my login does not seem to work correctly.... please help

[jasonc]

below is the code i have written myself by looking at the php.net site.

it does the session bit by adding to the url address, the ?PHPSESSID=3d7....

but it does not allow me to set a variable so i can gray out the submit button at the bottom of the page if they have not logged in.

i do not want to use cookies or java as most of my visitors have disabled it.

can someone please see if you can work out where i am going wrong or suggest a method of finding out if they have signed in like making a variable 'loggedin' = 'yes' so i can use this at the bottom of my page.

thanks


<?
session_start();
session_destroy();
session_start();
include("dbconfig.php");

$res = mysql_query("select * from customers where username='" . trim($_POST['username']) . "' && password='".trim($_POST['passwd'])."'");

if (mysql_num_rows($res) != 0) {
$_SESSION['sess_name'] = mysql_result($res, 0, "username");
$_SESSION['sess_passwd'] = md5(trim($_POST['password']));
$loggedin = 'yes';
header("Location: $self_url" . "?".session_name() . "=" . session_id());
exit;
} else {
$loggedin = 'no';
?>
<form name="loginform" method="post" action="newlogin.php">
<table width="28%" height="120" border="0">
<tr>
<td height="20" colspan="2"><div align="center"><b><font color="#990000" face="verdana"><em>Customer Login</em></font></b></div></td>
</tr>
<tr>
<td height="43"><div align="center"><b>E-mail:<br><input type="text" name="username"></b></div></td>
<td><div align="center"><b>Password:<br><input type="password" name="passwd"></b></div></td>
</tr>
<tr>
<td height="26" colspan="2"><div align="right"><input type="submit" name="Login" value="Login"></div></td>
</tr>
<tr>
<td height="21"><div align="center"><a href="<? echo($self_url); ?>signup.php"><b>Sign up here!</b></a><br></div></td>
<td><div align="center"><a href="<? echo($self_url); ?>contact.php"><b>Contact Us</b></a></div></td>
</tr>
</table>
</form>
<?
}
echo("loggedin =".$loggedin.'.');

?>
<form name="form1" method="post" action="newlogin.php">
<?
if ($loggedin == 'yes') {
?>
<input type="submit" name="Submit" value="Submit">
<?
}
?>
</form>

[redarrow]

You could try somthink like this.

Not sure if the code correct but an idear theo.
good luck.


I am pretty sure that my code will only work within a seprate page example login.php

I think if you look at most code the login is seprate for the reason of session problams.

I would use my code but on a login page ok.

[code]

<form name="form1" method="post" action="newlogin.php">
<?
if ((! $_SESSION['sess_name'] ) || (! $_SESSION['sess_passwd'] ))
{
?>
<input type="submit" name="Submit" value="Submit">
<?
}
?>
</form>
[/quote]

[/code]

[jasonc]

hi thanks for that it does make sence but i now have another problem it shows error about the sessions already started in another file or something so moved the start session to the main file and took it out of the one that has the login part, still not working.

below is a test login that i have done it is the same as i have but with out the rest of the file, it is still showing the same errors.

can you spot anything i have missed?

i have taken this from a few scripts a friend gave me a while ago.

or have you got a better way that this can be done?

hope you are better at it than me.



thanks



orderpage is our main page.


<?
session_start();
include("../dbconfigfile.php");

include("../logintest/login.php");

echo('<form method="POST" action="logintest/orderpage.php">');

if ($_POST['submit'] != 'Send Order') {
if ($_POST['submit'] != 'Preview Order') {echo('<input type="submit" value="Preview Order" name="submit">');}

if ($_POST['submit'] == 'Preview Order' && $_SESSION['sess_name'] && $_SESSION['sess_passwd']) {echo('<input type="submit" value="Send Order" name="submit">');}

echo('<input type="submit" value="Reset" name="submit">');
}
echo('</form>');
?>



login page is well the login page that is include()d in the orderpage

<form action="<? echo($self_url); ?>/logintest/mem_auth.php" method="post" name="login">

<table width="275" border="0" align="center" cellpadding="0" cellspacing="0" style="border-collapse: collapse">
<tr valign="middle" bgcolor="#00CC33">
<td height="16" colspan="2"> <div align="center"><b><font color="#990000" size="3" face="verdana"><em>Customer
Login</em></font></b></div></td>
</tr>
<tr>
<td height="11" colspan="2" align="left"><div align="center"><font size="2" face="Tahoma"><b></b></font></div></td>
</tr>
<tr>
<td width="140" height="22" align="left">
<p align="center"><font size="1" face="Tahoma"><b>E-mail:</b></font>
<input type="text" name="email" size="20" maxlength="100" class="webforms">
</td>
<td width="135">
<div align="center"><font size="1" face="Tahoma"><b>Password:</b></font>
<input type="password" name="passwd" size="20" maxlength="20" class="webforms">
</div></td>
</tr>
<tr>
<td height="12"> <p align="center"><font face="verdana" size="1">Resend
activation email<br>
</font></td>
<td height="12"> <div align="center"><font face="verdana" size="1">Lost
your password?</font></div></td>
</tr>
<tr>
<td height="21" colspan="2"> <p align="right"><? echo "<input type=hidden name=\"".session_name()."\" value=" . session_id() . ">"; ?>
<input type="hidden" name="form" value="sent">
<input name="submit" type="submit" style="font-size: 8pt;" value="Log in" class="formbutton">
</td>
</tr>
<tr bordercolor="#999999" bgcolor="#00CC33">
<td height="19"> <div align="center"><font font size="2" face="Tahoma"><b>Sign
up here!</b><br>
</font></div></td>
<td height="19"><div align="center"><font font size="2" face="Tahoma"><b>Contact
Us</b></font></div></td>
</tr>
</table>
</form>





and mem_auth is that part that tests if the login is correct


<?php

session_start();

session_destroy();

session_start();

include("../dbconfigfile.php");

$servernames = $_SERVER['REMOTE_ADDR'];

if ($_POST['login'] == 'sent') {

if (trim($_POST['email']) == "" || trim($_POST['passwd']) == "") {

echo("<head><meta http-equiv=\"Refresh\" content=\"1;URL=/logintest/orderpage.php\"></head><body>Login details cannot be blank!</body></html>");

$_SESSION = array();

session_destroy();

mysql_close;

exit;

} elseif (ereg('@', trim($_POST['email']))) {

$_SESSION['sess_name'] = trim($_POST['email']);

$_SESSION['sess_passwd'] = md5(trim($_POST['passwd']));

header("Location: $self_url" . "?".session_name() . "=" . session_id());

mysql_close;

exit;

} elseif (is_numeric(trim($_POST['email']))) {

$res = mysql_query("select * from customers where username='" . trim($_POST['email']) . "' && password='".trim($_POST['passwd'])."'");

if (mysql_num_rows($res) != 0) {

$_SESSION['sess_name'] = mysql_result($res, 0, "email");

$_SESSION['sess_passwd'] = md5(trim($_POST['passwd']));

header("Location: $self_url" . "?".session_name() . "=" . session_id());

mysql_close;

exit;

} else {

echo("<head><meta http-equiv=\"Refresh\" content=\"1;URL=/logintest/orderpage.php\"></head><body>Invalid login details!</body></html>");

$_SESSION = array();

session_destroy();

mysql_close;

exit;

}

} else {

echo("<head><meta http-equiv=\"Refresh\" content=\"1;URL=/logintest/orderpage.php\"></head><body>Invalid login details!</body></html>");

$_SESSION = array();

session_destroy();

mysql_close;

exit;

}

} else {

echo("<head><meta http-equiv=\"Refresh\" content=\"1;URL=/logintest/orderpage.php\"></head><body>You are not authorized to view this area!</body></html>");

$_SESSION = array();

session_destroy();

mysql_close;

exit;

}

?>

[redarrow]

you need to post all your pages ok first post the first page the user goto first ok.


index.php to check what wrong step buy step ok.

[redarrow]

This is your best bet ok i can see that the coding is driven you mad so i sugest this for you .

[a href=\"http://www.shop-script.com/php-shopping-cart-software-1.html\" target=\"_blank\"]http://www.shop-script.com/php-shopping-cart-software-1.html[/a]


What you need to do is modify the script to your needs ok (example color images banners)

Use the script download forum for there input on what you need to edit, if the script forum does not have the information you need then ask on here ok..


Once you understand the new downloaded script and used it for a while look at the code within it ok.


Afther you got use to the script then start to look up all the code functions to understand what they do and how.

Then use this forum and do as meny totoral as possable.


I hope you all the best.

redarrow.

ps. if you realy wont to get into php programming you need to study and find the ansaws in the manual,
and you need to build on that,

There are hundreds of free examples on www.google.com and there are lots of free scrips made free for users to use, but i still sugest read as you go.

This forum is design to help users into php in a big way to get help but not to take advantage of peoples time good luck.

[jasonc]

[!--quoteo(post=354025:date=Mar 11 2006, 10:16 PM:name=redarrow)--][div class=\'quotetop\']QUOTE(redarrow @ Mar 11 2006, 10:16 PM) [snapback]354025[/snapback][/div][div class=\'quotemain\'][!--quotec--]
you need to post all your pages ok first post the first page the user goto first ok.
index.php to check what wrong step buy step ok.
[/quote]


I have posted all files!

they visit the index page and that just says hi and stuff then they click a link for go to the orderpage.php

i wanted to have the signin part on the orderpage as well, they signin and the sign in box does not show anymore until they logout or close window.

i want them to see the order form but not be allowed to submit the order as the submit buton will not show unless they are signed in.

i have tried 100's yes 100' or site that have a script that you sign in with but none are like what we need.