Jump to content

My Login Script


forumnz

Recommended Posts

What is wrong with this. I have made it set a session with the users id as the uid.

It displays "UID =" and thats it.

 

Thanks,

Sam.

 

<?php

include('connect.php');
mysql_select_db("bbmembers", $con);

if(count($_POST)>0)
{
           $username=$_POST["username"];
           $password=$_POST["password"];
	  
	   $password=md5($password);
           $sql="SELECT * FROM members
                    WHERE
                    username=\"$username\" 
                    AND 
                    password=\"$password\"";
            $rs=mysql_query($sql);               //execute the query
            if(mysql_num_rows($rs)==1) {
		 $uid = $row["id"];

                    session_start(); 
$_SESSION['user'] = $uid; // store session data
echo "UID = ". $_SESSION['user']; //retrieve data

            }else{

if(mysql_num_rows($rs)==0) {

//invalid username of password
                  //redirect to login page
                  header("Location: login.php"); }
    }
}
?>

Link to comment
Share on other sites

Hang on..... got it!!

 

Now i just need it to set a cookie.

 

I will try that myself.

 

Should I use cookies or sessions?

You can use both cookies and sessions, for cookies, the format is like:

setcookie("username", $_SESSION['username'], time()+60*60*24*30, "/");
setcookie("password", $_SESSION['password'], time()+60*60*24*30, "/");

for sessions:

$_SESSION["username"] = $username;
$_SESSION["password"] = $password;

Ted

Link to comment
Share on other sites

Like this:

 

<?php
session_start(); 
$username=$_SESSION[username]; $password=$_SESSION[password]; $id=$_SESSION[uid];

include('connect.php');
mysql_select_db("bbmembers", $con);

if(count($_POST)>0)
{
           $username=$_POST["username"];
           $password=$_POST["password"];
	  
	   $password=md5($password);
           $sql="SELECT * FROM members
                    WHERE
                    username=\"$username\" 
                    AND 
                    password=\"$password\"";
            $rs=mysql_query($sql);               //execute the query
            if(mysql_num_rows($rs)==1) {
		 $uid = $row["id"];

                    session_start(); 
$_SESSION['user'] = $uid; // store session data
echo "UID = ". $_SESSION['user']; //retrieve data

            }else{

if(mysql_num_rows($rs)==0) {

//invalid username of password
                  //redirect to login page
                  header("Location: login.php"); }
    }
}
?>

Link to comment
Share on other sites

example

 

<?php

session_start();   if (isset($_SESSION['username'])){      echo "User : ".$_SESSION['username'];      unset($_SESSION['username']);   } else {      echo "Set the username";      $_SESSION['username'] = 'John';

?>

 

 

http://www.phpf1.com/tutorial/php-sessions.html

 

good session tutorial

Link to comment
Share on other sites

This is what I currently have... why is it not working?

 

<?php

session_start();
$_SESSION['uid'] = '$id';

include('connect.php');
mysql_select_db("bbmembers", $con);

if(count($_POST)>0)
{
           $username=$_POST["username"];
           $password=$_POST["password"];
	  
	   $password=md5($password);
           $sql="SELECT * FROM members
                    WHERE
                    username=\"$username\" 
                    AND 
                    password=\"$password\"";
            $rs=mysql_query($sql);               //execute the query
            if(mysql_num_rows($rs)==1) {

                    //Set Session

				session_start(); 

				$_SESSION['id'] = $id; // store session data
echo "UID = ". $_SESSION['id']; //retrieve data

            }else{

if(mysql_num_rows($rs)==0) {

//invalid username of password
                  //redirect to login page
                  header("Location: login.php"); }
    }
}
?>

 

The connect.php is connecting to the db.

 

Thanks,

Sam.

Link to comment
Share on other sites

Here's how I make sure the session is started and how to get the session_id:

//	START SESSION
try
{
	if ( !@ ( session_id() ) )
		throw new Exception ("oh no!");
}
catch (Exception $e)
{
	//print 'INCLUDE ERROR!!!<br>';
	//return -1;
	session_start();
}

//	GET CURRENT SESSION ID
try
{
	if ( !@ ( $sess['sess_id'] = session_id() ) )
		throw new Exception ("oh no!");
}
catch (Exception $e)
{
	session_destroy();
	session_start();

	$sess['sess_id'] = session_id();
}

 

Use whatever you want instead of $sess['sess_id']...

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.