jeppers Posted April 30, 2007 Share Posted April 30, 2007 i have got session control but i want to define it so only a specificate user can acccess a serten area can any one help. i have pasted a copy of my session code so you can have look and see what i can do <?php session_start(); ob_start(); // if session variable not set, redirect to login page if (!isset($_SESSION['authenticated'])) { header('Location: http://localhost/login.php'); exit; } ?> Quote Link to comment Share on other sites More sharing options...
trq Posted April 30, 2007 Share Posted April 30, 2007 Is this all the code? where do you actually create $_SESSION['authenticated'] and login? Quote Link to comment Share on other sites More sharing options...
jeppers Posted April 30, 2007 Author Share Posted April 30, 2007 sorry hear we go <?php // process the script only if the form has been submitted if (array_key_exists('login', $_POST)) { // start the session session_start(); // include nukeMagicQuotes and clean the $_POST array include('corefuncs.php'); nukeMagicQuotes(); $textfile = 'C:/private/filetest03.txt'; if (file_exists($textfile) && is_readable($textfile)) { // read the file into an array called $users $users = file($textfile); // loop through the array to process each line for ($i = 0; $i < count($users); $i++) { // separate each element and store in a temporary array $tmp = explode(', ', $users[$i]); // assign each element of the temp array to a named array key $users[$i] = array('name' => $tmp[0], 'password' => rtrim($tmp[1])); // check for a matching record if ($users[$i]['name'] == $_POST['username'] && $users[$i]['password'] == $_POST['pwd']) { // alternative (shorter) code //if ($tmp[0] == $_POST['username'] && rtrim($tmp[1]) == $_POST['pwd']) { // if there's a match, set a session variable $_SESSION['authenticated'] = 'Jethro Tull'; break; } } // if the session variable has been set, redirect if (isset($_SESSION['authenticated'])) { header('Location: http://localhost/menu.php'); exit; } // if the session variable hasn't been set, refuse entry else { $error = 'Invalid username or password.'; } } // error message to display if text file not readable else { $error = 'Login facility unavailable. Please try later.'; } } ?> Quote Link to comment Share on other sites More sharing options...
The Little Guy Posted April 30, 2007 Share Posted April 30, 2007 If your saying you want to have areas where certain level users can only enter, then I would make a column in the database called group with a data type of "enum". An example: 1 = admin 2 = high ranked 3 = member 4 = low member Why are you using Exact paths? It makes it harder to work with when you change servers. Quote Link to comment Share on other sites More sharing options...
jeppers Posted April 30, 2007 Author Share Posted April 30, 2007 well this is my first atemp at a website and i am finding it hard on what to do... there is so much advice and different directions i have found it hard to chose the right one have you got any tips on what i can do about it and how to change it another problem is that with my email system it just won't work because of an smtp problem arrrr... been bugging me for days... can you suggest anthing which i can do to bye pass that.... sorry to many question but i need a hand thanks Quote Link to comment Share on other sites More sharing options...
arianhojat Posted April 30, 2007 Share Posted April 30, 2007 another problem is that with my email system it just won't work because of an smtp problem arrrr... been bugging me for days... can you suggest anthing which i can do to bye pass that.... google php.mailer class. i find it better to work with. code is easy... <?php require("../phpmailer/class.phpmailer.php"); $mail = new PHPMailer(); $mail->IsSMTP(); // telling the class to use SMTP $mail->IsHTML(true); $mail->Host = "192.168.1.101"; // your SMTP server IP $mail->From = 'test@bleh.com'; $mail->FromName = 'Joe Smie'; $mail->Subject = "testtt"; $mail->Body = "<h1>Hello</h1>'; $mail->AltBody = "hello";//for those without html reading clients // if need attachment, $mail->AddAttachment( htmlspecialchars($docPath) ); $mail->AddAddress('Joe@test.com'); if(!$mail->Send()) { echo "Message was not sent"; echo "Mailer Error: " . $mail->ErrorInfo; } else { //echo 'Sent Email to '. $to. '<br/>'; //echo 'at '. date('g:i a, n-j-Y'); } //*/ ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.