validkeys Posted February 28, 2007 Share Posted February 28, 2007 here is the user auth script i am using. i have this in a file called accesscontrol.php that I include at the top of every page. If i am not logged in and put a URL in my browser like localhost/artist.php?artistid=16. It takes me to the login screen, i log in and then it takes me to localhost/artist.php?artistid=17 it takes me back to the login screen and no longer has my session variables registered. Here's the code. What am I doing wrong? Thanks <?php include_once("functions/db/db1config.php"); include_once("functions/db/connect.php"); session_start(); // condition ? if true : if not true $uname = isset($_POST['uname']) ? $_POST['uname'] : $_SESSION['uname']; $pwd = isset($_POST['pwd']) ? $_POST['pwd'] : $_SESSION['pwd']; $uid = isset($_POST['uid']) ? $_POST['uid'] : $_SESSION['uid']; if(!isset($uname)) { include("top.php"); include("leftad.php"); include("header.php"); include("topadbar.php"); ?> <div id="accesscontainer" class="maincontent"> <div id="loginform"> //my login form </div> <div id="accessbody"> <div id="welcomeheader">Welcome to Company</div> <p>You must log in to access this area of the site. If you are not a registered user, <a href="signup.php">click here</a> to sign up for instant access!</p> </div> <div id="clearme"></div> </div> <?php include("footer.php"); include("rightad.php"); include("closer.php"); exit; } $_SESSION['uname'] = $uname; $_SESSION['pwd'] = $pwd; $sql = "SELECT * FROM USER_AUTH WHERE USER_EMAIL = '$uname' AND USER_PASS = md5('$pwd')"; $result = mysql_query($sql); if (!$result) { error('A database error occurred while checking your '. 'login details.\\nIfhis error persists, please '. 'contact [email protected].'); } if (mysql_num_rows($result) == 0) { unset($_SESSION['uname']); unset($_SESSION['pwd']); unset($_SESSION['uid']); include("top.php"); include("leftad.php"); include("header.php"); include("topadbar.php"); ?> <div id="accesscontainer" class="maincontent"> <div id="loginform"> //my login form </div> <div id="accessbody"> <div id="welcomeheader">Access Denied</div> <p>Your user ID or password is incorrect, or you are not a registered user on this site. To try logging in again, click <a href="<?=$_SERVER['PHP_SELF']?>">here</a>. To register for instant access, click <a href="signup.php">here</a>.</p> </div> </div> <?php include("footer.php"); include("rightad.php"); include("closer.php"); exit; } $uname = mysql_result($result,0,'USER_FNAME'); $_SESSION['uid'] = mysql_result($result,0,'USER_ID'); ?> Link to comment https://forums.phpfreaks.com/topic/40605-solved-dynamic-urls-destroying-my-session-variables-help-please/ Share on other sites More sharing options...
validkeys Posted February 28, 2007 Author Share Posted February 28, 2007 i was setting the username to the email at the top and then to their first name at the bottom. Link to comment https://forums.phpfreaks.com/topic/40605-solved-dynamic-urls-destroying-my-session-variables-help-please/#findComment-196426 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.