dazzathedrummer Posted December 17, 2015 Share Posted December 17, 2015 Hi, The 'admin' section of my website stopped working a couple of months ago and I'm just trying to fix it - I was getting an error about Session_Register being deprecated and I'm now trying to knife and fork my way around it with results from various google searches. I'm an advanced SQL user but only occasionally dabble with PHP so any help would be appreciated. So, basic set up, login page checks credentials against the DB, a session cookie is set and you're let into the admin area - my script is looping me back to the login page as my !isset is true.....because I can't figure out how to set it with the new functions! This is the login include..... <?php $host="database.lcn.com"; // Host name $username="blahblah"; // Mysql username $password="blahblah"; // Mysql password $db_name="blahblah_db"; // Database name $tbl_name="users"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $myusername=$_POST['username']; $mypassword= md5($_POST['pass']); // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM users WHERE is_obv = '1' and username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" $_SESSION['username'] = $myusername; $_SESSION['pass'] = $mypassword; header("location:../admin"); } else { header("location:http://www.web.co.uk/ooops"); } ?> and this is the 'login_success' include that I include on each protected page.... <? session_start(); if(!isset($_SESSION['username'])){ header("location:http://www.web.co.uk/login"); } ?> Darren Quote Link to comment https://forums.phpfreaks.com/topic/299804-problems-with-login-script/ Share on other sites More sharing options...
Zephni Posted December 17, 2015 Share Posted December 17, 2015 (edited) Just checking before looking into it further. But are you running session_start(); at the top of that page? I know it's on the "protected pages" but you can't manipulate the session variables if you haven't started it which you are trying to do on the login page by the looks of things. Edited December 17, 2015 by Zephni Quote Link to comment https://forums.phpfreaks.com/topic/299804-problems-with-login-script/#findComment-1528113 Share on other sites More sharing options...
dazzathedrummer Posted December 17, 2015 Author Share Posted December 17, 2015 Just checking before looking into it further. But are you running session_start(); at the top of that page? I know it's on the "protected pages" but you can't manipulate the session variables if you haven't started it which you are trying to do on the login page by the looks of things. session_start(); is in the second include that appears on each page once you're through the door - but not on the initial login include.....should it be? Quote Link to comment https://forums.phpfreaks.com/topic/299804-problems-with-login-script/#findComment-1528114 Share on other sites More sharing options...
Solution Zephni Posted December 17, 2015 Solution Share Posted December 17, 2015 (edited) Yep, and it should always be the first thing at the top of the page. This is because you are trying to change the $_SESSION values which won't be associated with any particular session if you don't session_start(); first. Then on the next page it will be like the session was never set. So just try adding: session_start(); Underneath your opening <?php tag Edited December 17, 2015 by Zephni Quote Link to comment https://forums.phpfreaks.com/topic/299804-problems-with-login-script/#findComment-1528115 Share on other sites More sharing options...
dazzathedrummer Posted December 17, 2015 Author Share Posted December 17, 2015 Yep, and it should always be the first thing at the top of the page. This is because you are trying to change the $_SESSION values which won't be associated with any particular session if you don't session_start(); first. Then on the next page it will be like the session was never set. Yes - I've just added it and it now works fine!! thanks for your help - I guess I should read up on this! Quote Link to comment https://forums.phpfreaks.com/topic/299804-problems-with-login-script/#findComment-1528116 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.