Jump to content

PHP Login Script Issues


Go to solution Solved by Ch0cu3r,

Recommended Posts

Hi,

 

Currently having an issue with php login script. The login script works fine and logs in the correct user, but the problem is, is that any link I click regardless whether it is the log out button, it seems to end the session and logs me back out again. Total newbie to php, can I have some help please? Also, is there a way to display the users' name from the user table inside the echo  "you logged in as", I can only seem to get the ID? Thank you for your help.

 

 Login form (in page header):

 

 

<div class="loginform">


<?php
  


if ($_SESSION['id'] > 0){ 


   echo "You are logged in as"; 


?> 
        
        <?php
print $GLOBALS['user']->name; 
?>
                 
          <a href="logout.php">Logout</a>
            
        <?php


}else{ 


  echo "<p>Login:</p>\n"; 


?>
                
            <form name="loginform" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<b>Username:</b> <input type="text" name="liusername"> 
   <b>Password:</b> <input type="password" name="lipassword">
             <input type="submit" name="lisubmit" value="Login">
  </form> 


</div>
 
 
 
PHP authenticate (in page top)
 
 
 
<?php


if (isset($_POST['lisubmit']));


$query = "SELECT user_id, user_password FROM user WHERE user_username = '".$_POST['liusername']."'"; 


$result = mysql_query($query) or die (mysql_error());


$row = mysql_fetch_array($result);




if ($row['user_password'] == $_POST['lipassword']){


$_SESSION['loggedin'] = true;
$_SESSION['id'] = $row['user_id'];




}else{


$_SESSION['loggedin'] = false;
$_SESSION['id'] = 0;


}


?>
Edited by Catana
Link to comment
https://forums.phpfreaks.com/topic/287581-php-login-script-issues/
Share on other sites

  • Solution

 

 

I can only seem to get the ID?

That is because you are only setting the id in the session.

$_SESSION['loggedin'] = true;
$_SESSION['id'] = $row['user_id'];

To set the username in the session too, add the following after those lines

$_SESSION['username'] = $_POST['liusername']

Now you can display the users username by echoing $_SESSION['username'] variable

 

 

You will however want to sanitise and validate the $_POST data before using it in the query. Passwords should be hashed, not stored as plain text.

        <?php
print $GLOBALS['user']->name; 
?>

globals of any sort should never be used. Wherever you have learnt that you should forget about it. What is the $user class?

 

 

 

it seems to end the session and logs me back out again.

Make sure you have started ( session_start() )  the session on any page that uses $_SESSIONS. Either that or you most likely a logic issue. It is hard to tell with the code you posted.

Edited by Ch0cu3r

Thanks for that, the username works like a treat.

Oh the globals I found from another site as I was testing to make the username display, I've deleted that, thanks for the advice.

 

As for the login, it doesn't work for some reason.

I have put a session start within my index page and have separated the majority of the site into separate include files, I have also tried putting a session start within the file that has the login script, but that doesn't work either?

 

Thanks for your help.

Sorry for the confusion, the login form works and logs users from the database into the website, but still refuses to stay logged in once I click any other link on the site.

 

I have created a session destroy for the logout link which I believe works, but it appears every other link is not carrying over the session to other pages of the site; it's really strange. 

You'll need to post more code, such as how are you checking to see if the user is logged in or not.

 

It could be you have logic issue and the logout code is being ran somehow, or you're starting the session after output has been sent to the browser, which you cannot do.

 

So you might want to post examples of how you are starting the session. 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.