Jump to content

if userLoggedIn, (x), else, (y)

mcrackin

By mcrackin
in PHP Coding Help

 Share

Recommended Posts

mcrackin Newbie

mcrackin

Posted
Posted

Hi everyone,

 

I'm just trying to made a login/registration system for my website. The login and registration portion is very simple and works fine. Now, I am trying to add session_start() to each page so that the user, once logged in, has special features appear (or else something else if not logged in).

 

At the top of a typical page I have the following:

<?php

session_start();

function isLoggedIn()
{
    if(isset($_SESSION['valid']) && $_SESSION['valid'])
        return true;
    return false;
}

if(isLoggedIn() == true)
{
	$username = $_POST['username'];
}
else
{
	$username = 'NOT LOGGED IN';
}

echo $username

?>

my echo statement appears as NOT LOGGED IN, even though I know I am logged in. I believe it has something to with the function portion but I'm not sure what. I'm pretty newbie so any help is appreciated.

Link to comment
Share on other sites
Pedro999 Newbie

Pedro999

Posted
Posted

I am very new to PHP myself and have noticed how fiddly it can be. At the moment, get things working by keeping things simple. For example, in the first page, index.php, do:

 

<?php
if (!isset($_SESSION['Login']))
Log_Visitor();
$_SESSION['Login']="No";
$_SESSION['MemberID']=0;
$_SESSION['Name']="";
$_SESSION['AccessLevel']=0;
}
?>
 
When a person logs in, the parameters above are set appropriately. Don't know if this helps.
Link to comment
Share on other sites
mac_gyver Prolific Member

mac_gyver

Posted
Posted

1) do you have php's error_reporting set to E_ALL and display_errors set to ON so that php would report and display any errors it detects, such as a session_start() related error?

 

2) what exactly is in $_SESSION['valid'] when that code runs, i.e. what does var_dump($_SESSION['valid']); show on that page after the session_start() statement?

Link to comment
Share on other sites
mac_gyver Prolific Member

mac_gyver

Posted
Posted

then somewhere between where you set $_SESSION['valid'] to a value when you logged in and the code you posted in this thread, it either got unset or something about the URL changed so that the browser is not sending the session id and the session_start() didn't resume the same session you had when you set $_SESSION['valid'] to a value when you logged in.

 

are you sure the session_start() on your login page worked (no php errors) and that your code set $_SESSION['valid'] to a value (by checking using var_dump())? could you have code that is un-setting $_SESSION['valid'] on your login page, such as having a header() redirect that doesn't have an exit; statement after it and when the following code runs, it is un-setting $_SESSION['valid']?

 

is the hostname (www. vs no www.) on your URL the same for the login page and the page with the code you posted in this thread? by default, the session id cookie only matches the exact same hostname variation of the URL where it was set.

Link to comment
Share on other sites
mcrackin Newbie

mcrackin

Posted
  • Author
Posted

my login page is located on index.php because I want users to login immediately. if they have already logged in from a previous session or once they login this time, i want it to say welcome "billy". if not I want my login form to appear. im just trying to get the right statement for 'is this user logged in or not'

Link to comment
Share on other sites
Mlaaa Member

Mlaaa

Posted
Posted

here is working script if you need one 

<?php

session_start();
require 'core/_mysql.php';
require 'core/_func.php';

include 'includes/overall/header.php'; 

if (!logged()) {

	if ($_POST) {
		
		if (isset($_POST['username']) && isset($_POST['password'])) {
			
			$user = safe_query(safe_input($_POST['username']));
			$pass = safe_query(safe_input($_POST['password']));
			
			if (!empty($user) && !empty($pass)) {
				
				$q = mysqli_query($db, "SELECT `username`, `password` FROM `users` WHERE `username` = '".$user."'");
				
				if (mysqli_num_rows($q) == 1) {
					
					$r = mysqli_fetch_assoc($q);
					
					if ($user == $r['username'] && $pass == $r['password']) {
						
						$_SESSION['username'] = $r['username'];
						header('Location: index.php');
						exit();
						
					} else {
						echo 'Invalid username / password combination.';
					}
					
				} else {
					echo 'Invalid username.';
				}
				
			} else {
				echo 'Please enter username and password.';
			}
			
		}
		
	}

?>

<form action="login.php" method="POST">
	Username : <input type="text" name="username" placeholder="Username" maxlenght="30" /><br />
	Password : <input type="password" name="password" placeholder="Password" maxlenght="30" /><br />
	<input type="submit" value="Login" /><br />
	<a href="register.php">Sign up</a><br />
	<a href="lost_password.php">Lost password</a>
</form>

<?php

} else {
	header('Location: index.php');
	exit();
}

include 'includes/overall/footer.php';

?>
Link to comment
Share on other sites
AbraCadaver Newbie

AbraCadaver

Posted
Posted

 

here is working script if you need one 

<?php

session_start();
require 'core/_mysql.php';
require 'core/_func.php';

include 'includes/overall/header.php'; 

if (!logged()) {

	if ($_POST) {
		
		if (isset($_POST['username']) && isset($_POST['password'])) {
			
			$user = safe_query(safe_input($_POST['username']));
			$pass = safe_query(safe_input($_POST['password']));
			
			if (!empty($user) && !empty($pass)) {
				
				$q = mysqli_query($db, "SELECT `username`, `password` FROM `users` WHERE `username` = '".$user."'");
				
				if (mysqli_num_rows($q) == 1) {
					
					$r = mysqli_fetch_assoc($q);
					
					if ($user == $r['username'] && $pass == $r['password']) {
						
						$_SESSION['username'] = $r['username'];
						header('Location: index.php');
						exit();
						
					} else {
						echo 'Invalid username / password combination.';
					}
					
				} else {
					echo 'Invalid username.';
				}
				
			} else {
				echo 'Please enter username and password.';
			}
			
		}
		
	}

?>

<form action="login.php" method="POST">
	Username : <input type="text" name="username" placeholder="Username" maxlenght="30" /><br />
	Password : <input type="password" name="password" placeholder="Password" maxlenght="30" /><br />
	<input type="submit" value="Login" /><br />
	<a href="register.php">Sign up</a><br />
	<a href="lost_password.php">Lost password</a>
</form>

<?php

} else {
	header('Location: index.php');
	exit();
}

include 'includes/overall/footer.php';

?>

Not "working" if you don't have all the required/included files.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.