Jump to content

[SOLVED] PHP Session Problem

eRott

By eRott
in PHP Coding Help

 Share

Recommended Posts

eRott Member

eRott

Posted
Posted

Ok, what I am trying to do is if the user is not logged in, then display a message saying to login. But, if they are logged in, then display a welcome message. Here's the code. What am I doing wrong?

 

HEADER.PHP

------------

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>TITLE</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta http-equiv="Content-Language" content="en-us" />
<meta name="keywords" content="css template" />
<link href="../../lib/style.css" rel="stylesheet" type="text/css">
<link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="rss/" />
</head>

<body>

<div id="page-container">	
<div id="header"><img src="../../images/logo.png" border="0"></div>

<div id="menu">
<div class="padding">
<?php include("../../lib/nav.php"); ?>
</div>

<div class="search">
<?php include("admincp.php"); ?>
</div>
</div>


<div id="content">


<table width="100%" align="center" border="0" cellpadding="5">
<tr>
<td rowspan="6" valign="top" width="25%">

<div class="bar"><h3>Navigation</h3></div>
<div class="nav2">
<?php include("nav.php"); ?>
</div>


<br><br>

<div class="bar"><h3>Videos</h3>
Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Phasellus dolor nibh, sollicitudin vitae, eleifend quis, pellentesque id, justo. Nullam dui. Sed porta leo a dui. Ut ante. Proin dignissim, pede vitae tristique accumsan, est diam feugiat ante, sed rhoncus sapien lacus eu lacus. Suspendisse eu sem.
</div>

</td>


<td valign="top" width="50%">
<div class="bar">

 

 

 

EXAMPLE PAGE WHERE I WANT THE MESSAGE TO BE DISPLAYED

-------------------------------------------------------------

 

<?
session_start();
if(!session_is_registered(myusername)){
header("location:index.php");
}
?>


<?php include("lib/header.php"); ?>

<h3>List Articles</h3>

<?php
   //connect to and select db
   include 'lib/config.php';
   include 'lib/db_open.php';
   
   //get a list of the info from the table and list all articles
   $sql = "SELECT * from $tbl_content";
   $result = mysql_query($sql, $conn) or die(mysql_error());

   // for each row fetched from the results...   
   while ($list = mysql_fetch_array($result)) {
       //display in format
       echo "<font size='1'>({$list['id']})</font><b>{$list['title']} - <i>{$list['date']}</i></b>: {$list['content']}<br><br>"; 
   } // end while

   include 'lib/db_close.php';

?>

<?php include("lib/footer.php"); ?>

 

 

 

 

ADMINCP.PHP

-------------

<?
if(!session_is_registered(myusername)){
echo "<font color="red">Please log in using the form below</font>";
} else {
echo "Welcome {$_SESSION['myusername']}";
}
?>

 

 

 

[i didn't include the footer because its not important]

Link to comment
https://forums.phpfreaks.com/topic/39660-solved-php-session-problem/
Share on other sites
Ninjakreborn Prolific Member

Ninjakreborn

Posted
Posted

1. Use <?php instead of <?

 

2. Show the code where you registered your session

 

3. Try to avoid interpolation on an array.  For example instaed of

<?php
if(!session_is_registered(myusername)){
echo "<font color="red">Please log in using the form below</font>";
} else {
echo "Welcome {$_SESSION['myusername']}";
}
?>

do

<?php
if(!session_is_registered(myusername)){
  echo "<font color="red">Please log in using the form below</font>";
} else {
  echo "Welcome " . $_SESSION['myusername'];
}
?>

eRott Member

eRott

Posted
  • Author
Posted

Well, Im pretty new to sessions. So I am not too sure what you mean by that. But here is where I register the session:

 

<?php
include 'lib/config.php';
include 'lib/db_open.php';

// username and password sent from signup form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

$sql="SELECT * FROM $tbl_login WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to users location
session_register("myusername");
session_register("mypassword");
header("location:index2.php");
}
else {
echo "Wrong Username or Password";
}
?>

 

Also make sure session_start is at the top of the page where the session is registered, as well as any other pages the session is going to travel through.

It is. Except for where the session is registered. Why does it have to be there?

Ninjakreborn Prolific Member

Ninjakreborn

Posted
Posted

You are registering a name, and not a session.

You are telling it to create a session with a blank value, and either way you don't want session_register

do

session_register("myusername");

session_register("mypassword");

$_SESSION['myusername'] = "value";

 

You DO-NOT want to register a session with the password, you don't want to and have no need to it's a security risk.

 

I advice just registering the username, as shown above.

Ninjakreborn Prolific Member

Ninjakreborn

Posted
Posted

Actually to make it easier for you, replace both those session register functions with this

 

$_SESSION['myusername'] = $_POST['myusername'];

$_SESSION['logged'] = "yes";

This will set the username, then you can use logged to test if they are logged in or not after authorization.

eRott Member

eRott

Posted
  • Author
Posted

So, do this:

 

<?php
include 'lib/config.php';
include 'lib/db_open.php';

// username and password sent from signup form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

$sql="SELECT * FROM $tbl_login WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to users location
$_SESSION['myusername'] = $_POST['myusername'];
$_SESSION['logged'] = "yes";
header("location:index2.php");
}
else {
echo "Wrong Username or Password";
}
?>

 

But by doing that, will that cause this not to work:?

 

<?
session_start();
if(!session_is_registered(myusername)){
header("location:index.php");
}
?>

eRott Member

eRott

Posted
  • Author
Posted

Ok, so, if i were to write only:

 

<?php
echo "Welcome " . $_SESSION['myusername'];
?>

 

then it works fine. however, when I add the other part to it:

 

<?php
session_start();

if(!isset($_SESSION['myusername'])) {
  echo "Welcome " . $_SESSION['myusername'];
} else {
  echo "<font color="red">Please log in using the form below</font>";
}
?>

 

then it doesnt work. The page does not load after it hits that point. Any ideas?

Ninjakreborn Prolific Member

Ninjakreborn

Posted
Posted

I apologize, my fault.  Try this

<?php
session_start();

if(!isset($_SESSION['myusername'])) {
  echo "<font color="red">Please log in using the form below</font>";
} else {
  echo "Welcome " . $_SESSION['myusername'];
}
?>

There you go, that should work fine.

eRott Member

eRott

Posted
  • Author
Posted

Ok, I have figured out the problem, but don't know how to fix it. If you look at the code below you will notice that at the very beginning I declare that if the user is not logged in, then redirect to index.php. But then, in the header file, I also tell it that if the user is not logged in, then to display some text. So, I am curious, how would I display certain text if the user is logged in, then display some other text if the user is not logged in, without using the same code twice (which is causing the problem).

 

<?php
session_start();

if(!isset($_SESSION['myusername'])) {
  header("location:index.php");
}
?>

<?php include("lib/header.php"); ?>

<h3>Guild News Editor - New Article</h3>

<?
if(isset($_POST['add']))
{
include 'lib/config.php';
include 'lib/db_open.php';

$title = $_POST['title'];
$content = $_POST['content'];

$query = "INSERT INTO $tbl_content (title, content, date, submitted) VALUES ('$title', '$content', CURRENT_DATE, '{$_SESSION['myusername']}')";
mysql_query($query) or die('Error, insert query failed');

include 'lib/db_close.php';
echo "<meta http-equiv='refresh' content='1;url=index2.php'>New article successfully added!";
}
else
{
echo "
<form method='post'>
<b>Title:</b><br><input name='title' type='text' id='title'><br><br>
<b>Content:</b><br>
<textarea name='content' id='content' type='text' rows='15' cols='50' style='width: 100%; margin-left: 0px; padding: 0px; background-color: #fff'></textarea><br><br>
<input name='add' type='submit' id='add' value='Submit New Article'>
</form>
";
}
?>

<?php include("lib/footer.php"); ?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.