Jump to content

[SOLVED] Daft Session question help please, plus other session help required.

wmguk

By wmguk
in PHP Coding Help

 Share

Recommended Posts

wmguk Advanced Member

wmguk

Posted
Posted

Hey,

 

Firstly, im sort of a newbie, but i roughly know what im doing, im currently working on a project, which at the moment is 150 pages,...

 

I have a login script then i have a session header on each page, what i want to do is have a session include on each page, so if i change the session info, it is changed on every page..

 

something like this

<?
include sess.php ;
?>

 

the sess.php is 

<?
session_start(); 
$t = date("h:i:s", time()); 
$_SESSION['admin_login_time'] = $t; 
$_SESSION['myusername'] = $user; 
if(!session_is_registered(myusername)){ 
header("location:index.php"); 
} 
?>

 

now, also, $user is not recognised.

 

this is my login page

 

<?php 
include "connection.php"; 

// Connect to server and select databse. 
if (!$con) 
  { 
  die('Could not connect: ' . mysql_error() ); 
  } 
  mysql_select_db($db, $con); 

// username and password sent from signup form  
$myusername=$_POST['myusername'];  
$mypassword=$_POST['mypassword'];  

$sql="SELECT * FROM our_info WHERE username='$myusername' and password='$mypassword'"; 
$result=mysql_query($sql); 

// Mysql_num_row is counting table row 
$count=mysql_num_rows($result); 
// If result matched $myusername and $mypassword, table row must be 1 row 

if($count==1){ 
// Register $myusername, $mypassword and redirect to file "login_success.php" 
session_register("myusername"); 
header("location:../main.php"); 
} 
else { 
header("location:../failed.html"); 
} 
?>

 

but for some reason $user isnt saved

wmguk Advanced Member

wmguk

Posted
  • Author
Posted

Firstly, code tags.

 

If a session is changed it will stay changed on all pages.

 

Ok, im gonna sound really dumb now, what do you mean by code tags? can you show me a small example of what u mean?

 

sorry to be stupid :)

wmguk Advanced Member

wmguk

Posted
  • Author
Posted

I dont think so, basically, people go from this page

 

<?php 
include "connection.php"; 

// Connect to server and select databse. 
if (!$con) 
  { 
  die('Could not connect: ' . mysql_error() ); 
  } 
  mysql_select_db($db, $con); 

// username and password sent from signup form  
$myusername=$_POST['myusername'];  
$mypassword=$_POST['mypassword'];  

$sql="SELECT * FROM our_info WHERE username='$myusername' and password='$mypassword'"; 
$result=mysql_query($sql); 

// Mysql_num_row is counting table row 
$count=mysql_num_rows($result); 
// If result matched $myusername and $mypassword, table row must be 1 row 

if($count==1){ 
// Register $myusername, $mypassword and redirect to file "login_success.php" 
session_register("myusername"); 
$_SESSION[myusername] = $_POST[myusername];
header("location:../main.php"); 
} 
else { 
header("location:../failed.html"); 
} 
?> 

to this page:

 

<?  
session_start(); 
$_SESSION["myusername"]
if(!session_is_registered(myusername)){ 
header("location:index.php"); 
} 
?>  

//some html missing

<?
echo $username;
?>

wmguk Advanced Member

wmguk

Posted
  • Author
Posted

Code Tags: [ code][/ code] or the # button.

 

Where are you including the sessions script?

 

oh ok, you mean on the forum - sorry i used the [ PHP ] tags, to display what i was doing....

 

according to a tutorial website, it says that this

 

<?php
session_start();
if(!session_is_registered(myusername)){
header("location:index.php");
}
?>

 

needs to be on the top of the page...

 

<?php
session_start();
if(!session_is_registered(myusername)){
header("location:index.php");
}
?> 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/admin.dwt" codeOutsideHTMLIsLocked="false" -->
<head>
<!-- InstanceBeginEditable name="doctitle" -->
<title>

wmguk Advanced Member

wmguk

Posted
  • Author
Posted

Ok, ive just taken all the info directly from the tutorial website..

 

index.php:

 

<form action="scripts/login.php" method="post" name="login"> 
         <table width="500" border="0" align="center" cellpadding="0" cellspacing="0"> 
           <tr> 
             <td align="center" valign="middle" class="main"> </td> 
             <td align="center" valign="middle"> </td> 
           </tr> 
           <tr> 
             <td align="center" valign="middle" class="main"><div align="center">Username</div></td> 
             <td align="center" valign="middle"> 
               <div align="center"> 
                 <input name="myusername" type="text" class="main" id="myusername" /> 
                 </div></td> 
           </tr> 
           <tr> 
             <td align="center" valign="middle" class="main"><div align="center">Password</div></td> 
             <td align="center" valign="middle"><div align="center"> 
               <p> 
                 <input name="mypassword" type="password" class="main" id="mypassword" /> 
               </p> 
               </div></td> 
           </tr> 
           <tr> 
             <td align="center" valign="middle"><div align="center"></div></td> 
             <td align="center" valign="middle"><div align="center"></div></td> 
           </tr> 
           <tr> 
             <td colspan="2" align="center" valign="middle"> 
               <div align="center"> <br /> 
               <input type="submit" class="main" name="Submit" value="Log In" /> 
               </div></td> 
             </tr> 
         </table> 
         </form>

 

login.php:

 

<?php
include "connection.php"; 

// Connect to server and select databse. 
if (!$con) 
{ 
die('Could not connect: ' . mysql_error() ); 
} 
mysql_select_db($db, $con); 

// username and password sent from signup form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

$sql="SELECT * FROM our_info WHERE username='$myusername' and password='$mypassword'"; 
$result=mysql_query($sql); 

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:../main.php"); 
} 
else 
{ 
header("location:../failed.html"); 
} 
?>

 

main.php:

 

<?php
session_start();
if(!session_is_registered(myusername)){
header("location:index.php");
}
?>

NArc0t1c Member

NArc0t1c

Posted
Posted

uhm, try this following, it has all those grouped as one.

 

<?php
//Engage sesions.
session_start();
/* Here we include the mysql connection script. */
include("connection.php");

// Connect to server and select databse. 
if (!$con) 
{ 
die('Could not connect: ' . mysql_error()); 
} 
else {
if (!mysql_select_db($db, $con)){
echo 'Could not connect to database.';
exit; }
}


if(isset($_POST['Submit'])){

$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

/* Select data from database. */
$sql="SELECT * FROM our_info WHERE username='$myusername' and password='$mypassword'"; 
$result=mysql_query($sql); 
$count=mysql_num_rows($result);

/* If only one occurrence is there. */
if($count==1){
/* Set the myusername sesion to 1 */
$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword'] = $mypassword; 
/* Make an sesion called authenticated to tell main.php that the user is logged in. */
$_SESSION['authenticated'] == 'true';
echo 'Login has succeeded.<br />Click <a href="main.php">here</a> to continue';
exit;
} 
else 
{ 
echo 'Failed to login.';
exit;
} 
}
else {
?>
<form action="scripts/login.php" method="post" name="login"> 
          <table width="500" border="0" align="center" cellpadding="0" cellspacing="0"> 
            <tr> 
              <td align="center" valign="middle" class="main"> </td> 
              <td align="center" valign="middle"> </td> 
            </tr> 
            <tr> 
              <td align="center" valign="middle" class="main"><div align="center">Username</div></td> 
              <td align="center" valign="middle"> 
                <div align="center"> 
                  <input name="myusername" type="text" class="main" id="myusername" /> 
                  </div></td> 
            </tr> 
            <tr> 
              <td align="center" valign="middle" class="main"><div align="center">Password</div></td> 
              <td align="center" valign="middle"><div align="center"> 
                <p> 
                  <input name="mypassword" type="password" class="main" id="mypassword" /> 
                </p> 
                </div></td> 
            </tr> 
            <tr> 
              <td align="center" valign="middle"><div align="center"></div></td> 
              <td align="center" valign="middle"><div align="center"></div></td> 
            </tr> 
            <tr> 
              <td colspan="2" align="center" valign="middle"> 
                <div align="center"> <br /> 
                <input type="submit" class="main" name="Submit" value="Log In" /> 
                </div></td> 
              </tr> 
          </table> 
          </form> 
<?php
}
?>

 

Edit: Please note, I haven't tested this yet.

NArc0t1c Member

NArc0t1c

Posted
Posted

How do you mean?

 

On the script where you want to use the user variable use the following,

<?php
/* Check for the authenticated session. */
if(isset($_SESSION['authenticated'])){
/* make the user variable. */
$user = $_SESSION['myusername'];
} else { 
/* Echo a 401 error, in this case, echo message */
echo 'You are not authenticated.';
exit; }

/* The rest of the script would come here. */
?>

 

Edit: Added Comments.

wmguk Advanced Member

wmguk

Posted
  • Author
Posted

hmm, ok, just had a play :

 

<?php
session_start();
if(isset($_SESSION['authenticated'])){
$user = $_SESSION['myusername']; 
} 
else 
{ 
header("location:index.php");
exit; 
}
?>

 

I have a location section in there, so that if the login fails, it will redirect back to index.php..

 

the only problem is that, it fails everytime now.. have I done it right?

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.