Jump to content

Archived

This topic is now archived and is closed to further replies.

charlieholder

[SOLVED] Simple Login/Register/Logout

Recommended Posts

Second post! Very new to PHP. I've created a database and add a table with a few fields (Username, Password, Email, and Status) and I'm trying to just create a simple Login/Register/Logout page.

When you click login, the login form comes up, if you click register, the register form comes up, if you login successfully you see the logout link. The page loads with the Login and Register links and I click either one nothing happens. Here's my code. I know I'm doing some nOOb stuff, but I don't really know what's going on. Thanks.

[code]<?php
session_start();
session_register("LoggedInUser");

$uname = $_POST['username'];
$pwd = $_POST['password'];
$action = "";
$loggedIn = "false";

if (isset($uname)) {
//Connect To Database
$hostname=""; //taken out so you don't steal my info
$username=""; //taken out so you don't steal my info
$password=""; //taken out so you don't steal my info
$dbname=""; //taken out so you don't steal my info

mysql_connect($hostname,$username, $password) OR DIE ("Unable to connect to database! Please try again later.");
mysql_select_db($dbname);

$query = "SELECT * FROM Users";
$result = mysql_query($query);
if($result) {
    while($row = mysql_fetch_array($result)){
        $name = $row["Username"];
        $pass = $row["Password"];
        $status = $row["Status"];
        if ($uname == $name && $pwd == $pass) {
        $HTTP_SESSION_VARS ["LoggedInUser"] = $uname;
$loggedIn = "true";
        }
    }
}
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title></title>
</head>

<body id="centerHack">

<div class="main" style="background: transparent url(img/bg_one.gif) top center no-repeat;">
<div class="header">
<div class="header_content"></div>
</div>
<div class="middle">
<div class="middle_content"></div>
</div>
<div class="footer">
<div class="footer_content">
<p><a href="index.php?action=login">Login</a></p>
<?php if (!isset($HTTP_SESSION_VARS['LoggedInUser']) && $action == "login") { ?>
<form action="index.php" method="post">
<p>Username: <input type="text" name="username" maxlength="20" /></p>
<p>Password: <input type="password" name="password" maxlength="12" /></p>
<input type="submit" value="Submit" />
</form>
<?php } ?>
<p><a href="index.php?action=register">Register</a></p>
<?php if (!isset($HTTP_SESSION_VARS['LoggedInUser']) && $action == "register") { ?>
<form action="userConfirm.php" method="post">
<p>Username: <input type="text" name="username" maxlength="20" /></p>
<p>Password: <input type="password" name="password" maxlength="12" /></p>
<p>Email: &nbsp;&nbsp;&nbsp;<input type="text" name="email" maxlength="100" /></p>
<input type="submit" value="Submit" />
</form>
<?php } ?>
<?php if (isset($HTTP_SESSION_VARS['LoggedInUser']) && $loggedIn == "true") { ?>
<a href="index.php?action=logout">Logout</a>
<?php } ?>
</div>
</div>
</div>

</body>
</html>[/code]

Share this post


Link to post
Share on other sites
You need to get the value of action from the URL.

You have this at the top of your code: [code=php:0]$action = "";
[/code]

Change it to this:

[code=php:0]$action = (empty($_GET['action'])) ? "" : $_GET['action'];
[/code]

I'd also change your query as currently you're getting all the rows from the database, you'd be better with this:

[code]
$query = "SELECT * FROM Users where Username = '$uname' AND Password = '$pwd'";
$result = mysql_query($query);
if ($result){
  $row = mysql_fetch_array($result);
  $_SESSION['LoggedInUser'] = $uname;
  $loggedin = "true";
}
[/code]

Regards
Huggie

Share this post


Link to post
Share on other sites
[quote author=HuggieBear link=topic=112434.msg456295#msg456295 date=1161611219]
[code=php:0]$action = (empty($_GET['action'])) ? "" : $_GET['action'];[/code]
[/quote]

What does empty() do? I looked it up on PHP.net but I still don't understand.

[quote author=HuggieBear link=topic=112434.msg456295#msg456295 date=1161611219]
[code=php:0] ? "" : [/code]
[/quote]

And what does that mean?

Share this post


Link to post
Share on other sites
I'm using the ternary operator, you can read about it [url=http://uk.php.net/manual/en/language.operators.comparison.php]here[/url]

It's the same as saying...

[code]
<?php
if (empty($_GET['action'])){ // This says if the variable is empty, has nothing assigned to it
  $action = "";
}
else {
  $action = $_GET['action'];
}
?>
[/code]

Regards
Huggie

Share this post


Link to post
Share on other sites
So it works for the very first time that you login. Once you login and logout, the links don't work anymore. Does it have something to do with not setting $loggedIn back to false or not destroying the session? Here's the updated code.

[code]<?php
session_start();
session_register("LoggedInUser");

$uname = $_POST['username'];
$pwd = $_POST['password'];
$action = (empty($_GET['action'])) ? "" : $_GET['action'];
$loggedIn = "false";

if (isset($uname)) {
//Connect To Database
$hostname="...";
$username="...";
$password="...";
$dbname="...";

mysql_connect($hostname,$username, $password) OR DIE ("Unable to connect to database! Please try again later.");
mysql_select_db($dbname);

$query = "SELECT * FROM Users";
$result = mysql_query($query);
if($result) {
while($row = mysql_fetch_array($result)){
$name = $row["Username"];
$pass = $row["Password"];
$status = $row["Status"];
if ($uname == $name && $pwd == $pass) {
$HTTP_SESSION_VARS ["LoggedInUser"] = $uname;
$loggedIn = "true";
        }
    }
}
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head><title></title></head>

<body id="centerHack">

<div class="main" style="background: transparent url(img/bg_one.gif) top center no-repeat;">
<div class="header"><div class="header_content"></div></div>
<div class="middle"><div class="middle_content"></div></div>
<div class="footer">
<div class="footer_content">
<p><a href="index.php?action=login">Login</a></p>
<?php if (!isset($HTTP_SESSION_VARS['LoggedInUser']) && $action == "login") { ?>
<form action="index.php" method="post">
<p>Username: <input type="text" name="username" maxlength="20" /></p>
<p>Password: <input type="password" name="password" maxlength="12" /></p>
<input type="submit" value="Submit" />
</form>
<?php } ?>
<p><a href="index.php?action=register">Register</a></p>
<?php if (!isset($HTTP_SESSION_VARS['LoggedInUser']) && $action == "register") { ?>
<form action="userConfirm.php" method="post">
<p>Username: <input type="text" name="username" maxlength="20" /></p>
<p>Password: <input type="password" name="password" maxlength="12" /></p>
<p>Email: &nbsp;&nbsp;&nbsp;<input type="text" name="email" maxlength="100" /></p>
<input type="submit" value="Submit" />
</form>
<?php } ?>
<?php if (isset($HTTP_SESSION_VARS['LoggedInUser']) && $loggedIn == "true") { ?>
<p>Welcome <?php echo $uname; ?>, you are currently logged in.</p>
<a href="index.php?action=logout">Logout</a>
<?php } ?>
</div>
</div>
</div>
</body>
</html>[/code]

Share this post


Link to post
Share on other sites
Yes, your code doesn't have a section for logged out.

It should be destroying the session variable and changing $loggedin to false.

Regards
Huggie

Share this post


Link to post
Share on other sites
I'm trying to get the login and register links to disappear once your logged in because it breaks the page when you click those links if you're logged in. Don't really know why they aren't showing up. I added a test to check if $loggedIn was false and it still renders.

[code]
<?php
session_start();
session_register("LoggedInUser");

$uname = $_POST['username'];
$pwd = $_POST['password'];
$action = (empty($_GET['action'])) ? "" : $_GET['action'];
$loggedIn = "false";
if ($_GET['action'] == "logout") {
session_destroy();
$loggedIn = "false";
}

if (isset($uname)) {
//Connect To Database
$hostname="...";
$username="...";
$password="...";
$dbname="...";

mysql_connect($hostname,$username, $password) OR DIE ("Unable to connect to database! Please try again later.");
mysql_select_db($dbname);

$query = "SELECT * FROM Users";
$result = mysql_query($query);
if($result) {
while($row = mysql_fetch_array($result)){
$name = $row["Username"];
$pass = $row["Password"];
$status = $row["Status"];
if ($uname == $name && $pwd == $pass) {
$HTTP_SESSION_VARS ["LoggedInUser"] = $uname;
$loggedIn = "true";
        }
    }
}
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head><title></title></head>
<body id="centerHack">
<div class="main" style="background: transparent url(img/bg_one.gif) top center no-repeat;">
<div class="header"><div class="header_content"></div></div>
<div class="middle"><div class="middle_content"></div></div>
<div class="footer">
<div class="footer_content">
<p><a href="index.php?action=login">Login</a></p>
<?php if (!isset($HTTP_SESSION_VARS['LoggedInUser']) && $action == "login" && $loggedIn == "false") { ?>
<form action="index.php" method="post">
<p>Username: <input type="text" name="username" maxlength="20" /></p>
<p>Password: <input type="password" name="password" maxlength="12" /></p>
<input type="submit" value="Login" />
</form>
<?php } ?>
<p><a href="index.php?action=register">Register</a></p>
<?php if (!isset($HTTP_SESSION_VARS['LoggedInUser']) && $action == "register" && $loggedIn == "false") { ?>
<form action="userConfirm.php" method="post">
<p>Username: <input type="text" name="username" maxlength="20" /></p>
<p>Password: <input type="password" name="password" maxlength="12" /></p>
<p>Email: &nbsp;&nbsp;&nbsp;<input type="text" name="email" maxlength="100" /></p>
<input type="submit" value="Register" />
</form>
<?php } ?>
<?php if (isset($HTTP_SESSION_VARS['LoggedInUser']) && $loggedIn == "true") { ?>
<p>Welcome <?php echo $uname; ?>, you are currently logged in.</p>
<a href="index.php?action=logout">Logout</a>
<?php } ?>
</div>
</div>
</div>
</body>
</html>
[/code]

Share this post


Link to post
Share on other sites
LoggedIn is always going to be set to false, as you've got it coded outside of a conditional statement.  Look at line 8 of your code.

Regards
Huggie

Share this post


Link to post
Share on other sites
I'm getting an error on this code. I have no idea what's wrong.
Error: Parse error: parse error, unexpected $ in /home/content/c/h/a/charlieholder/html/index.php on line 91
Line 91 is the very last line (i.e. </html>)

[code]
<?php
session_start();
session_register("LoggedInUser");

$uname = $_POST['username'];
$pwd = $_POST['password'];
$action = (empty($_GET['action'])) ? "" : $_GET['action'];

if ($_GET['action'] == "logout") {
session_destroy();
$loggedIn = "false";
}
if (!isset($loggedIn)) {
$loggedIn = "unknown";
}
if (isset($uname)) {
//Connect To Database
$hostname="...";
$username="...";
$password="...";
$dbname="...";

mysql_connect($hostname,$username, $password) OR DIE ("Unable to connect to database! Please try again later.");
mysql_select_db($dbname);

$query = "SELECT * FROM Users";
$result = mysql_query($query);
if($result) {
while($row = mysql_fetch_array($result)){
$name = $row["Username"];
$pass = $row["Password"];
$status = $row["Status"];
if ($uname == $name && $pwd == $pass) {
$HTTP_SESSION_VARS ["LoggedInUser"] = $uname;
$loggedIn = "true";
        }
    }
}
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head><title></title></head>
<body id="centerHack">
<div class="main" style="background: transparent url(img/bg_one.gif) top center no-repeat;">
<div class="header"><div class="header_content"></div></div>
<!-- <div class="middle"><div class="middle_content"></div></div> //-->
<div class="footer">
<div class="footer_content">
<?php if ($loggedIn == "unknown" || $loggedIn == "false") { ?>
<p><a href="index.php?action=login">Login</a></p>
<?php }
if (!isset($HTTP_SESSION_VARS['LoggedInUser']) && $action == "login") { ?>
<form action="index.php" method="post">
<p>Username: <input type="text" name="username" maxlength="20" /></p>
<p>Password: <input type="password" name="password" maxlength="12" /></p>
<input type="submit" value="Login" />
</form>
<?php if ($loggedIn == "unknown" || $loggedIn == "false") { ?>
<p><a href="index.php?action=register">Register</a></p>
<?php }
if (!isset($HTTP_SESSION_VARS['LoggedInUser']) && $action == "register") { ?>
<form action="userConfirm.php" method="post">
<p>Username: <input type="text" name="username" maxlength="20" /></p>
<p>Password: <input type="password" name="password" maxlength="12" /></p>
<p>Email: &nbsp;&nbsp;&nbsp;<input type="text" name="email" maxlength="100" /></p>
<input type="submit" value="Register" />
</form>
<?php }
if (isset($HTTP_SESSION_VARS['LoggedInUser']) && $loggedIn == "true") { ?>
<p>Welcome <?php echo $uname; ?>, you are currently logged in.</p>
<a href="index.php?action=logout">Logout</a>
<?php } ?>
</div>
</div>
</div>
</body>
</html>
[/code]

Share this post


Link to post
Share on other sites
There's only 80 lines in the code you posted, have you posted the correct/complete code?

Regards
Huggie

Share this post


Link to post
Share on other sites
OK, on line 61, try changing this:

[code=php:0]<?php if ($loggedIn == "unknown" || $loggedIn == "false") { ?>
[/code]

To this:

[code=php:0]<?php } if ($loggedIn == "unknown" || $loggedIn == "false") { ?>
[/code]

Regards
Huggie

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.