ghgarcia Posted September 7, 2007 Share Posted September 7, 2007 Hi, I have an login script the collects user name and password also if they are present it executes my index application. Within the index application it requires a protection program that checks to see if the user name is present in the variables and if not it calls the login application. The protection application looks like the following: session_start(); session_register("user"); //Buffer output in case of redirection. ob_start(); //If not logged in, redirect to the login page. if ($_SESSION['user']=="") { header("Location: login.php"); } The login app uses a form to collect the user and password. This process works perfectly in PHP4 and in most cases with PHP5 however there are some cases that for some reason the session values are not available after the login application. The login app uses: $username=$_POST['username']; $password=$_POST['password']; to read the values. Any help would be greatly appreciated. George Quote Link to comment Share on other sites More sharing options...
ToonMariner Posted September 7, 2007 Share Posted September 7, 2007 why are you using session_register in PHP 5? Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted September 7, 2007 Share Posted September 7, 2007 This code is so not needed: session_register("user"); Quote Link to comment Share on other sites More sharing options...
trq Posted September 7, 2007 Share Posted September 7, 2007 session_register() has long been depricated in both php4 and php5. Your check should simply look like... <?php session_start(); ob_start(); if ( ! isset($_SESSION['user'])) { header("Location: login.php"); } ?> We need to see where you set your session vars within the login script. Quote Link to comment Share on other sites More sharing options...
ghgarcia Posted September 7, 2007 Author Share Posted September 7, 2007 Thanks for the suggestion I made the changes and still no joy. Is there something I could check that might give me a clue. Again I really appreciate the help. George Quote Link to comment Share on other sites More sharing options...
trq Posted September 7, 2007 Share Posted September 7, 2007 Once again... we need to see where you set your session vars within the login script. Quote Link to comment Share on other sites More sharing options...
ghgarcia Posted September 7, 2007 Author Share Posted September 7, 2007 Here is a copy of my login script: <? session_start(); session_register("user"); session_register("uname"); $subtitle="Login"; ob_start(); require("header.php"); //Get any form data. $football->WhoOnlineDelete; $username=$_POST['username']; $password=$_POST['password']; if ($_POST) { //Make sure cookies are enabled. // if ($_COOKIE["football"]=="") // { // $football->ErrorMessage("You must use a browser that supports cookies and<br> have them enabled in order to access this site."); // } // else // { //Check input. if ($username=="") { $football->ErrorMessage("Please enter a username."); } elseif ($password=="") { $football->ErrorMessage("Please enter your password."); } else { //Verify the password and redirect to default page if correct. $sql="select * from ".$football->prefix."users where user = '".$username."'"; $rs = $football->dbQuery($sql,$football->database); $row = mysql_fetch_object($rs); $rows = mysql_num_rows($rs); if($rows == 0) { $football->ErrorMessage("User '".$username."' not found."); } elseif (md5($password) != $row->password) { $football->ErrorMessage("Incorrect password, please reenter."); } else { $user=$row->user; if ($row->name =="") { $uname=$row->user; } else { $uname=$row->name; } header("Location: index.php"); } } } //} else { //Set test cookie. setcookie("football","peanutbutter",0,"/",$football->domain,0); } ?> <form action="<?php echo $_SERVER["PHP_SELF"]; ?>" method="post"> <table class="main" cellpadding="0" cellspacing="0"> <tr> <th align="left">User Login</th> </tr> <tr> <td> <div class="freeForm"> <table border="0" cellpadding="0" cellspacing="0"> <tr> <td><strong>Username:</strong></td> <td><input name="username" value="" size="12" /></td> </tr> <tr> <td><strong>Password:</strong></td> <td><input name="password" type="password" value="" size="12" /></td> </tr> </table> <p>Enter your username and password and press 'Login'.</p> </div> </td></tr> </table> <p><input class="button" type="submit" value="Login" /> <input class="button" type="reset" value="Clear" onclick="this.form.elements['username'].selectedIndex = 0; this.form.elements['password'].value = ''; return false;" /></p> </form> <?php require("footer.php"); ?> Thanks, G Quote Link to comment Share on other sites More sharing options...
trq Posted September 7, 2007 Share Posted September 7, 2007 I'm not going to dig right through that code but I can tell you, you never actually set any session vars. You might want to look for a decent tutorial on writting a login system but I'll post a small example. <?php if (isset($_POST['submit'])) { $uname = mysql_real_escape_string($_POST['uname']); $upass = mysql_real_escape_string($_POST['upass']); $sql = "SELECT uname FROM users WHERE uname = '$uname' && upass = '$upass';"; if ($result = mysql_query($sql)) { if (mysql_num_rows($result)) { // we have a valid user. session_start(); $_SESSION['logged'] = true; $_SESSION['uname'] = $uname; // redirect to memebers only page. header("Location members.php"); } else { // invalid user. redirect to login form. header("Location login.php"); } } } ?> Quote Link to comment Share on other sites More sharing options...
ghgarcia Posted September 7, 2007 Author Share Posted September 7, 2007 Really appreciate the help that did it. You guys are great. George Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.