cfgcjm Posted September 29, 2007 Share Posted September 29, 2007 i'm a newb when it comes to php so i need some help with a php login script...I was given the following code as a login <?php /* Login Script */ require ('mysql.php'); session_start(); if (isset ($_POST['submit'])) { // Check to see if the form has been submitted $username = $_POST['username']; $password = md5 ($_POST['password']); // we MD5 encrypted the password at registration, // so we must do this on the login as well // See if the user exists $sql = "SELECT * FROM users WHERE username='$username' AND password='$password'"; if ($r = mysql_query ($sql)) { $row = mysql_fetch_array ($r); $num = mysql_num_rows ($r); if ($num > 0) { // if there is a row with that username/password, the user exists // Now we can assign some SESSIONS, so we can verify on later pages that the user is "logged in" $_SESSION['users_id'] = $row['users_id']; $_SESSION['username'] = $row['username']; $_SESSION['loggedin'] = TRUE; // This is where we will check to see if the user is logged in print 'Thank you for logging in!'; } else { // User does not exist print 'Invalid Username/Password!'; } } else { // The query failed print 'Error:' . mysql_error(); // print the MySQL error } } else { // The form was not submitted // Display the form print '<form action="login.php" method="post"> <table border="0"> <tr> <td align="right">Username:</td> <td align="center"><input type="text" name="username" /></td> </tr> <tr> <td align="right">Password:</td> <td align="center"><input type="password" name="password" /></td> </tr> <tr> <td></td> <td><input type="submit" name="submit" value="Submit" /></td> </tr> </table> </form>'; } ?> and this a a check login script <?php /* Is User Logged In? */ session_start(); // this is just your every day page where you would want someone logged in to view the info if ($_SESSION['loggedin'] == TRUE) { // user is logged in print 'If you can read this, you are logged in!'; } elseif ($_SESSON['loggedin'] == FALSE) { // user is not logged in print 'You must be logged in to read this!'; } ?> it all works but i dont know how to protect a page and or have to direct to a protected page Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted September 29, 2007 Share Posted September 29, 2007 to direct someone to another page, use the header() function: header("location:someotherpage.php"); exit; // always follow with an exit. Quote Link to comment Share on other sites More sharing options...
cfgcjm Posted September 29, 2007 Author Share Posted September 29, 2007 but i want it to direct to a page that is locked out if your not logged in? dont i need to have the check in script there? Quote Link to comment Share on other sites More sharing options...
corillo181 Posted September 29, 2007 Share Posted September 29, 2007 header('Location: address.php'); // L is always capitalize and try to use some other method that does not involve exit; exit could ruin your code if there is little mistake. Quote Link to comment Share on other sites More sharing options...
corillo181 Posted September 29, 2007 Share Posted September 29, 2007 if you want to do that you have to add to a page a session check if($_SESSION['user_id']){ echo 'welcome to page'; }else{ echo 'you not signed in'; } Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted September 29, 2007 Share Posted September 29, 2007 header('Location: address.php'); // L is always capitalize and try to use some other method that does not involve exit; exit could ruin your code if there is little mistake. It is not necessary to capitalize L. If there is a little mistake, best to exit and fix the mistake than to continue processing. Quote Link to comment Share on other sites More sharing options...
cfgcjm Posted September 29, 2007 Author Share Posted September 29, 2007 ok i have no clue what anyone is talking about here...what i need is to go to a page...if the user is logged in load the page...if he is not redirect to another page. if($_SESSION['user_id']){ echo 'welcome to page'; }else{ echo 'not signed in'; } that code does not work...it says not signed even when i am Quote Link to comment Share on other sites More sharing options...
corillo181 Posted September 29, 2007 Share Posted September 29, 2007 are you using session_start in every page? because i see you got a require before session_start. session_start should always be the first thing on ever ypage. Quote Link to comment Share on other sites More sharing options...
cfgcjm Posted September 29, 2007 Author Share Posted September 29, 2007 what is session_start? Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted September 29, 2007 Share Posted September 29, 2007 <?php /* Is User Logged In? */ session_start(); // this is just your every day page where you would want someone logged in to view the info if ($_SESSION['loggedin'] == TRUE) { // user is logged in print 'If you can read this, you are logged in!'; } elseif ($_SESSON['loggedin'] == FALSE) { // user is not logged in header("location:notloggedinpage.php"); // Use is not logged in. Send to notloggedinpage.php exit; } ?> Quote Link to comment Share on other sites More sharing options...
cfgcjm Posted September 29, 2007 Author Share Posted September 29, 2007 yes i see it's there but i dont know what it means or what it does...someone gave me this code and told me to cut and paste it...i dont know what any of it does or how to use it Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted September 29, 2007 Share Posted September 29, 2007 Use the code I just posted at the top of your protected pages. It says "If the user is logged in, print the 'If you can see this' message. If the user is not logged in, send them to notloggedinpage.php"; Quote Link to comment Share on other sites More sharing options...
corillo181 Posted September 29, 2007 Share Posted September 29, 2007 oh thats the problem you can't make it work if you don't understand it. make 2 testing page and go little by little until you make a code you can understand start with a form if you need help walking you threw the process keep coming here until you got a code you can understand. Quote Link to comment Share on other sites More sharing options...
cfgcjm Posted September 29, 2007 Author Share Posted September 29, 2007 I got it now...thanks for your help bluesky Quote Link to comment Share on other sites More sharing options...
The Little Guy Posted September 29, 2007 Share Posted September 29, 2007 Take the following, and place it before EVERYTHING on the users page. So... if you redirect them to user.php, place this at the top of that page. <?php session_start(); if(!$_SESSION['loggedin']){ // If ture, skip this header("Location: /login.php"); // Redirect to the login page if above line is false exit; } ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.