manton Posted April 26, 2007 Share Posted April 26, 2007 Hello, I use Dreamweaver. I have a login form (method:post) which works fine. But, when I add a session variable in order to keep the user logged in, the session does not work. I figure it out because i see no user data on the URL. Changing the form method from post to get, seems to work (I mean userdata are on the URL), but in this case the form action (opening another page) is not performed. I know this is a noob question but I would really appreciate any kind of help. Thanks Quote Link to comment https://forums.phpfreaks.com/topic/48831-user-authentication-using-session-variable/ Share on other sites More sharing options...
bobleny Posted April 26, 2007 Share Posted April 26, 2007 I don't quite understand what your trying to ask... Do you want to know how to carry the user input of a form to another page? Quote Link to comment https://forums.phpfreaks.com/topic/48831-user-authentication-using-session-variable/#findComment-239317 Share on other sites More sharing options...
MadTechie Posted April 26, 2007 Share Posted April 26, 2007 1. the POST doesn't put data on the URL 2. if you switched your need to update from $_POST to $_GET 3. Read up on sessions as your question doesn't relate correctly Quote Link to comment https://forums.phpfreaks.com/topic/48831-user-authentication-using-session-variable/#findComment-239323 Share on other sites More sharing options...
manton Posted April 26, 2007 Author Share Posted April 26, 2007 1. the POST doesn't put data on the URL So, how the session variable works? It saves the userdata (login) directly on the server rather than passing them from one page to another via the url? Quote Link to comment https://forums.phpfreaks.com/topic/48831-user-authentication-using-session-variable/#findComment-239326 Share on other sites More sharing options...
MadTechie Posted April 26, 2007 Share Posted April 26, 2007 session_start(); $_SESSION['var'] = "data"; echo $_SESSION['var']; so you could do this session_start(); $_SESSION['var'] = $_GET['data']; echo $_SESSION['var']; Quote Link to comment https://forums.phpfreaks.com/topic/48831-user-authentication-using-session-variable/#findComment-239350 Share on other sites More sharing options...
bobleny Posted April 26, 2007 Share Posted April 26, 2007 I can't tell you exactly how it works but I can tell you that <form method="post" action=""> will send the data over HTML. As far as I know, you don't need a server to do that. It will only send it one page though! Once the data is sent to the second page, you will be able to retrieve the data and store it as a session variable like this: $_SESSION['name'] = $_POST['name_of_input']; You can now pass the user input to any page you wont until the session ends. Quote Link to comment https://forums.phpfreaks.com/topic/48831-user-authentication-using-session-variable/#findComment-239353 Share on other sites More sharing options...
manton Posted April 26, 2007 Author Share Posted April 26, 2007 Ok...I think I am getting somewhere The code is now the following but although I provide the correct username and password I cannot access the page. Don't I have to declare somewhere that 'MM_Username' is the variable's value? <?php require_once('../Connections/palso.php'); ?> <?php if (!isset($_SESSION)) { session_start(); } $MM_authorizedUsers = ""; $MM_donotCheckaccess = "true"; // *** Restrict Access To Page: Grant or deny access to this page function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { // For security, start by assuming the visitor is NOT authorized. $isValid = False; // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. // Therefore, we know that a user is NOT logged in if that Session variable is blank. if (!empty($UserName)) { // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. // Parse the strings into arrays. $arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); if (in_array($UserName, $arrUsers)) { $isValid = true; } // Or, you may restrict access to only certain users based on their username. if (in_array($UserGroup, $arrGroups)) { $isValid = true; } if (($strUsers == "") && true) { $isValid = true; } } return $isValid; } $MM_restrictGoTo = "login_failed.php"; if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_SELF']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) $MM_referrer .= "?" . $QUERY_STRING; $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer); header("Location: ". $MM_restrictGoTo); exit; } ?> <?php mysql_select_db($database_palso, $palso); $query_Recordset1 = "SELECT * FROM `data`"; $Recordset1 = mysql_query($query_Recordset1, $palso) or die(mysql_error()); $row_Recordset1 = mysql_fetch_assoc($Recordset1); $totalRows_Recordset1 = mysql_num_rows($Recordset1); $maxRows_list = 10; $pageNum_list = 0; if (isset($_GET['pageNum_list'])) { $pageNum_list = $_GET['pageNum_list']; } $startRow_list = $pageNum_list * $maxRows_list; mysql_select_db($database_palso, $palso); $query_list = "SELECT ID, Surname, BinSerialCode, LevelDescription FROM `data` ORDER BY LevelDescription ASC"; $query_limit_list = sprintf("%s LIMIT %d, %d", $query_list, $startRow_list, $maxRows_list); $list = mysql_query($query_limit_list, $palso) or die(mysql_error()); $row_list = mysql_fetch_assoc($list); if (isset($_GET['totalRows_list'])) { $totalRows_list = $_GET['totalRows_list']; } else { $all_list = mysql_query($query_list); $totalRows_list = mysql_num_rows($all_list); } $totalPages_list = ceil($totalRows_list/$maxRows_list)-1; ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-7" /> <title>Ταξινόμηση υποψηφίων ανά επίπεδο</title> <link href="styles.css" type="text/css" rel="stylesheet" /> <link rel="stylesheet" type="text/css" href="print.css" media="print" /> </head> <body> <div id="container"> <h1>ΚΑΤΑΛΟΓΟΣ ΥΠΟΨΗΦΙΩΝ</h1> <div id="sort"><table width="600"> <tr class="nav"> <td><a href="list.php">Ταξινόμηση ανά επίπεδο</a></td> <td><a href="list_bin.php">Ταξινόμηση ανά κωδικό μαθητή</a> </td> <td><a href="list_sur.php">Ταξινόμηση ανά επίθετο</a></td> </tr> </table> </div> <br /> <form id="form1" name="form1" method="post" action=""> <table border="1"> <tr> <td class="fields"> </td> <td class="fields">LevelDescription</td> <td class="fields">BinSerialCode</td> <td class="fields">Surname</td> </tr> <?php do { ?> <tr> <td><input type="checkbox" name="checkbox" value="checkbox" /></td> <td><?php echo $row_list['LevelDescription']; ?></td> <td><?php echo $row_list['BinSerialCode']; ?></td> <td><?php echo $row_list['Surname']; ?></td> </tr> <?php } while ($row_Recordset1 = mysql_fetch_assoc($Recordset1)); ?> </table> </form> </div> </body> </html> <?php mysql_free_result($Recordset1); mysql_free_result($list); ?> Quote Link to comment https://forums.phpfreaks.com/topic/48831-user-authentication-using-session-variable/#findComment-239377 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.