938660 Posted October 19, 2007 Share Posted October 19, 2007 I have a problem with my session. When a user isnt signed, they only see certain links at top pf the page ie login, register, forgot password. If they are signed in, additional links are displayed below, ie edit details, logout. The problem is, when i login these links(edit details, logout), do not get displayed. I think the session maybe isnt actually 'logging me in'. Please help - ive worked on this for ages and cant figure out why. i have started the session at the top of the page before the html tag, included connection etc. <? //--------------------------------- // Check that the user is logged in //--------------------------------- if ($_SESSION['logged_in']!=1){ ?> <p class="white"><b>You are not logged in</b></p> <table width="100%" border="0" cellspacing="0" cellpadding="1"> <tr> <td><a href="login.php">Login</a> </td> </tr> <tr> <td><a href="register.php">Register</a></td> </tr> <tr> <td><a href="password.php">Lost Password</a></td> </tr> </table> <? } else { ?> <span class="white"><b>Welcome back <? echo $_SESSION['first_name'];?></b></span> <br /><Br /> <a href = "edit.php"><font color="#FFCC00">Edit your details</font></a><br /> <a href = "logout.php"><font color="#FFCC00">Click here to logout</font></a> <? } ?> </td> </tr> </table> if ($_SESSION['logged_in']==1){ echo "You are already logged in!"; // Check that the form was submitted and check the user } else if (isset($_POST['submit'])){ // do user database checking $username=$_POST["username"]; // convert post variables $password=$_POST["password"]; // convert post variables $sql = "SELECT * FROM users WHERE username = '$username'"; // Database checks $result = mysql_query($sql) or die(mysql_error()); $num=mysql_num_rows($result); if ($num){ // if the username was found $row = mysql_fetch_array($result); $database_user = $row["username"]; // get details from database $database_pass = $row["password"]; $database_title = $row["title"]; $database_first_name = $row["first_name"]; $database_last_name = $row["last_name"]; if (($username == $database_user) && ($password == $database_pass)){ // check posted vars against database // add variables to the session $_SESSION['username'] = $database_user; $_SESSION['password'] = $database_pass; $_SESSION['title'] = $database_title; $_SESSION['first_name'] = $database_first_name; $_SESSION['last_name'] = $database_last_name; $_SESSION['address1'] = $database_address1; $_SESSION['address2'] = $database_address2; $_SESSION['city_town'] = $database_city_town; $_SESSION['postcode'] = $database_postcode; $_SESSION['email'] = $database_email; $_SESSION['country'] = $database_country; $_SESSION['logged_in'] = 1; echo "<head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" /><meta http-equiv=\"Refresh\" content=\"0;URL=members.php\" /></head>"; } if ($username <> $database_user) { echo "We cannot find that username!";} // Check the user is there if (($password <> $database_pass) && ($username == $database_user)) { echo "You have inputed a wrong password.";} // Check pass } else { echo "We cannot find that username!"; } } else { ?> </p> <form method="post" action="<? echo $PHP_SELF?>"> <h3>Enter Details Below</h3> <fieldset> <label><span><b>Username:</b></span> <span class="price"> <input name="username" type="text" id="username" size="24" /> </span> <br><br> <span><b>Password:</b></span> <span class="price"> <input name="password" type="password" id="password" size="24" /> </span> <br><br> <br> <br><br> <input name="submit" type="submit" id="submit" value="Sign in" /> </fieldset> </form> <? } ?> </body> </html> Quote Link to comment Share on other sites More sharing options...
Wes1890 Posted October 19, 2007 Share Posted October 19, 2007 im just posting this so i can read that mess... ill see if i can see any errors in a second <?php //--------------------------------- // Check that the user is logged in //--------------------------------- if ($_SESSION['logged_in']!=1){ ?> <p class="white">You are not logged in</p> <table width="100%" border="0" cellspacing="0" cellpadding="1"> <tr> <td><a href="login.php">Login[/url] </td> </tr> <tr> <td><a href="register.php">Register[/url]</td> </tr> <tr> <td><a href="password.php">Lost Password[/url]</td> </tr> </table> <?php } else { ?> <span class="white">Welcome back <? echo $_SESSION['first_name'];?></span> <Br /> <a href = "edit.php"><font color="#FFCC00">Edit your details</font>[/url] <a href = "logout.php"><font color="#FFCC00">Click here to logout</font>[/url] <?php } ?> </td> </tr> </table> if ($_SESSION['logged_in']==1){ echo "You are already logged in!"; // Check that the form was submitted and check the user } else if (isset($_POST['submit'])){ // do user database checking $username=$_POST["username"]; // convert post variables $password=$_POST["password"]; // convert post variables $sql = "SELECT * FROM users WHERE username = '$username'"; // Database checks $result = mysql_query($sql) or die(mysql_error()); $num=mysql_num_rows($result); if ($num){ // if the username was found $row = mysql_fetch_array($result); $database_user = $row["username"]; // get details from database $database_pass = $row["password"]; $database_title = $row["title"]; $database_first_name = $row["first_name"]; $database_last_name = $row["last_name"]; if (($username == $database_user) && ($password == $database_pass)){ // check posted vars against database // add variables to the session $_SESSION['username'] = $database_user; $_SESSION['password'] = $database_pass; $_SESSION['title'] = $database_title; $_SESSION['first_name'] = $database_first_name; $_SESSION['last_name'] = $database_last_name; $_SESSION['address1'] = $database_address1; $_SESSION['address2'] = $database_address2; $_SESSION['city_town'] = $database_city_town; $_SESSION['postcode'] = $database_postcode; $_SESSION['email'] = $database_email; $_SESSION['country'] = $database_country; $_SESSION['logged_in'] = 1; echo "<head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" /><meta http-equiv=\"Refresh\" content=\"0;URL=members.php\" /></head>"; } if ($username <> $database_user) { echo "We cannot find that username!";} // Check the user is there if (($password <> $database_pass) && ($username == $database_user)) { echo "You have inputed a wrong password.";} // Check pass } else { echo "We cannot find that username!"; } } else { ?> </p> <form method="post" action="<? echo $PHP_SELF?>"> <h3>Enter Details Below</h3> <fieldset> <label><span>Username:</span> <span class="price"> <input name="username" type="text" id="username" size="24" /> </span> <span>Password:</span> <span class="price"> <input name="password" type="password" id="password" size="24" /> </span> <input name="submit" type="submit" id="submit" value="Sign in" /> </fieldset> </form> <?php } ?> </body> </html> Quote Link to comment Share on other sites More sharing options...
Wes1890 Posted October 19, 2007 Share Posted October 19, 2007 Try this: You didnt put <?php in a certain spot.. i marked it.. Also, if it doesn't work, try just checking if the $_SESSION is set, not if it is equal to 1 or not and $_POST['submit'] will always be set... so to check if it was clicked, do: if ($_POST['submit'] == "Value") But change "VALUE" to what the value of the submit button is (what it says) <?php session_start(); //--------------------------------- // Check that the user is logged in //--------------------------------- if ($_SESSION['logged_in']!=1) { ?> <p class="white">You are not logged in</p> <table width="100%" border="0" cellspacing="0" cellpadding="1"> <tr> <td><a href="login.php">Login[/url] </td> </tr> <tr> <td><a href="register.php">Register[/url]</td> </tr> <tr> <td><a href="password.php">Lost Password[/url]</td> </tr> </table> <?php } else { ?> <span class="white">Welcome back <? echo $_SESSION['first_name'];?></span> <Br /> <a href = "edit.php"><font color="#FFCC00">Edit your details</font>[/url] <a href = "logout.php"><font color="#FFCC00">Click here to logout</font>[/url] <?php } ?> </td> </tr> </table> <?php // ^^ // YOU DIDNT PUT <?PHP HERE // if ($_SESSION['logged_in']==1) { echo "You are already logged in!"; } // $_POST['submit'] will always be set... so to check if it was clicked, // do, if ($_POST['submit'] == "Value") // But change "VALUE" to what the value of the submit button is (what it says) else if (isset($_POST['submit'])) { // do user database checking $username=$_POST["username"]; // convert post variables $password=$_POST["password"]; // convert post variables $sql = "SELECT * FROM users WHERE username = '$username'"; // Database checks $result = mysql_query($sql) or die(mysql_error()); $num=mysql_num_rows($result); if ($num) { $row = mysql_fetch_array($result); $database_user = $row["username"]; // get details from database $database_pass = $row["password"]; $database_title = $row["title"]; $database_first_name = $row["first_name"]; $database_last_name = $row["last_name"]; if (($username == $database_user) && ($password == $database_pass)) { // add variables to the session $_SESSION['username'] = $database_user; $_SESSION['password'] = $database_pass; $_SESSION['title'] = $database_title; $_SESSION['first_name'] = $database_first_name; $_SESSION['last_name'] = $database_last_name; $_SESSION['address1'] = $database_address1; $_SESSION['address2'] = $database_address2; $_SESSION['city_town'] = $database_city_town; $_SESSION['postcode'] = $database_postcode; $_SESSION['email'] = $database_email; $_SESSION['country'] = $database_country; $_SESSION['logged_in'] = 1; echo "<head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" /><meta http-equiv=\"Refresh\" content=\"0;URL=members.php\" /></head>"; } if ($username <> $database_user) { echo "We cannot find that username!";} // Check the user is there if (($password <> $database_pass) && ($username == $database_user)) { echo "You have inputed a wrong password.";} // Check pass } else { echo "We cannot find that username!"; } } else { ?> </p> <form method="post" action="<? echo $PHP_SELF?>"> <h3>Enter Details Below</h3> <fieldset> <label><span>Username:</span> <span class="price"> <input name="username" type="text" id="username" size="24" /> </span> <span>Password:</span> <span class="price"> <input name="password" type="password" id="password" size="24" /> </span> <input name="submit" type="submit" id="submit" value="Sign in" /> </fieldset> </form> <?php } ?> </body> </html> Quote Link to comment Share on other sites More sharing options...
938660 Posted October 19, 2007 Author Share Posted October 19, 2007 Hi - thanks for the effort, but that wasnt the problem. I actually did put that <? in but i just tried to trim the code before posting. You may also noticed that i tried to add varibales to the session without declaring them, i actually did declare them - jst a mistake when trying to trim it down again. the rest is fine Quote Link to comment Share on other sites More sharing options...
mattal999 Posted October 19, 2007 Share Posted October 19, 2007 right after the <?php you need to put: session_start(); otherwise it will never rigister the session Quote Link to comment Share on other sites More sharing options...
Wes1890 Posted October 19, 2007 Share Posted October 19, 2007 Did you start the sessions in your script? Quote Link to comment Share on other sites More sharing options...
igor berger Posted October 19, 2007 Share Posted October 19, 2007 I do not get it? You have HTML that you want echoed outside PHP? I do like this <?php //--------------------------------- // Check that the user is logged in //--------------------------------- if ($_SESSION['logged_in']!=1){ echo <<<END <p class="white">You are not logged in</p> <table width="100%" border="0" cellspacing="0" cellpadding="1"> <tr> <td><a href="login.php">Login[/url] </td> </tr> <tr> <td><a href="register.php">Register[/url]</td> </tr> <tr> <td><a href="password.php">Lost Password[/url]</td> </tr> </table> END; } else { echo <<<END <span class="white">Welcome back $_SESSION['first_name']></span> <Br /> <a href = "edit.php"><font color="#FFCC00">Edit your details</font>[/url] <a href = "logout.php"><font color="#FFCC00">Click here to logout</font>[/url] END; } ?> Try this and see if it works, if it does modify the rest of your code! I presume that $_SESSION['logged_in']=1; is assigned on the first page that the login page posts to? page 1 is login page page 2 is the session initiation page that page one posts to. on page two you give value $_SESSION['logged_in']=1; then all your other pages can check of $_SESSION['logged_in'] is equals to 1 Quote Link to comment Share on other sites More sharing options...
938660 Posted October 19, 2007 Author Share Posted October 19, 2007 Yes the session is started and isnt doing what id like it to do. 'I do not get it? You have HTML that you want echoed outside PHP?' - yes if if ($_SESSION['logged_in']==1)(ie logged in) show the links 'edit' and 'logout', if not, dont show these links. The key is, you must be logged in to see these links, else you cant see them. I presume that $_SESSION['logged_in']=1; is assigned on the first page that the login page posts to? page 1 is login page page 2 is the session initiation page that page one posts to. on page two you give value $_SESSION['logged_in']=1; then all your other pages can check of $_SESSION['logged_in'] is equals to 1 <<<<<CORRECT Quote Link to comment Share on other sites More sharing options...
igor berger Posted October 19, 2007 Share Posted October 19, 2007 if HTML is outside the IF statement how does the if statement works? <?php $a=1; if($a==1) { echo "links"; } else { echo "not loged in"; } ?> Your HTML code links must be included in the if and else statements to be echoed out! Quote Link to comment Share on other sites More sharing options...
938660 Posted October 19, 2007 Author Share Posted October 19, 2007 ah ive just given up, once login is correct ie a password corresponds to a username, you can see Ive given the session a new variable $_SESSION['logged_in'] = 1, which signifies a login was successful and also redirected it to a page called members.php which is below. Somthings telling me the session isnt recognised by this page OR ANOTHER. Basically ive logged in with a correct password, so i should be redirected to the members page that displays the 'edit' and 'logout' links instead of 'login', 'register', 'lost password' but his isnt the case. <? //------------------------------- // Get the database configuration //------------------------------- session_start(); include ('database_config.php'); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>members</title> <link rel="stylesheet" type="text/css" href="style.css" id="stylesheet" /> </head> <body > <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="71%" height="133"><img src="images/company_logo.jpg" width="668" height="114" /></td> <td width="29%" height="133"> <? //--------------------------------- // Check that the user is logged in //--------------------------------- if ($_SESSION['logged_in']!=1){ //------------------------------------------------------------------------------------------- // These are the links you would see by default, ie not logged in //------------------------------------------------------------------------------------------- ?> <p class="white"><b>You are not logged in.</b></p> <table width="100%" border="0" cellspacing="0" cellpadding="1"> <tr> <td><a href="login.php"><font color="#FFCC00">Click here to login</font></a> </td> </tr> <tr> <td><a href="register.php"><font color="#FFCC00">Register a new account</font></a></td> </tr> <tr> <td><a href="password.php"><font color="#FFCC00">Retrieve your password</font></a></td> </tr> </table> <? } else { //------------------------------------------------------------------------------------------- // If login was successfull and session is working, ie $_SESSION['logged_in'] = 1; and these links will replace the above on the members page //------------------------------------------------------------------------------------------- ?> <span class="white"><b>Welcome back <? echo $_SESSION['first_name'];?></b></span> <br /><Br /> <a href = "edit.php"><font color="#FFCC00">Edit your details</font></a><br /> <a href = "logout.php"><font color="#FFCC00">Click here to logout</font></a> <? } ?> </td> </tr> </table> <? //------------------------------------------------------------------------------------------- // This is the bar that only members that are logged in can see //------------------------------------------------------------------------------------------- if ($_SESSION['logged_in']==1){ ?> <table width="100%" border="0" cellspacing="0" cellpadding="5"> <tr> <td height="28">Members links here <a href = "test.php">Here's a test link</a></td> </tr> </table> <? } //----------------------------------------------------------------------------------------- ?> <table width="100%" border="0" cellspacing="0" cellpadding="20"> <tr> <td><? //----------------------------------------------------------------------------------------------------- // If you have a page that you only want members to see, this is the code to check the Session variable //----------------------------------------------------------------------------------------------------- if ($_SESSION['logged_in']!=1){ echo "Members only"; } else { ?> Only logged in members can view this . <? } //---------------------------------------------------------------------------------------------------- ?> </td> </tr> </table> </body> </html> EDITED BY WILDTEEN88: Please use code tags ( ) when posting code within posts. Thank you. Quote Link to comment Share on other sites More sharing options...
igor berger Posted October 19, 2007 Share Posted October 19, 2007 Sorry about the erlier comment not putting html inside echo, I tested it your way and it works. I am from the old school... Okay so your syntax is correct, now lets find out ehat is the problem with $_SESSION['logged_in'] Can you echo it right before the if statement and see what is its value? If you loged in it should be 1 Right? Quote Link to comment Share on other sites More sharing options...
938660 Posted October 19, 2007 Author Share Posted October 19, 2007 hi there, yes it should be 1 if logged in. im just confused now, i dont know why it isnt working. im thinking its my computer- must be! the crazy thing just wont work. you know i almost broke my moniter in anger today Quote Link to comment Share on other sites More sharing options...
igor berger Posted October 19, 2007 Share Posted October 19, 2007 have you tried using echo to see if the variable contains 1 Quote Link to comment Share on other sites More sharing options...
igor berger Posted October 19, 2007 Share Posted October 19, 2007 Check your security settings on your browser to see if you allow to accept cookies. Try setting it to low and clear all your temporary Internet files and cookies and see if it works. For sessions to work cookies must be accepted by the browser. Try another browser like FF if you are using IE and see how it is. Quote Link to comment Share on other sites More sharing options...
938660 Posted October 20, 2007 Author Share Posted October 20, 2007 hi igor - thanks for your help on this post. I uploaded my pages to a webserver and the session works fine without any modifications. Obviously, there is somthing wrong with my php running locally on my machine. regards Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.