Jump to content

Recommended Posts

Hey there guys .

First let me thank you for your previous helps.

Second let me apologize for this post from what it could contain from annoying spam of code.

As you may know im still working on login / register system. Well i was working on it any way .... But after that i ran into some problems.

 

Problem : the sessions are not saved and the user is never logged in. While testing my code . The user after logging in successfully it redirect him to member.php page where it should show him the username and all that. Yet it doesn't.

You may know this problem from my previous post : http://forums.phpfreaks.com/topic/294511-not-saving-session-data-after-log-in/.

The only different between both codes IS that in the previous post i was testing it on localhost . Now im testing it on a real website : http://homeserver.webuda.com/ (its still empty ....)

Again the same problem...

 

Codes :

 

index.php :

<?php
session_start();
$userid = $_SESSION['userid'];
$username = $_SESSION['username'];

       if ($username && $userid) {
	
              echo "Welcome <b>$username</b>, <a href='./logout.php'>Logout</a>";
 
       } else {
 
              echo "Please login to access this page. <a href='./login.php'>Login here</a>";
 
       }
 
        ?>

Login.php :

 

    <?php
    session_start();
    $form='<form action="login.php" method="POST">
                <table>
                    <tr>
                        <td>Username :</td>
                        <td><input type="text" name="user"></td>
                    </tr>
                    <tr>
                        <td>Password :</td>
                        <td><input type="password" name="pass"></td>
                    </tr>
                    <tr>
                        <td></td>
                    </tr>
                    <tr>
                        <td></td>
                    </tr>
                    <tr>
                        <td></td>
                    </tr>
                    <tr>
                        <td></td>
                    </tr>
                    <tr>
                        <td><input type="submit" name="loginbtn" value="Log in"></td>
                    </tr>
                </table>
            </form>';
    $user = $_POST['user'];
    $pass = $_POST['pass'];    
    if ($_POST['loginbtn']) {
        if ($user) {
            if ($pass) {
                require 'connect.php';
                $query = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM users WHERE username = '$user' ");
                $row = mysqli_fetch_assoc($query);
                $passwordFromPost = $_POST['pass'];
                $hashedPasswordFromDB = $row['password'];
                    if ($passwordFromPost === $hashedPasswordFromDB) {
                        $query = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM users WHERE username = '$user' ");
                        $numrows = mysqli_num_rows($query);
                        if ($numrows == 1) {
                $query = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM users WHERE username = '$user' ");
                $row = mysqli_fetch_assoc($query);
                $dbactive = $row['active'];
                $dbuser = $row['username'];
                                if ($dbactive == 1) {
    $_SESSION['userid'] = $dbid;
    $_SESSION['username'] = $dbuser;    
                                echo "You have been logged in as <b>$dbuser</b> <a href='./index.php'>Click here</a> to go back to home page";
                                } else {
                                echo '<font color="red">You must activate your account to log in.</font>';
                                echo $form;
                                }
                        } else {
                        echo '<font color="red">You entered an invalid username or password.</font>';
                        echo $form;
                        }
                    } else {
                    echo '<font color="red">You entered an invalid username or password.</font>';    
                    echo $form;
                    }
                ((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res);
            } else {
            echo '<font color="red">You must enter your password.</font>';
            echo $form;
            }
        } else {
        echo '<font color="red">You must enter your username.</font>';    
        echo $form;
        }
    }else{
    echo $form;    
    }
    ?>

The user is logged in successfully ... and all that yet in index nothing happen.

Hope you can help me now .

Thanks for reading.

 

 

 

 

Link to comment
https://forums.phpfreaks.com/topic/294700-php-coding-problem/
Share on other sites

when debugging code, you need to have php's error_reporting set to E_ALL (or even better, a -1 ) and display_errors set to ON to get php to help you. if your code is running at all, you can put these settings into your main file(s), immediately after the first opening <?php tag. 

ini_set("display_errors", "1");
error_reporting(-1);
Link to comment
https://forums.phpfreaks.com/topic/294700-php-coding-problem/#findComment-1506018
Share on other sites

hey there.

I did as you said and i got the following errors :

 

Notice: Undefined index: userid in /home/a1095229/public_html/index.php on line 9

 

Notice: Undefined index: username in /home/a1095229/public_html/index.php on line 10

 

i though these are kind of normal problems ?

Link to comment
https://forums.phpfreaks.com/topic/294700-php-coding-problem/#findComment-1506025
Share on other sites

well look i tried to put the code as following :

 

still not working ...

 

index.php :

<?php
session_start();
$userid = $_SESSION['userid'];
$username = $_SESSION['username'];

       if ( isset ($userid) && isset ($username) ) { 
	
              echo "Welcome <b>$username</b>, <a href='./logout.php'>Logout</a>";
 
       } else {
 
              echo "Please login to access this page. <a href='./login.php'>Login here</a>";
 
       }
 
        ?>

login.php :

<?php
session_start();

$form='<form action="login.php" method="POST">
			<table>
				<tr>
					<td>Username :</td>
					<td><input type="text" name="user"></td>
				</tr>
				<tr>
					<td>Password :</td>
					<td><input type="password" name="pass"></td>
				</tr>
				<tr>
					<td></td>
				</tr>
				<tr>
					<td></td>
				</tr>
				<tr>
					<td></td>
				</tr>
				<tr>
					<td></td>
				</tr>
				<tr>
					<td><input type="submit" name="loginbtn" value="Log in"></td>
				</tr>
			</table>
		</form>';
		
$user = $_POST['user'];
$pass = $_POST['pass'];	

if (isset($_POST['loginbtn'])) {

	if (isset($_POST['user'])) {
		
		if (isset($_POST['pass'])) {
			
			require 'connect.php';
			
			$query = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM users WHERE username = '$user' ");
			$row = mysqli_fetch_assoc($query);
			$passwordFromPost = $_POST['pass'];
			$hashedPasswordFromDB = $row['password'];
			
				if ($passwordFromPost === $hashedPasswordFromDB) {
					
					$query = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM users WHERE username = '$user' ");
					$numrows = mysqli_num_rows($query);
					if ($numrows == 1) {
						
			$query = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM users WHERE username = '$user' ");
			$row = mysqli_fetch_assoc($query);
			$dbactive = $row['active'];
			$dbuser = $row['username'];
						
						
							if ($dbactive == 1) {
								
                            $_SESSION['userid'] = $dbid;
                            $_SESSION['username'] = $dbuser;	
							echo "You have been logged in as <b>$dbuser</b> <a href='./index.php'>Click here</a> to go back to home page";
   
								
							} else {
								
							echo '<font color="red">You must activate your account to log in.</font>';
							echo $form;
								
							}
						
					} else {
						
					echo '<font color="red">You entered an invalid username or password.</font>';
					echo $form;
						
					}
					
				} else {
					
				echo '<font color="red">You entered an invalid username or password.</font>';	
				echo $form;
					
				}
			
			((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res);
			
		} else {
			
		echo '<font color="red">You must enter your password.</font>';
		echo $form;
			
		}
		
	} else {
		
	echo '<font color="red">You must enter your username.</font>';	
	echo $form;
	
	}
}else{
	
echo $form;	
	
}
 ?>
 



Link to comment
https://forums.phpfreaks.com/topic/294700-php-coding-problem/#findComment-1506027
Share on other sites

i though these are kind of normal problems ?

 

 

two error messages that indicate that your session variables don't exist, would mean that your log in code didn't log anyone in or that information didn't carry over to the index.php page. you would need to determine why by checking exactly what the log in code did when it ran or if there are any php or database errors in that code.

Link to comment
https://forums.phpfreaks.com/topic/294700-php-coding-problem/#findComment-1506028
Share on other sites

Based on the following code, it looks like you're comparing a hashed password against the raw version:

$passwordFromPost = $_POST['pass'];
$hashedPasswordFromDB = $row['password'];
if ($passwordFromPost === $hashedPasswordFromDB) {
    //...

Also, it doesn't look like $dbid is defined before the following line:

$_SESSION['userid'] = $dbid;
Link to comment
https://forums.phpfreaks.com/topic/294700-php-coding-problem/#findComment-1506030
Share on other sites

 

Based on the following code, it looks like you're comparing a hashed password against the raw version:

$passwordFromPost = $_POST['pass'];
$hashedPasswordFromDB = $row['password'];
if ($passwordFromPost === $hashedPasswordFromDB) {
    //...

Also, it doesn't look like $dbid is defined before the following line:

$_SESSION['userid'] = $dbid;

Oh ye about the hashed pass ... its not hashed .... i was just too lazy in order to change it :P ....

 

And what do you mean ?

 

 

Also, it doesn't look like $dbid is defined before the following line:

$_SESSION['userid'] = $dbid;
Link to comment
https://forums.phpfreaks.com/topic/294700-php-coding-problem/#findComment-1506032
Share on other sites

When logging in, do you see the message echoed here:

echo "You have been logged in as <b>$dbuser</b> <a href='./index.php'>Click here</a> to go back to home page";

If so, the SESSION variables should be set. To make sure, you can try displaying it:

$_SESSION['username'] = $dbuser; 
echo "You have been logged in as <b>$dbuser</b> <a href='./index.php'>Click here</a> to go back to home page";
var_dump($_SESSION['username']);
Link to comment
https://forums.phpfreaks.com/topic/294700-php-coding-problem/#findComment-1506033
Share on other sites

After the SESSION variables are set here:

$_SESSION['userid'] = $dbid;
$_SESSION['username'] = $dbuser;
 
...did you trying displaying them to the screen to make sure they contain the value you expect? You could try something like this:
$_SESSION['userid'] = $dbid;
$_SESSION['username'] = $dbuser;

 
print '<pre>' . print_r($_SESSION, true) . '</pre>';

 

Link to comment
https://forums.phpfreaks.com/topic/294700-php-coding-problem/#findComment-1506043
Share on other sites

... so sessions work right ?

 

It sure sounds like it  :happy-04:

 

 

Array

(    [userid] =>     [username] => Jad)

EDIT : it does.... it echo the sessions ... maybe not id ?

 

As I mentioned earlier, $dbid is not define. So the following line of code creates the SESSION variable, but the value will be an empty string:

$_SESSION['userid'] = $dbid;

I imagine that you need to define $dbid like you did for $dbuser here:

$dbuser = $row['username'];
Link to comment
https://forums.phpfreaks.com/topic/294700-php-coding-problem/#findComment-1506061
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.