Jump to content

Check if user has login

IrOnMaSk

By IrOnMaSk
in PHP Coding Help

 Share

Recommended Posts

jj20051 Regular Member

jj20051

Posted
Posted

There are 2 pieces: 1 ~ create a session variable and 2 ~ check for a session variable. So as an example when you've checked the user's username/password to see if they are correct set the username into a session:

 

$_SESSION['username'] = $username;

 

Then on the pages you want to prevent users who aren't logged in you'd use the code:

 

$username = $_SESSION['username'];

if($username != NULL){
// This is where your protected page's code belongs
} else {
// If the user isn't logged in take them to the login page instead
header("Location: login.php");
}

IrOnMaSk Member

IrOnMaSk

Posted
  • Author
Posted

Thanks for your reply jj, it makes sense. I'm not sure though to how I implement that into the script. So here's how I check to see if username/password match when user login.

<?php 

// Connects to your Database 

mysql_connect("localhost", "Sopoan", "Javascrip1") or die(mysql_error()); 

mysql_select_db("member") or die(mysql_error()); 


//Checks if there is a login cookie

if(isset($_COOKIE['ID_my_site']))


//if there is, it logs you in and directes you to the members page

{ 
	$username = $_COOKIE['ID_my_site']; 

	$pass = $_COOKIE['Key_my_site'];

	 	$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());

	while($info = mysql_fetch_array( $check )) 	

		{

		if ($pass != $info['password']) 

			{

			 			}

		else

			{

			header("Location: members.php");



			}

		}

}


//if the login form is submitted 

if (isset($_POST['submit'])) { // if form has been submitted



// makes sure they filled it in

	if(!$_POST['username'] | !$_POST['pass']) {

		die('You did not fill in a required field.');

	}

	// checks it against the database



	if (!get_magic_quotes_gpc()) {

		$_POST['email'] = addslashes($_POST['email']);

	}

	$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());

//Gives error if user dosen't exist

$check2 = mysql_num_rows($check);

if ($check2 == 0) {

		die('That user does not exist in our database. <a href=registration.php>Click Here to Register</a>');

while($info = mysql_fetch_array( $check )) 	

{

$_POST['pass'] = stripslashes($_POST['pass']);

	$info['password'] = stripslashes($info['password']);

	$_POST['pass'] = md5($_POST['pass']);

//gives error if the password is wrong

	if ($_POST['pass'] != $info['password']) {

		die('Incorrect password, please try again.');

	}

	else 

{ 

// if login is ok then we add a cookie 

	 $_POST['username'] = stripslashes($_POST['username']); 

	 $hour = time() + 3600; 

setcookie(ID_my_site, $_POST['username'], $hour); 

setcookie(Key_my_site, $_POST['pass'], $hour);	 

//then redirect them to the members area 

header("Location: members.php"); 

} 

} 

} 

else 

{	 

// if they are not logged in 

?> 

<form action="login.php" method="post"> 

<table border="0"> 

<tr><td colspan=2><h1>Login</h1></td></tr> 

<tr><td>Username:</td><td> 

<input type="text" name="username" maxlength="40"> 

</td></tr> 

<tr><td>Password:</td><td> 

<input type="password" name="pass" maxlength="50"> 

</td></tr> 

<tr><td colspan="2" align="right"> 

<input type="submit" name="submit" value="Login"> 

</td></tr> 

</table> 

</form> 

<?php 

} 
?>

Thanks

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.