Jump to content

[SOLVED] Daft Session question help please, plus other session help required.

wmguk

By wmguk
in PHP Coding Help

Recommended Posts

wmguk Advanced Member

wmguk

Posted
Posted

Hey,

 

Firstly, im sort of a newbie, but i roughly know what im doing, im currently working on a project, which at the moment is 150 pages,...

 

I have a login script then i have a session header on each page, what i want to do is have a session include on each page, so if i change the session info, it is changed on every page..

 

something like this

<?
include sess.php ;
?>

 

the sess.php is 

<?
session_start(); 
$t = date("h:i:s", time()); 
$_SESSION['admin_login_time'] = $t; 
$_SESSION['myusername'] = $user; 
if(!session_is_registered(myusername)){ 
header("location:index.php"); 
} 
?>

 

now, also, $user is not recognised.

 

this is my login page

 

<?php 
include "connection.php"; 

// Connect to server and select databse. 
if (!$con) 
  { 
  die('Could not connect: ' . mysql_error() ); 
  } 
  mysql_select_db($db, $con); 

// username and password sent from signup form  
$myusername=$_POST['myusername'];  
$mypassword=$_POST['mypassword'];  

$sql="SELECT * FROM our_info WHERE username='$myusername' and password='$mypassword'"; 
$result=mysql_query($sql); 

// Mysql_num_row is counting table row 
$count=mysql_num_rows($result); 
// If result matched $myusername and $mypassword, table row must be 1 row 

if($count==1){ 
// Register $myusername, $mypassword and redirect to file "login_success.php" 
session_register("myusername"); 
header("location:../main.php"); 
} 
else { 
header("location:../failed.html"); 
} 
?>

 

but for some reason $user isnt saved

wmguk Advanced Member

wmguk

Posted
  • Author
Posted

Firstly, code tags.

 

If a session is changed it will stay changed on all pages.

 

Ok, im gonna sound really dumb now, what do you mean by code tags? can you show me a small example of what u mean?

 

sorry to be stupid :)

wmguk Advanced Member

wmguk

Posted
  • Author
Posted

I dont think so, basically, people go from this page

 

<?php 
include "connection.php"; 

// Connect to server and select databse. 
if (!$con) 
  { 
  die('Could not connect: ' . mysql_error() ); 
  } 
  mysql_select_db($db, $con); 

// username and password sent from signup form  
$myusername=$_POST['myusername'];  
$mypassword=$_POST['mypassword'];  

$sql="SELECT * FROM our_info WHERE username='$myusername' and password='$mypassword'"; 
$result=mysql_query($sql); 

// Mysql_num_row is counting table row 
$count=mysql_num_rows($result); 
// If result matched $myusername and $mypassword, table row must be 1 row 

if($count==1){ 
// Register $myusername, $mypassword and redirect to file "login_success.php" 
session_register("myusername"); 
$_SESSION[myusername] = $_POST[myusername];
header("location:../main.php"); 
} 
else { 
header("location:../failed.html"); 
} 
?> 

to this page:

 

<?  
session_start(); 
$_SESSION["myusername"]
if(!session_is_registered(myusername)){ 
header("location:index.php"); 
} 
?>  

//some html missing

<?
echo $username;
?>

wmguk Advanced Member

wmguk

Posted
  • Author
Posted

Code Tags: [ code][/ code] or the # button.

 

Where are you including the sessions script?

 

oh ok, you mean on the forum - sorry i used the [ PHP ] tags, to display what i was doing....

 

according to a tutorial website, it says that this

 

<?php
session_start();
if(!session_is_registered(myusername)){
header("location:index.php");
}
?>

 

needs to be on the top of the page...

 

<?php
session_start();
if(!session_is_registered(myusername)){
header("location:index.php");
}
?> 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/admin.dwt" codeOutsideHTMLIsLocked="false" -->
<head>
<!-- InstanceBeginEditable name="doctitle" -->
<title>

wmguk Advanced Member

wmguk

Posted
  • Author
Posted

Ok, ive just taken all the info directly from the tutorial website..

 

index.php:

 

<form action="scripts/login.php" method="post" name="login"> 
         <table width="500" border="0" align="center" cellpadding="0" cellspacing="0"> 
           <tr> 
             <td align="center" valign="middle" class="main"> </td> 
             <td align="center" valign="middle"> </td> 
           </tr> 
           <tr> 
             <td align="center" valign="middle" class="main"><div align="center">Username</div></td> 
             <td align="center" valign="middle"> 
               <div align="center"> 
                 <input name="myusername" type="text" class="main" id="myusername" /> 
                 </div></td> 
           </tr> 
           <tr> 
             <td align="center" valign="middle" class="main"><div align="center">Password</div></td> 
             <td align="center" valign="middle"><div align="center"> 
               <p> 
                 <input name="mypassword" type="password" class="main" id="mypassword" /> 
               </p> 
               </div></td> 
           </tr> 
           <tr> 
             <td align="center" valign="middle"><div align="center"></div></td> 
             <td align="center" valign="middle"><div align="center"></div></td> 
           </tr> 
           <tr> 
             <td colspan="2" align="center" valign="middle"> 
               <div align="center"> <br /> 
               <input type="submit" class="main" name="Submit" value="Log In" /> 
               </div></td> 
             </tr> 
         </table> 
         </form>

 

login.php:

 

<?php
include "connection.php"; 

// Connect to server and select databse. 
if (!$con) 
{ 
die('Could not connect: ' . mysql_error() ); 
} 
mysql_select_db($db, $con); 

// username and password sent from signup form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

$sql="SELECT * FROM our_info WHERE username='$myusername' and password='$mypassword'"; 
$result=mysql_query($sql); 

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:../main.php"); 
} 
else 
{ 
header("location:../failed.html"); 
} 
?>

 

main.php:

 

<?php
session_start();
if(!session_is_registered(myusername)){
header("location:index.php");
}
?>

NArc0t1c Member

NArc0t1c

Posted
Posted

uhm, try this following, it has all those grouped as one.

 

<?php
//Engage sesions.
session_start();
/* Here we include the mysql connection script. */
include("connection.php");

// Connect to server and select databse. 
if (!$con) 
{ 
die('Could not connect: ' . mysql_error()); 
} 
else {
if (!mysql_select_db($db, $con)){
echo 'Could not connect to database.';
exit; }
}


if(isset($_POST['Submit'])){

$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

/* Select data from database. */
$sql="SELECT * FROM our_info WHERE username='$myusername' and password='$mypassword'"; 
$result=mysql_query($sql); 
$count=mysql_num_rows($result);

/* If only one occurrence is there. */
if($count==1){
/* Set the myusername sesion to 1 */
$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword'] = $mypassword; 
/* Make an sesion called authenticated to tell main.php that the user is logged in. */
$_SESSION['authenticated'] == 'true';
echo 'Login has succeeded.<br />Click <a href="main.php">here</a> to continue';
exit;
} 
else 
{ 
echo 'Failed to login.';
exit;
} 
}
else {
?>
<form action="scripts/login.php" method="post" name="login"> 
          <table width="500" border="0" align="center" cellpadding="0" cellspacing="0"> 
            <tr> 
              <td align="center" valign="middle" class="main"> </td> 
              <td align="center" valign="middle"> </td> 
            </tr> 
            <tr> 
              <td align="center" valign="middle" class="main"><div align="center">Username</div></td> 
              <td align="center" valign="middle"> 
                <div align="center"> 
                  <input name="myusername" type="text" class="main" id="myusername" /> 
                  </div></td> 
            </tr> 
            <tr> 
              <td align="center" valign="middle" class="main"><div align="center">Password</div></td> 
              <td align="center" valign="middle"><div align="center"> 
                <p> 
                  <input name="mypassword" type="password" class="main" id="mypassword" /> 
                </p> 
                </div></td> 
            </tr> 
            <tr> 
              <td align="center" valign="middle"><div align="center"></div></td> 
              <td align="center" valign="middle"><div align="center"></div></td> 
            </tr> 
            <tr> 
              <td colspan="2" align="center" valign="middle"> 
                <div align="center"> <br /> 
                <input type="submit" class="main" name="Submit" value="Log In" /> 
                </div></td> 
              </tr> 
          </table> 
          </form> 
<?php
}
?>

 

Edit: Please note, I haven't tested this yet.

NArc0t1c Member

NArc0t1c

Posted
Posted

How do you mean?

 

On the script where you want to use the user variable use the following,

<?php
/* Check for the authenticated session. */
if(isset($_SESSION['authenticated'])){
/* make the user variable. */
$user = $_SESSION['myusername'];
} else { 
/* Echo a 401 error, in this case, echo message */
echo 'You are not authenticated.';
exit; }

/* The rest of the script would come here. */
?>

 

Edit: Added Comments.

wmguk Advanced Member

wmguk

Posted
  • Author
Posted

hmm, ok, just had a play :

 

<?php
session_start();
if(isset($_SESSION['authenticated'])){
$user = $_SESSION['myusername']; 
} 
else 
{ 
header("location:index.php");
exit; 
}
?>

 

I have a location section in there, so that if the login fails, it will redirect back to index.php..

 

the only problem is that, it fails everytime now.. have I done it right?

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.