JJohnsenDK Posted February 22, 2007 Share Posted February 22, 2007 Hey Why does this login script keep the user logged in? login.php <?php session_start(); include('config.php'); echo $logged_in; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> </head> <body> <?php if(isset($_POST['submit'])){ if(!$_POST['usern'] || !$_POST['passw']){ $error .= "Du har ikke udfyldt brugernavnet og/eller password."; } $usern = strtolower($_POST['usern']); $qry = mysql_query("SELECT username, password FROM users WHERE username = '$usern' LIMIT 1"); $row = mysql_fetch_array($qry); if(empty($row['username'])){ die("Brugernavnet eksitere ikke."); } if($_POST['passw'] != $row['password']){ die("Du har indtastet et forkert password."); } $_SESSION['username'] = $_POST['usern']; $_SESSION['password'] = $_POST['passw']; ?> <h1>Logged in</h1> <p>Welcome back <?php echo $_SESSION['username']; ?>, you are logged in.</p> <p><a href="log_out.php">Log ud!</a></p> <p>Eller se et billede: <a href="index.php">Klik her!</a></p> <?php } else { ?> <form method="POST"> <p> Brugernavn:<br /> <input type="text" name="usern" /> </p> <p> Password:<br /> <input type="password" name="passw" /> </p> <p> <input type="submit" name="submit" value="Login" /> </p> </form> <p><?php echo $error."<br />"; ?></p> <?php } ?> </body> </html> check_login.php, which is included in config.php: <?php //check_login.php session_start(); //Tjekker om passwordet passer til brugernavnet. $qry = mysql_query("SELECT password FROM users WHERE username = '".$_POST['username']."'"); $pass = mysql_fetch_row($qry); if($pass != 1) { $logged_in = 0; unset($_SESSION['username']); unset($_SESSION['password']); // kill incorrect session variables. } if($pass == $_POST['passw']){ $logged_in = 1; } else { $logged_in = 0; unset($_SESSION['username']); unset($_SESSION['password']); } ?> Link to comment https://forums.phpfreaks.com/topic/39614-login-script/ Share on other sites More sharing options...
skali Posted February 22, 2007 Share Posted February 22, 2007 //Tjekker om passwordet passer til brugernavnet. $qry = mysql_query("SELECT password FROM users WHERE username = '".$_POST['username']."'"); $pass = mysql_fetch_row($qry); if($pass['password'] != 1) { Link to comment https://forums.phpfreaks.com/topic/39614-login-script/#findComment-191160 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.