You will be redirected to the home page in a few seconds.";
			}
			else
				echo "You must activate your account to login.";
		}
		else
			echo "You login information was incorrect. $form";
	}
	else
		echo "You did not fill in the entire form. $form";
}
else
	echo "$form";

?>
</div>

[codefossa]

Make sure session is going before you get to showing the code.

 

$session_id = session_id();

if (empty($session_id))
    session_start();

 

When you log in, simply set a session variable.

 

function login()
{
    // Check the login is valid before session variable is set.
    
    $_SESSION['logged'] = true;
}

 

Now, just check before echoing out the login form.

 

if (!$_SESSION['logged'])
    // Echo login form

[ecabrera]

this is the top.php file which include every thing

 

<?php

$site = "http://www.mywebsite.com";

date_default_timezone_set('America/New_York');

session_start();
$username = $_SESSION['username'];
$userid = $_SESSION['userid'];
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml"> 
<head> 
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 
<title><?php echo "$title";?></title>
<link href='styles/main.css' rel='stylesheet' type='text/css'></link>
<link href='styles/dropdown.css' rel='stylesheet' type='text/css'></link>
<link rel='shortcut icon' type='image/x-icon' href='images/favicon.ico'>
<script language='javascript' src='scripts/javascript.js'></script>
<script language='javascript' script type='text/javascript'>
</script>
<?php require("scripts/functions.php"); ?>
<style type='text/css'>
<!--
body{
background-color: #FFF;
}
-->
</style>
</head> 

 

should i put it here

 

$session_id = session_id();

if (empty($session_id))
    session_start();

[codefossa]

Well, you got session_start() called already.  All mine does is makes sure you don't call it twice.  You add the little extra if you wish.

 

Then with the login function, I was trying to show you can just add the $_SESSION['logged'] = true; to your current function.

 

After that, all ya do is check that your not logged in before showing the form.

[codefossa]

I would also change ..

 

<script language='javascript' script type='text/javascript'></script>

 

To ..

 

<script language='javascript' type='text/javascript'></script>

 

You're randomly puttin' "script" in the middle of the tag.

[ecabrera]

still does not work i could show you the new code

 

<?php
$title = "Login";
?>
<?php require("styles/top.php"); ?>
<div id='full'>
<?php

$form = "<form action='login.php' method='post'>
<center><table>
<tr>
	<td>Email:</td>
	<td><input type='text' name='email' class='textbox' size='35'></td>
	<td><a href='register.php'>Register</a></td>
</tr>
<tr>
	<td>Password:</td>
	<td><input type='password' name='password' class='textbox' size='35'></td>
	<td><input type='submit' name='loginbtn' value='Login' class='button'></td>
</tr>
</table></center>
</form>";

if ($_POST['loginbtn']){
	$email = strip_tags($_POST['email']);
	$password = strip_tags($_POST['password']);

	if ($email && $password){

		require("scripts/connect.php");
		$pass = md5(md5($password));

		$query = mysql_query("SELECT * FROM users WHERE email='$email' AND password='$pass'");
		$numrows = mysql_num_rows($query);

		if ($numrows == 1){

			$row = mysql_fetch_assoc($query);
			$dbid = $row['id'];
			$dbuser = $row['username'];
			$active = $row['active'];

			if ($active == 1){

				$date = date("F d, Y");
				mysql_query("UPDATE users SET last_login='$date' WHERE id='$dbid'");

				$_SESSION['username'] = $dbuser;
				$_SESSION['userid'] = $dbid;
                                        $_SESSION['logged'] = true;

				echo "<body onLoad=\"setTimeout('redirect();', 1000);\">";
				echo "You will be redirected to the home page in a few seconds.";
			}
			else
				echo "You must activate your account to login.";
		}
		else
			echo "You login information was incorrect. $form";
	}
	else
		echo "You did not fill in the entire form. $form";
}
else
	echo "$form";

?>
</div>
<?php require("styles/bottom.php"); ?>

 

this is my function php

 

<?php

function fixtext($text){

$finishedtext = strip_tags($text);
$finishedtext = stripslashes($finishedtext);

$finishedtext = str_replace('"', "&#34;", $finishedtext);
$finishedtext = str_replace("'", "&#97;", $finishedtext);

return $finishedtext;
}

function htmltext($text){
$text = nl2br($text);
$text = ereg_replace("[[:alpha:]]+://[^<>[:space:]]+[[:alnum:]/]","<a target='_blank' href=\"\\0\">\\0</a>", $text);

return $text;
}

function login()
{
    // Check the login is valid before session variable is set.
    
    $_SESSION['logged'] = true;
}

?>

[codefossa]

Change ..

 

	else
	echo "$form";

 

To ..

 

	elseif (!$_SESSION['logged'])
	echo "$form";

 

And delete the login function since you don't use it.  It was just an example.  I didn't look at your code when I posted it.

[ecabrera]

Nope it does not work maybe you can have a look at my webite so you can understand the problem better because im not a good explainer

[codefossa]

PM me the URL and a test account I can log in with.  I'll give it a look.

[ecabrera]

ok

[codefossa]

I don't get the issue you're talking about.  Try clearing cache and cookies, and trying again.

 

For a little info, I'm on Ubuntu 11.10 Beta 2 using Firefox 7.0.1

[ecabrera]

ok do you know where you logged in that stays the same if you open a new tab and then you have to click the logo and it change to the login mode

[codefossa]

ok do you know where you logged in that stays the same if you open a new tab and then you have to click the logo and it change to the login mode

It don't show after logging in.  I closed the tab, opened the site again in new tab and it didn't show.

 

I think after you made the update to the login function, you forgot to clear your session and log in again to actually write the session variable.

 

Clear cookies and log in again.  Also, when you log out make sure you destroy session if you do that instead of clearing cookies.  I said cache too just to be safe, but that shouldn't really matter.

 

Try that and let me know.

[ecabrera]

i already have seesion destroy

 

<?php 
session_start();

$user_name = $_SESSION['username'];
$title = "Logout";
?>
<?php require("styles/top.php"); ?>
<div id='full'>
<?php

if ($user_name){
	session_destroy();
	echo "<body onLoad=\"setTimeout('logoutredirect();', 1);\">";
	echo "<b>$user_name</b> has been logged out.";
}
else
	echo "No user was logged in. $user_name";

?>
</div>
<?php require("styles/bottom.php"); ?>

[ecabrera]

ok works now thanks all for your help

[codefossa]

No problem.  Make sure ya tick topic solved.