Jump to content

problem with login session


dekon
Go to solution Solved by dekon,

Recommended Posts

basically with my code it tells the user that they would need to be logged in to view the topics but once a user has logged in and tries to view them that it tells the user that they are not logged in and need to signin but once click this it already tells the user they are logged in can someone help me solve this i'm baffled. 

 

this is the code i'm using 

<?php
//create_cat.php
include 'mysql.php';
include 'header.php';

$sql = "SELECT
			id,
			subject
		FROM
			topics
		WHERE
			 id = ". mysql_real_escape_string($_GET['id']); 
			
$result = mysql_query($sql);
if(!$result)
{
	echo 'The topic could not be displayed, please try again later.' . mysql_error();  
}
else
{
	if(mysql_num_rows($result) == 0)
	{
		echo 'This topic dose not exist.';
	}
	else
	{
		while($row = mysql_fetch_assoc($result))
		{
			//display post data
			echo '<table class="topic" border="1">
					<tr>
						<th colspan="2">' . $row['subject'] . '</th>
					</tr>';
		
			//fetch the posts from the database
			$posts_sql = "SELECT
						post.topic,
						post.content,
						post.date,
						post.postby,
						users.id,
						users.username
					FROM
						post
					LEFT JOIN
						users
					ON
						post.postby = users.id
					WHERE
						post.topic = " . mysql_real_escape_string($_GET['id']);
						
			$posts_result = mysql_query($posts_sql);
			
			if(!$posts_result)
			{
				echo '<tr><td>The posts could not be displayed, please try again later.</tr></td></table>';
			}
			else
			{
			
				while($posts_row = mysql_fetch_assoc($posts_result))
				{
					echo '<tr class="topic-post">
							<td class="user-post">' . $posts_row['username'] . '<br/>' . date('d-m-Y H:i', strtotime($posts_row['date'])) . '</td>
							<td class="post-content">' . htmlentities(stripslashes($posts_row['content'])) . '</td>
						  </tr>';
				}
			}
			
			if($_SESSION['loggedIn'])
			{
				echo '<tr><td colspan=2>You must be <a href="signin.php">signed in</a> to reply. You can also <a href="signup.php">sign up</a> for an account.';
			}
			else
			{
				//show reply box
				echo '<tr><td colspan="2"><h2>Reply:</h2><br />
					<form method="post" action="reply.php?id=' . $row['id'] . '">
						<textarea name="reply-content"></textarea><br /><br />
						<input type="submit" value="Submit reply" />
					</form></td></tr>';
			}
			
			//finish the table
			echo '</table>';
		}
	}
}

include 'footer.php';
?>

 

 

Link to comment
Share on other sites

The logic in that script doesn't make sense to me. Why do you bury the login check at the very end after all the code has been run to display the content that shouldn't be displayed to a non-logged in user?

 

In any event, there is nothing in that script that would tell us why the user is being incorrectly identified as not logged in. I *assume* your login script is setting a value for $_SESSION['loggedIn']. So, a couple things come to mind. I don't see a session_start() on the above script - which is mandatory to reference session variables. But, you may have that in one of the included files. The other thing is, what is the value being set for $_SESSION['loggedIn']? If you are setting a value that is evaluated as false, your condition check will fail.

Link to comment
Share on other sites

 

if($_SESSION['loggedIn'])
{
	echo '<tr><td colspan=2>You must be <a href="signin.php">signed in</a> to reply. You can also <a href="signup.php">sign up</a> for an account.';
}
else
{
	//show reply box

That IF test looks backwards to me. If LOGGED-IN tell them they must log-in?

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.