mcrackin Posted July 25, 2013 Share Posted July 25, 2013 Hi everyone, I'm just trying to made a login/registration system for my website. The login and registration portion is very simple and works fine. Now, I am trying to add session_start() to each page so that the user, once logged in, has special features appear (or else something else if not logged in). At the top of a typical page I have the following: <?php session_start(); function isLoggedIn() { if(isset($_SESSION['valid']) && $_SESSION['valid']) return true; return false; } if(isLoggedIn() == true) { $username = $_POST['username']; } else { $username = 'NOT LOGGED IN'; } echo $username ?> my echo statement appears as NOT LOGGED IN, even though I know I am logged in. I believe it has something to with the function portion but I'm not sure what. I'm pretty newbie so any help is appreciated. Quote Link to comment Share on other sites More sharing options...
Pedro999 Posted July 25, 2013 Share Posted July 25, 2013 I am very new to PHP myself and have noticed how fiddly it can be. At the moment, get things working by keeping things simple. For example, in the first page, index.php, do: <?php if (!isset($_SESSION['Login'])) { Log_Visitor(); $_SESSION['Login']="No"; $_SESSION['MemberID']=0; $_SESSION['Name']=""; $_SESSION['AccessLevel']=0; } ?> When a person logs in, the parameters above are set appropriately. Don't know if this helps. Quote Link to comment Share on other sites More sharing options...
mcrackin Posted July 25, 2013 Author Share Posted July 25, 2013 All I want to happen right now is to say, welcome $username or else say not logged in. I'll cry with joy if I can do just that. Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted July 25, 2013 Share Posted July 25, 2013 1) do you have php's error_reporting set to E_ALL and display_errors set to ON so that php would report and display any errors it detects, such as a session_start() related error? 2) what exactly is in $_SESSION['valid'] when that code runs, i.e. what does var_dump($_SESSION['valid']); show on that page after the session_start() statement? Quote Link to comment Share on other sites More sharing options...
mcrackin Posted July 25, 2013 Author Share Posted July 25, 2013 1) Yes, yes 2) Notice: Undefined index: valid in C:\wamp\www\lmc\index.php on line 21 line 21 being var_dump Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted July 25, 2013 Share Posted July 25, 2013 then somewhere between where you set $_SESSION['valid'] to a value when you logged in and the code you posted in this thread, it either got unset or something about the URL changed so that the browser is not sending the session id and the session_start() didn't resume the same session you had when you set $_SESSION['valid'] to a value when you logged in. are you sure the session_start() on your login page worked (no php errors) and that your code set $_SESSION['valid'] to a value (by checking using var_dump())? could you have code that is un-setting $_SESSION['valid'] on your login page, such as having a header() redirect that doesn't have an exit; statement after it and when the following code runs, it is un-setting $_SESSION['valid']? is the hostname (www. vs no www.) on your URL the same for the login page and the page with the code you posted in this thread? by default, the session id cookie only matches the exact same hostname variation of the URL where it was set. Quote Link to comment Share on other sites More sharing options...
mcrackin Posted July 25, 2013 Author Share Posted July 25, 2013 my login page is located on index.php because I want users to login immediately. if they have already logged in from a previous session or once they login this time, i want it to say welcome "billy". if not I want my login form to appear. im just trying to get the right statement for 'is this user logged in or not' Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted July 25, 2013 Share Posted July 25, 2013 since you have started a new thread for help with your login script, i will assume that the tail-end symptom in this thread was due to your login script not actually working and no further replies in this thread are needed? Quote Link to comment Share on other sites More sharing options...
Mlaaa Posted July 25, 2013 Share Posted July 25, 2013 here is working script if you need one <?php session_start(); require 'core/_mysql.php'; require 'core/_func.php'; include 'includes/overall/header.php'; if (!logged()) { if ($_POST) { if (isset($_POST['username']) && isset($_POST['password'])) { $user = safe_query(safe_input($_POST['username'])); $pass = safe_query(safe_input($_POST['password'])); if (!empty($user) && !empty($pass)) { $q = mysqli_query($db, "SELECT `username`, `password` FROM `users` WHERE `username` = '".$user."'"); if (mysqli_num_rows($q) == 1) { $r = mysqli_fetch_assoc($q); if ($user == $r['username'] && $pass == $r['password']) { $_SESSION['username'] = $r['username']; header('Location: index.php'); exit(); } else { echo 'Invalid username / password combination.'; } } else { echo 'Invalid username.'; } } else { echo 'Please enter username and password.'; } } } ?> <form action="login.php" method="POST"> Username : <input type="text" name="username" placeholder="Username" maxlenght="30" /><br /> Password : <input type="password" name="password" placeholder="Password" maxlenght="30" /><br /> <input type="submit" value="Login" /><br /> <a href="register.php">Sign up</a><br /> <a href="lost_password.php">Lost password</a> </form> <?php } else { header('Location: index.php'); exit(); } include 'includes/overall/footer.php'; ?> Quote Link to comment Share on other sites More sharing options...
AbraCadaver Posted July 25, 2013 Share Posted July 25, 2013 here is working script if you need one <?php session_start(); require 'core/_mysql.php'; require 'core/_func.php'; include 'includes/overall/header.php'; if (!logged()) { if ($_POST) { if (isset($_POST['username']) && isset($_POST['password'])) { $user = safe_query(safe_input($_POST['username'])); $pass = safe_query(safe_input($_POST['password'])); if (!empty($user) && !empty($pass)) { $q = mysqli_query($db, "SELECT `username`, `password` FROM `users` WHERE `username` = '".$user."'"); if (mysqli_num_rows($q) == 1) { $r = mysqli_fetch_assoc($q); if ($user == $r['username'] && $pass == $r['password']) { $_SESSION['username'] = $r['username']; header('Location: index.php'); exit(); } else { echo 'Invalid username / password combination.'; } } else { echo 'Invalid username.'; } } else { echo 'Please enter username and password.'; } } } ?> <form action="login.php" method="POST"> Username : <input type="text" name="username" placeholder="Username" maxlenght="30" /><br /> Password : <input type="password" name="password" placeholder="Password" maxlenght="30" /><br /> <input type="submit" value="Login" /><br /> <a href="register.php">Sign up</a><br /> <a href="lost_password.php">Lost password</a> </form> <?php } else { header('Location: index.php'); exit(); } include 'includes/overall/footer.php'; ?> Not "working" if you don't have all the required/included files. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.