Jump to content

My Login Script


forumnz
 Share

Recommended Posts

What is wrong with this. I have made it set a session with the users id as the uid.

It displays "UID =" and thats it.

 

Thanks,

Sam.

 

<?php

include('connect.php');
mysql_select_db("bbmembers", $con);

if(count($_POST)>0)
{
           $username=$_POST["username"];
           $password=$_POST["password"];
	  
	   $password=md5($password);
           $sql="SELECT * FROM members
                    WHERE
                    username=\"$username\" 
                    AND 
                    password=\"$password\"";
            $rs=mysql_query($sql);               //execute the query
            if(mysql_num_rows($rs)==1) {
		 $uid = $row["id"];

                    session_start(); 
$_SESSION['user'] = $uid; // store session data
echo "UID = ". $_SESSION['user']; //retrieve data

            }else{

if(mysql_num_rows($rs)==0) {

//invalid username of password
                  //redirect to login page
                  header("Location: login.php"); }
    }
}
?>

Link to comment
Share on other sites

Hang on..... got it!!

 

Now i just need it to set a cookie.

 

I will try that myself.

 

Should I use cookies or sessions?

You can use both cookies and sessions, for cookies, the format is like:

setcookie("username", $_SESSION['username'], time()+60*60*24*30, "/");
setcookie("password", $_SESSION['password'], time()+60*60*24*30, "/");

for sessions:

$_SESSION["username"] = $username;
$_SESSION["password"] = $password;

Ted

Link to comment
Share on other sites

Like this:

 

<?php
session_start(); 
$username=$_SESSION[username]; $password=$_SESSION[password]; $id=$_SESSION[uid];

include('connect.php');
mysql_select_db("bbmembers", $con);

if(count($_POST)>0)
{
           $username=$_POST["username"];
           $password=$_POST["password"];
	  
	   $password=md5($password);
           $sql="SELECT * FROM members
                    WHERE
                    username=\"$username\" 
                    AND 
                    password=\"$password\"";
            $rs=mysql_query($sql);               //execute the query
            if(mysql_num_rows($rs)==1) {
		 $uid = $row["id"];

                    session_start(); 
$_SESSION['user'] = $uid; // store session data
echo "UID = ". $_SESSION['user']; //retrieve data

            }else{

if(mysql_num_rows($rs)==0) {

//invalid username of password
                  //redirect to login page
                  header("Location: login.php"); }
    }
}
?>

Link to comment
Share on other sites

example

 

<?php

session_start();   if (isset($_SESSION['username'])){      echo "User : ".$_SESSION['username'];      unset($_SESSION['username']);   } else {      echo "Set the username";      $_SESSION['username'] = 'John';

?>

 

 

http://www.phpf1.com/tutorial/php-sessions.html

 

good session tutorial

Link to comment
Share on other sites

This is what I currently have... why is it not working?

 

<?php

session_start();
$_SESSION['uid'] = '$id';

include('connect.php');
mysql_select_db("bbmembers", $con);

if(count($_POST)>0)
{
           $username=$_POST["username"];
           $password=$_POST["password"];
	  
	   $password=md5($password);
           $sql="SELECT * FROM members
                    WHERE
                    username=\"$username\" 
                    AND 
                    password=\"$password\"";
            $rs=mysql_query($sql);               //execute the query
            if(mysql_num_rows($rs)==1) {

                    //Set Session

				session_start(); 

				$_SESSION['id'] = $id; // store session data
echo "UID = ". $_SESSION['id']; //retrieve data

            }else{

if(mysql_num_rows($rs)==0) {

//invalid username of password
                  //redirect to login page
                  header("Location: login.php"); }
    }
}
?>

 

The connect.php is connecting to the db.

 

Thanks,

Sam.

Link to comment
Share on other sites

Here's how I make sure the session is started and how to get the session_id:

//	START SESSION
try
{
	if ( !@ ( session_id() ) )
		throw new Exception ("oh no!");
}
catch (Exception $e)
{
	//print 'INCLUDE ERROR!!!<br>';
	//return -1;
	session_start();
}

//	GET CURRENT SESSION ID
try
{
	if ( !@ ( $sess['sess_id'] = session_id() ) )
		throw new Exception ("oh no!");
}
catch (Exception $e)
{
	session_destroy();
	session_start();

	$sess['sess_id'] = session_id();
}

 

Use whatever you want instead of $sess['sess_id']...

Link to comment
Share on other sites

This thread is more than a year old.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.