Trium918 Posted April 6, 2007 Share Posted April 6, 2007 Ok, this is something that I am trying to learn. Well, I really donnot understanding session. I was hoping that someone could lead me in the right direction. The thing about this code is that it isn't display any output,but it is display the html table. Here is the code: <? session_start(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/ DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Log in Page</title> </head> <body> <? if(!($_SESSION['username']) && !($_SESSION['password'])) { ?> <h1>Log in</h1> <form action="" method="post"> <table width="200" border="1" cellspacing="0" cellpadding="0"> <tr> <td>Username:</td> <td><input type="text" name="username" /></td> </tr> <tr> <td>Password:</td> <td><input type="text" name="password" /></td> </tr> <tr> <td align="center" colspan="2"><input type="submit" value="Log in" /> </td> </tr> </table> </form> <? } else { // register_global = Off // inside the php.ini configuration file $username = stripslashes($_SESSION['username']); $password = stripslashes($_SESSION['password']); $valid_user = stripslashes($_SESSION['valid_user']); // Connect to MySql $db = mysql_connect("localhost") or die(mysql_error()); // Select the appropriate database mysql_select_db("member_auth") or die(mysql_error()); // query the database to see if there is a record which matched $query = "SELECT count(*) FROM user_info_auth WHERE username ='$username' AND password ='$password' "; $result = mysql_query($query); if (mysql_num_rows($result) > 0) { //if they are in the database register the id $valid_user = $username; session_register("valid_user"); } if(session_is_registered("valid_user")){ echo "You are logged in as: $valid_user <br>"; echo "<a href=\"logout.php\">Log out</a><br>"; } else{ echo"Go Away!!"; } } ?> </body> </html> Link to comment https://forums.phpfreaks.com/topic/45941-solved-how-to-track-a-user/ Share on other sites More sharing options...
Trium918 Posted April 6, 2007 Author Share Posted April 6, 2007 Ok, I got it working, but I have another problem. When a user logout they shouldn't be able to use the back button to return to the members's page because the session_destroy() function is used. Instead, the user should have to login in order to view their page once again. Here is my logout script below. <? session_start(); $older_user = $valid_user; //store to test if they *were* logged in $result = session_unregister("valid_user"); session_destroy(); if($result){ //if they were logged in and not logged out echo "Logged out.<br>"; } ?> Link to comment https://forums.phpfreaks.com/topic/45941-solved-how-to-track-a-user/#findComment-223185 Share on other sites More sharing options...
jscix Posted April 6, 2007 Share Posted April 6, 2007 You really shouldn't store a password in a session. But try using: unset ($_SESSION['username']); unset ($_SESSION['password']); unset ($_SESSION['valid_user']); session_destroy(); Link to comment https://forums.phpfreaks.com/topic/45941-solved-how-to-track-a-user/#findComment-223213 Share on other sites More sharing options...
Trium918 Posted April 6, 2007 Author Share Posted April 6, 2007 You really shouldn't store a password in a session. But try using: unset ($_SESSION['username']); unset ($_SESSION['password']); unset ($_SESSION['valid_user']); session_destroy(); I change it to $_POST, but now I have a problem with logging out. Link to comment https://forums.phpfreaks.com/topic/45941-solved-how-to-track-a-user/#findComment-223223 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.