karljv Posted October 5, 2011 Share Posted October 5, 2011 So I am new to all this coding and I am making a small website, which has to have a login and something is not working properly. My login user/pass processing code looks like this <?php $host = 'xxxx'; // Host name Normally 'LocalHost' $user = 'xxxx'; // MySQL login username $pass = 'xxxx'; // MySQL login password $database = 'members'; // Database name $table = 'members'; // Members name $username = $_POST["username"]; $password = $_POST["password"]; $connection = mysql_connect("xxxx", "$user", "$pass"); if (!$connection) { die("Database connection failed: " . mysql_error()); } else { echo "Everything is fine!<br />"; } mysql_select_db("xxxx",$connection) or die(mysql_error()); $result = mysql_query("SELECT * FROM members WHERE usr='$username' and pass='$password'",$connection) or die(mysql_error()); $count=mysql_num_rows($result); if($count==1){ session_start(); session_register("myusername"); session_register("mypassword"); header("location:Login_Success.php"); } else { echo "Wrong Username or Password"; } ?> So it all continues well and transfers me to Login_Success.php, where the code looks like this <? if(!session_is_registered(myusername)){ header("location:MainPage.htm"); } ?> <html> -----my html code here, which makes no difference---- The problem is that it sends me to MainPage.htm and I can't really figure out why. As ive said im new to all of this. I figured that the session did not stay logged in, when it changed pages for some odd reason? THANK YOU! Link to comment https://forums.phpfreaks.com/topic/248484-help-with-my-little-php-login-code/ Share on other sites More sharing options...
TOA Posted October 5, 2011 Share Posted October 5, 2011 I'll bet you dont have session_start(); on your second page Link to comment https://forums.phpfreaks.com/topic/248484-help-with-my-little-php-login-code/#findComment-1276077 Share on other sites More sharing options...
karljv Posted October 5, 2011 Author Share Posted October 5, 2011 well forgive me I started a week ago, twas my homework. Thanks a billion tho! Link to comment https://forums.phpfreaks.com/topic/248484-help-with-my-little-php-login-code/#findComment-1276083 Share on other sites More sharing options...
BizLab Posted October 5, 2011 Share Posted October 5, 2011 You would generally want to move your MySQL database connection login info somewhere more secure, and use a php include. There are newer MySQL connection functions available that are recommended as well..look into the mysqli_connect() and it's associated functions I don't recommend storing both the username and password in the $_SESSION array, again for security reasons. Instead: 1. Check for valid credentials 2. If good, move them to a page that only logged in users can access 3. if not good, take them back to the login form limit access to the logged in pages with a conditional check for the username session variable set when logging in like so: $_SESSION['username'] = $username_from_database AND, don't forget start_session(); on every page Link to comment https://forums.phpfreaks.com/topic/248484-help-with-my-little-php-login-code/#findComment-1276085 Share on other sites More sharing options...
TOA Posted October 5, 2011 Share Posted October 5, 2011 Quote well forgive me I started a week ago, twas my homework. Thanks a billion tho! I wasn't criticizing. Did it work? As BizLab pointed out before I could, you need it on every page you want to access the session on. Link to comment https://forums.phpfreaks.com/topic/248484-help-with-my-little-php-login-code/#findComment-1276086 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.