Jump to content

PHP Login Script

kyleldi

By kyleldi
in PHP Coding Help

 Share

Recommended Posts

kyleldi Regular Member

kyleldi

Posted
Posted

Hi Everyone,

 

I'm working on a PHP login script that queries a mysql database for the proper authentication.  I'm using cookies to mandate the session, and I keep getting this error.

 

 

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent in /services/index.php on line -695985749

 

Warning: Cannot modify header information - headers already sent by (output started at /services/index.php:-695985749) in /services/index.php on line 72

 

Line 72 is

    header("Location: " . $MM_redirectLoginSuccess );

 

It seems as though the session is not opening, yet I believe the code is right.  Any ideas? 

 

<?php virtual('Connections/Users.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_Users, $Users);
$query_rs_login = "SELECT * FROM users";
$rs_login = mysql_query($query_rs_login, $Users) or die(mysql_error());
$row_rs_login = mysql_fetch_assoc($rs_login);
$totalRows_rs_login = mysql_num_rows($rs_login);
?><?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['userid'])) {
  $loginUsername=$_POST['userid'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "welcome.php";
  $MM_redirectLoginFailed = "index.php";
  $MM_redirecttoReferrer = true;
  mysql_select_db($database_Users, $Users);
  
  $LoginRS__query=sprintf("SELECT userid, password FROM users WHERE userid=%s AND password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $Users) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && true) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>

Link to comment
https://forums.phpfreaks.com/topic/63545-php-login-script/
Share on other sites
kyleldi Regular Member

kyleldi

Posted
  • Author
Posted

I've finally got my code so it is no longer producing errors, yet for some reason inputting a username/password and hitting submit only brings me to the same login page as I started.  Any ideas what I may be doing wrong?

 

<?php if (!isset($_SESSION)) {
  session_start();
}
//declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && true) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
}
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}
?>
<?php virtual('/admin/Connections/Users.php'); ?>
<?php mysql_select_db($database_Users, $Users);
$query_rs_login = "SELECT userid, password FROM users";
$rs_login = mysql_query($query_rs_login, $Users) or die(mysql_error());
$row_rs_login = mysql_fetch_assoc($rs_login);
$totalRows_rs_login = mysql_num_rows($rs_login);
?><?php
// *** Validate request to login to this site.
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['userid'])) {
  $loginUsername=$_POST['userid'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "welcome.php";
  $MM_redirectLoginFailed = "/admin/search.php";
  $MM_redirecttoReferrer = true;
  mysql_select_db($database_Users, $Users);
  
  $LoginRS__query=sprintf("SELECT userid, password FROM users WHERE userid=%s AND password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $Users) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
?>

Link to comment
https://forums.phpfreaks.com/topic/63545-php-login-script/#findComment-316851
Share on other sites
ss32 Newbie

ss32

Posted
Posted

nice dreamweaver login (=

 

the problem is that you arent using a header() redirect, or anything that would be redirecting the page.  if you are looking for the output that was causing the problem last time, it is the newline between your main script and that small thing before it.  ANY output causes this error... newlines, spaces, characters...  be sure your header sending section is at the top and has NOTHING before the <?php ?> tag.

Link to comment
https://forums.phpfreaks.com/topic/63545-php-login-script/#findComment-317519
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.