wikedawsum Posted January 12, 2007 Share Posted January 12, 2007 Ok. I have setup two pages for a user to view once they have logged in (more will follow, but trying to work out the bugs one at a time). I have a member.php page, and a reports.php page. When the user first logs in, they are taken to member.php. Looks great. Then if they click on the link for reports.php, they are taken to that page and everything works fine. My problem is when they click the link to go back to member.php, they receive a message stating they are not logged in.Here is the code for both pages..member.php[code]<?php// include function files for this applicationrequire_once('tokens_fns.php'); session_start();//create short variable names$username = $_POST['username'];$passwd = $_POST['passwd'];// Connect to db@mysql_connect("*********", "*****", "******") or die("Cannot connect to DB!");// Select db@mysql_select_db("users") or die("Cannot select DB!");// Run query$sql = "SELECT username FROM users WHERE username='$username' and passwd=sha1('$passwd')";$r = mysql_query($sql);if(!$r){ $err=mysql_error(); echo $err; exit();} if(mysql_num_rows($r) > 0){ echo "no such login in the system. please try again."; exit();}else{$_SESSION['valid_user'] = $username;}do_html_header('');display_user_menu('');check_valid_user('');?> <div id="right"> <div id="title"> <h1>Welcome to your AACA Locker <? echo $_SESSION['valid_user']; ?></h1> </div> <? if (isset($_SESSION['valid_user'])) { echo '<p>Thanks for logging in! You may now view your custom reports, vote in our polls, and be sure to check for any rewards you may have won!</p>'; } else { if (isset($username)) { // if they've tried and failed to log in echo 'Could not log you in.<br />'; } else { //they have not tried to log in yet or have logged out echo 'You are not logged in.<br />'; } } ?> </div> <?do_html_footer('');?>[/code]reports.php[code]<?phprequire_once('tokens_fns.php');session_start();if (isset($_SESSION['valid_user'])){do_html_header('');display_user_menu('');check_valid_user('');}else{ echo '<p>You are not authorized to view this page. If you feel you have received this message in error, please contact the system <a href="mailto:[email protected]">administrator</a>.';}?><div id="right"> <div id="title"> <h1>Reports for <? echo $_SESSION['valid_user']; ?></h1> </div> <p>To download your report, click on the report name.</p> <img src="../images/download_icon.gif"><? if ($url_array = get_user_urls($_SESSION['valid_user'])) display_user_urls($url_array); ?> </div> <?do_html_footer('');?>[/code]This is all new to me and still trying to learn, so I'm just guessing here that it has to do with the sessions. Can anyone tell me why this might be happening and what I have missed?Thank you![b]edit by redbullmarky[/b]: be careful when pasting your scripts here - make sure you remove your username/password first ;) Link to comment https://forums.phpfreaks.com/topic/33956-need-help-with-sessions/ Share on other sites More sharing options...
wikedawsum Posted January 15, 2007 Author Share Posted January 15, 2007 Thanks for the edit, redbullmarky.. didn't catch that when I posted.Still having trouble with this.. anyone have any ideas?Thank you! Link to comment https://forums.phpfreaks.com/topic/33956-need-help-with-sessions/#findComment-161178 Share on other sites More sharing options...
utexas_pjm Posted January 15, 2007 Share Posted January 15, 2007 it looks like you're blindly checking the $_POST array for user credentials when a user hits the member.php. Try this:[code]<?php// include function files for this applicationrequire_once('tokens_fns.php'); session_start();if (!isset($_SESSION['valid_user'])){ //create short variable names $username = $_POST['username']; $passwd = $_POST['passwd']; // Connect to db @mysql_connect("*********", "*****", "******") or die("Cannot connect to DB!"); // Select db @mysql_select_db("users") or die("Cannot select DB!"); // Run query $sql = "SELECT username FROM users WHERE username='$username' and passwd=sha1('$passwd')"; $r = mysql_query($sql); if(!$r){ $err=mysql_error(); echo $err; exit(); } if(mysql_num_rows($r) > 0){ echo "no such login in the system. please try again."; exit(); } else{ $_SESSION['valid_user'] = $username; }}do_html_header('');display_user_menu('');check_valid_user('');?> <div id="right"> <div id="title"> <h1>Welcome to your AACA Locker <? echo $_SESSION['valid_user']; ?></h1> </div> <? if (isset($_SESSION['valid_user'])) { echo '<p>Thanks for logging in! You may now view your custom reports, vote in our polls, and be sure to check for any rewards you may have won!</p>'; } else { if (isset($username)) { // if they've tried and failed to log in echo 'Could not log you in.<br />'; } else { //they have not tried to log in yet or have logged out echo 'You are not logged in.<br />'; } } ?> </div> <?do_html_footer('');?>[/codeHope this helps.Best,Patrick[/code] Link to comment https://forums.phpfreaks.com/topic/33956-need-help-with-sessions/#findComment-161207 Share on other sites More sharing options...
wikedawsum Posted January 15, 2007 Author Share Posted January 15, 2007 That seems to have done the trick! Thank you for pointing out what should have been obvious.. ;) Link to comment https://forums.phpfreaks.com/topic/33956-need-help-with-sessions/#findComment-161396 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.