Jump to content

[SOLVED] Using Session Control in PHP part2

Trium918

By Trium918
in PHP Coding Help

 Share

Recommended Posts

Trium918 Advanced Member

Trium918

Posted
Posted

Simple Session Example part2

 

I implemented a set of 3 pages.

<?
session_start();
//authmain.php
if ($_POST['username'] && $_POST['password'])
{
  // if the user has just tried to log in
  
    // register_global = Off
  // inside the php.ini configuration file
  $username = stripslashes($_POST['username']);
  $password = stripslashes($_POST['password']);

  // Connect to MySql
  $db = mysql_connect("localhost") or die(mysql_error());

  // Select the appropriate database
  mysql_select_db("member_auth",$db) or die(mysql_error());
  
  $query = "SELECT * FROM user_info_auth WHERE
		username ='$username' AND 
		password ='$password' ";

  $result = mysql_query($query);
  if (mysql_num_rows($result) >0 )
  {
    // if they are in the database register the user id
    $valid_user = $username;
    session_register("valid_user");
  }
}
?>
<html>
<body>
<h1>Home page</h1>
<? 

  if (session_is_registered("valid_user"))
  {
    echo "You are logged in as: $valid_user <br>";
    echo "<a href=\"logout.php\">Log out</a><br>";
  }
  else
  {
    if (isset($username))
    {
      // if they've tried and failed to log in
      echo "Could not log you in";
    }
    else 
    {
      // they have not tried to log in yet or have logged out
      echo "You are not logged in.<br>";
    }

    // provide form to log in 
    echo "<form method=post action=\"authmain.php\">";
    echo "<table>";
    echo "<tr><td>Username:</td>";
    echo "<td><input type=text name=username></td></tr>";
    echo "<tr><td>Password:</td>";
    echo "<td><input type=password name=password></td></tr>";
    echo "<tr><td colspan=2 align=center>";
    echo "<input type=submit value=\"Log in\"></td></tr>";
    echo "</table></form>";
  }
?>
<br>
<a href="members_only.php">Members section</a>
</body>
</html>

 

<?
  //members_only.php
  
/*The output to this should be
echo "<p>You are logged in as $valid_user.</p>"; but
valid_user looses it value*/

  session_start();

  echo "<h1>Members only</h1>";

  // check session variable

  if (session_is_registered("valid_user"))
  {
    echo "<p>You are logged in as $valid_user.</p>";
    echo "<p>Members only content goes here</p>";
  }
  else
  {
    echo "<p>You are not logged in.</p>";
    echo "<p>Only logged in members may see this page.</p>";
  }

  echo "<a href=\"authmain.php\">Back to main page</a>";
?>

 

// logout.php
<?
  session_start();

  $old_user = $valid_user;  // store  to test if they *were* logged in
  $result = session_unregister("valid_user");
  session_destroy();
?>
<html>
<body>
<h1>Log out</h1>
<? 
  if (!empty($old_user))
  {
    if ($result)
    { 
      // if they were logged in and are not logged out 
      echo "Logged out.<br>";
    }
    else
    {
     // they were logged in and could not be logged out
      echo "Could not log you out.<br>";
    } 
  }
  else
  {
    // if they weren't logged in but came to this page somehow
    echo "You were not logged in, and so have not been logged out.<br>"; 
  }
?> 
<a href="authmain.php">Back to main page</a>
</body>
</html>

 

I am using old coding techniques, so could

someone please bring me up to date.

Link to comment
Share on other sites
wildteen88 Regular Member

wildteen88

Posted
Posted

We are not here to code/recode stuff for you. But here is some tips:

 

If you see anything like this:

$valid_user = $username;
    session_register("valid_user");

 

Then change it to:

$_SESSION['valid_user'] = $username;

 

if you see session_unregister("valid_user");

 

use unset($_SESSION['valid_user']);

 

If you see $valid_user change it to $_SESSION['valid_user']

Link to comment
Share on other sites
kenrbnsn Regular Member

kenrbnsn

Posted
Posted

Do not use the functions session_register, is_session_registered, and session_unregister. You want to explicitly set the session variable, test the session variable unset the session variable. Therefore your first program becomes:

<?php
session_start();
//authmain.php
if ($_POST['username'] && $_POST['password'])
{
  // if the user has just tried to log in
  
    // register_global = Off
  // inside the php.ini configuration file
  $username = stripslashes($_POST['username']);
  $password = stripslashes($_POST['password']);

  // Connect to MySql
  $db = mysql_connect("localhost") or die(mysql_error());
  // Select the appropriate database
  mysql_select_db("member_auth",$db) or die(mysql_error());
  
  $query = "SELECT * FROM user_info_auth WHERE username ='$username' AND password ='$password' ";
  $result = mysql_query($query);
  if (mysql_num_rows($result) >0 )
  {
    // if they are in the database register the user id
    $valid_user = $username;
    $_SESSION['valid_user'] = $valid_user; // instead of session_register("valid_user");
  }
}
?>
<html>
<body>
<h1>Home page</h1>
<? 
  if (isset($_SESSION['valid_user'])) // instead of if (session_is_registered("valid_user"))
  {
    echo "You are logged in as: $valid_user <br>";
    echo "<a href=\"logout.php\">Log out</a><br>";
  }
  else
  {
    if (isset($username))
    {
      // if they've tried and failed to log in
      echo "Could not log you in";
    }
    else 
    {
      // they have not tried to log in yet or have logged out
      echo "You are not logged in.<br>";
    }

    // provide form to log in 
    echo "<form method=post action=\"authmain.php\">";
    echo "<table>";
    echo "<tr><td>Username:</td>";
    echo "<td><input type=text name=username></td></tr>";
    echo "<tr><td>Password:</td>";
    echo "<td><input type=password name=password></td></tr>";
    echo "<tr><td colspan=2 align=center>";
    echo "<input type=submit value=\"Log in\"></td></tr>";
    echo "</table></form>";
  }
?>
<br>
<a href="members_only.php">Members section</a>
</body>
</html>

 

Your second script becomes:

<?php
session_start();  // session_start MUST be place before any output
  //members_only.php
  
/*The output to this should be
echo "<p>You are logged in as $valid_user.</p>"; but
valid_user looses it value*/


  echo "<h1>Members only</h1>";

  // check session variable

  if (isset($_SESSION['valid_user']))
  {
    echo "<p>You are logged in as $valid_user.</p>";
    echo "<p>Members only content goes here</p>";
  }
  else
  {
    echo "<p>You are not logged in.</p>";
    echo "<p>Only logged in members may see this page.</p>";
  }

  echo '<a href="authmain.php">Back to main page</a>';
?>

 

And your third script:

<?php
  session_start();

  $old_user = $_SESSION['valid_user'];  // store  to test if they *were* logged in
?>
<html>
<body>
<h1>Log out</h1>
<? 
  if (isset($_SESSION['valid_user']))
  {
     unset($_SESSION['valid_user']); // instead of $result = session_unregister("valid_user");
     session_destroy();
      echo "Logged out.<br>";
  } else  // if they weren't logged in but came to this page somehow
    echo "You were not logged in, and so have not been logged out.<br>"; 
?> 
<a href="authmain.php">Back to main page</a>
</body>
</html>

 

Ken

Link to comment
Share on other sites
Trium918 Advanced Member

Trium918

Posted
  • Author
Posted

Would it be a good idea to initialize $_SESSION['valid_user'] = $valid_user;

on each page like in authmain because for some reason the session looses it

value with I click on the <a href=members_only.php>Membes Only</a>

link. I mean, echo "<p>You are logged in as $valid_user.</p>"; isn't showing

up. What would cause this?

Link to comment
Share on other sites
Trium918 Advanced Member

Trium918

Posted
  • Author
Posted

I got it working, but is this a good way?

[qoute]

  if (isset($_SESSION['valid_user'])) // instead of if (session_is_registered("valid_user"))
  {
    echo "You are logged in as: $valid_user <br>";
    echo "<a href=\"logout.php\">Log out</a><br>";
  }

//change to:

if (isset($_SESSION['valid_user'])) // instead of if (session_is_registered("valid_user"))
  {
    echo "You are logged in as: ".$_SESSION['valid_user']."<br>";
    echo "<a href=\"logout.php\">Log out</a><br>";
  }

Link to comment
Share on other sites
wildteen88 Regular Member

wildteen88

Posted
Posted

The latter code is correct:

if (isset($_SESSION['valid_user'])) // instead of if (session_is_registered("valid_user"))
  {
    echo "You are logged in as: ".$_SESSION['valid_user']."<br>";
    echo "<a href=\"logout.php\">Log out</a><br>";
  }

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.