Logon script problem, please help!

[savio_mf]

HI everybody, i am following a tutorial which i found on login scripts using php and mysql. The login script seems to work when authenticating a user, however, once logged in and accesing member only pages, I dont want the member to log in every time he/she opens a page. I have followed the script on the tutorial but it doesnt seem to work. I am very new at PHP. Please help. The code is below:

<?php
session_start();
$db_user = 'mysql_username';
$db_pass = 'mysql_password';
$user_name = $_POST['user_name'];
$password = $_POST['password'];

//connect to the DB and select the "dictator" database
$connection = mysql_connect('localhost', 'root', 'sadad') or die(mysql_error());
mysql_select_db('dictators', $connection) or die(mysql_error());

//set up the query
$query = "SELECT * FROM users 
		WHERE user_name='$user_name' AND password='$password'";

//run the query and get the number of affected rows
$result = mysql_query($query, $connection) or die('error making query');
$affected_rows = mysql_num_rows($result);

//if there's exactly one result, the user is validated. Otherwise, he's invalid
if($affected_rows == 1) {
	print 'validated';
}
else {
	print 'not valid';
}
?>
<html>
<head>
<title>validate.php</title>
</head>
<body>
<?php
$user_name = $_POST['user_name'];
$password = $_POST['password'];
?>
</body>
</html>

 

that is for validate.php.

The code below is meant to be used on every page that needs user access. Is it correct and if so, How do i implement it? Please help:

<?php
//...snip...
if($affected_rows == 1) {
	print 'validated';
	//add the user to our session variables
	$_SESSION['username'] = $user_name;
	print 'valid';
}
else {
	print 'not valid';
}
?>

[boo_lolly]

you have to add session_start(); at the very top of every page you don't want the user to have to re-login.

[savio_mf]

thanks for the reply. I dont know if it works as I can't seem to log out. Please can anyone guide me on building a logout script?

[boo_lolly]

well there are many ways to do it, but basically, at the top of every page, after session_start();, you check to see if the user is logged in:

if(!isset($_SESSION['username'])){
        echo "you must login before you can see this page.";
}else{
        /*display page*/
}

 

by the same token, if the user wanted to logout, all you'd have to do is create a page with this in it:

if(/*user wants to logout*/){
        unset($_SESSION['username']);
}

 

now the user is logged out.

 

again this is only ONE way of doing it. there are hundreds of ways to do it. i suggest looking online for session-handled login/logout scripts.

[savio_mf]

Thanks boo,

you won't believe, I have tried every tutorial on the internet, but I just can't seem to be getting it right. NOne of them work. I have copied every step word for word, the database connectivity is correct, but still it doesnt work. What coudl I possibly be doing wrong. I have just discovered another tutorial, http://php.codenewbie.com/articles/php/1482/Login_With_Sessions-Page_1.html which only results in a blank page.

 

Please can soimeone help an drefer me to a good tutorial that works.

Cheers!

 

[boo_lolly]

do me a favor and look in my signature next to 'basic' and read everything in both tutorials. i garauntee you'll be able to write a perfect login/logout script after understanding the basics of PHP. if you have any more questions, let us know. but first, those guides need to be your first 'how-to tutorials'. good luck!