Catana Posted April 7, 2014 Share Posted April 7, 2014 (edited) Hi, Currently having an issue with php login script. The login script works fine and logs in the correct user, but the problem is, is that any link I click regardless whether it is the log out button, it seems to end the session and logs me back out again. Total newbie to php, can I have some help please? Also, is there a way to display the users' name from the user table inside the echo "you logged in as", I can only seem to get the ID? Thank you for your help. Login form (in page header): <div class="loginform"> <?php if ($_SESSION['id'] > 0){ echo "You are logged in as"; ?> <?php print $GLOBALS['user']->name; ?> <a href="logout.php">Logout</a> <?php }else{ echo "<p>Login:</p>\n"; ?> <form name="loginform" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <b>Username:</b> <input type="text" name="liusername"> <b>Password:</b> <input type="password" name="lipassword"> <input type="submit" name="lisubmit" value="Login"> </form> </div> PHP authenticate (in page top) <?php if (isset($_POST['lisubmit'])); $query = "SELECT user_id, user_password FROM user WHERE user_username = '".$_POST['liusername']."'"; $result = mysql_query($query) or die (mysql_error()); $row = mysql_fetch_array($result); if ($row['user_password'] == $_POST['lipassword']){ $_SESSION['loggedin'] = true; $_SESSION['id'] = $row['user_id']; }else{ $_SESSION['loggedin'] = false; $_SESSION['id'] = 0; } ?> Edited April 7, 2014 by Catana Quote Link to comment https://forums.phpfreaks.com/topic/287581-php-login-script-issues/ Share on other sites More sharing options...
Solution Ch0cu3r Posted April 7, 2014 Solution Share Posted April 7, 2014 (edited) I can only seem to get the ID? That is because you are only setting the id in the session. $_SESSION['loggedin'] = true; $_SESSION['id'] = $row['user_id']; To set the username in the session too, add the following after those lines $_SESSION['username'] = $_POST['liusername'] Now you can display the users username by echoing $_SESSION['username'] variable You will however want to sanitise and validate the $_POST data before using it in the query. Passwords should be hashed, not stored as plain text. <?php print $GLOBALS['user']->name; ?> globals of any sort should never be used. Wherever you have learnt that you should forget about it. What is the $user class? it seems to end the session and logs me back out again. Make sure you have started ( session_start() ) the session on any page that uses $_SESSIONS. Either that or you most likely a logic issue. It is hard to tell with the code you posted. Edited April 7, 2014 by Ch0cu3r Quote Link to comment https://forums.phpfreaks.com/topic/287581-php-login-script-issues/#findComment-1475237 Share on other sites More sharing options...
Catana Posted April 7, 2014 Author Share Posted April 7, 2014 Thanks for that, the username works like a treat. Oh the globals I found from another site as I was testing to make the username display, I've deleted that, thanks for the advice. As for the login, it doesn't work for some reason. I have put a session start within my index page and have separated the majority of the site into separate include files, I have also tried putting a session start within the file that has the login script, but that doesn't work either? Thanks for your help. Quote Link to comment https://forums.phpfreaks.com/topic/287581-php-login-script-issues/#findComment-1475243 Share on other sites More sharing options...
Ch0cu3r Posted April 7, 2014 Share Posted April 7, 2014 So login form is no longer working? Quote Link to comment https://forums.phpfreaks.com/topic/287581-php-login-script-issues/#findComment-1475244 Share on other sites More sharing options...
Catana Posted April 7, 2014 Author Share Posted April 7, 2014 Sorry for the confusion, the login form works and logs users from the database into the website, but still refuses to stay logged in once I click any other link on the site. I have created a session destroy for the logout link which I believe works, but it appears every other link is not carrying over the session to other pages of the site; it's really strange. Quote Link to comment https://forums.phpfreaks.com/topic/287581-php-login-script-issues/#findComment-1475246 Share on other sites More sharing options...
Ch0cu3r Posted April 7, 2014 Share Posted April 7, 2014 You'll need to post more code, such as how are you checking to see if the user is logged in or not. It could be you have logic issue and the logout code is being ran somehow, or you're starting the session after output has been sent to the browser, which you cannot do. So you might want to post examples of how you are starting the session. Quote Link to comment https://forums.phpfreaks.com/topic/287581-php-login-script-issues/#findComment-1475247 Share on other sites More sharing options...
Catana Posted April 7, 2014 Author Share Posted April 7, 2014 Thank you for your help, I managed to find the issue, it was a semicolon that I found shouldn't of been there. Thanks! Quote Link to comment https://forums.phpfreaks.com/topic/287581-php-login-script-issues/#findComment-1475260 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.