Jump to content

[SOLVED] session_start() rejects my first login attempt?

sayedsohail

By sayedsohail
in PHP Coding Help

 Share

Recommended Posts

sayedsohail Advanced Member

sayedsohail

Posted
Posted

i am just trying to figure out why my session is rejecting my first attempt, than on my second attempt it shows registered.

 

 

config.php


<?
# Admin Panel User Name
$uname = "admin";
# Admin Panel Password
$pword = "test";
?>

 

index.php

<? 
require ("config.php");
session_start();
if ((!$username) || (!$password)) {
echo '<form name=login method=post action="">
user:<input type=text name=username><br>
pass:<input type=text name=password><br>
<input type=submit value=go>
</form>';
}
else {
if ($username=="$uname")  {
session_register("username"); 
session_register("password"); 
echo "user is $uname, and password is $pword
<br> <a href=\"?m=1\" >unreg</a>";
}
else echo "nope";
}
if ($m==1) {
session_unregister("username"); 
session_unregister("password"); 
}
?>

Link to comment
Share on other sites
lightningstrike Newbie

lightningstrike

Posted
Posted

session register is deprecated use the new standard of session superglobal.

 

e.g.

 

$_SESSION["username"] = "value";

 

and rather then session_unregister use unset e.g.

 

unset($_SESSION["username"]);

 

etc.

also when comparing two variables in

 

if ($username=="$uname")  { you should not use quotes

 

if ($username==$uname)  {

 

<?php
require ("config.php");
session_start();
if ((!$_POST["username"]) || (!$_POST["password"])) {
echo '<form name=login method=post action="">
user:<input type=text name=username><br>
pass:<input type=password name=password><br>
<input type=submit value=go>
</form>';
}else{
if ($_POST["username"]==$uname && $_POST["password"]==$pword)  {
$_SESSION["username"] = $_POST["username"];
$_SESSION["password"] = $_POST["password"];
echo "user is $uname, and password is $pword
<br> <a href=\"?m=1\" >unreg</a>";
}
else echo "nope";
}
if ($_GET["m"]==1) {
unset($_SESSION["username"]); 
unset($_SESSION["password"]); 
}

 

Do NOT use register_globals its dangerous for server security.

Link to comment
Share on other sites
sayedsohail Advanced Member

sayedsohail

Posted
  • Author
Posted

The reason i register the username using session_register("USERNAME"), is to validate in the following pages, now i change to $_SESSION["username"] = $_POST["username"];

 

once registered i am redirecting to members.php file, unfortunately any link <a href..> i click in members.php, it brings back to index.php and i have to enter the login details again, its just happening on my first attempt.  But on my second attempt after input of login details, it redirects as usual to the members.php and all <a href...> links works fine. 

 

Although i am using session_start(); at the top of all my php files right after the <?php.  I am not sure why my first attempt it rejects.

 

i.e,  all the pages got this lines

<?php
session_start();
if(isset($_SESSION['username']) == TRUE)
do something else
redirect to login/index.php page.
..
?>

Link to comment
Share on other sites
btherl Member

btherl

Posted
Posted

Sayed, I tested your script here and it works on the first try.  The only oddity is I have to click "unreg" twice to unregister the session.  This is because the username and password are unregistered AFTER being tested.

 

Just to confirm, do you remove the "m=1" before testing the script each time.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.