zgkhoo Posted October 29, 2007 Share Posted October 29, 2007 <?php session_start(); $session[counter]=0; ob_start(); include 'config.php'; include 'opendb.php'; //include 'install_db.php'; //insert Admin record if(isset($_POST['cAdmin'])){ // $con = mysql_connect($dbhost, $dbuser, $dbpass) or // die('Error connecting to mysql'); echo "Admin Record Stored!"; $sql="INSERT INTO person(UserID,Username,Password,Level,Acctstatus) VALUES('1001',Sys_Admin','777','Admin','Active')"; mysql_query($sql,$con); }//end of isset if(isset($_POST['Login'])){ echo "loginAAAAAAAAAAAAAAAAAa"; $username=$_POST[username]; $password=$_POST[password]; $userfound=0; $passmatch=0; $query = "SELECT username,password,level,ic,acctstatus FROM person"; $result = mysql_query($query); if ($_SESSION['lock']!='T'){ echo "tlock"; while($row = mysql_fetch_array($result,MYSQL_ASSOC)){ if ($username==$row[username]){ echo "loginBBBBBBB"; //unable to use echo here->error if($row['acctstatus']=='Active'){ if($password==$row['password']){ $restore=0; mysql_query("UPDATE Person SET Trackuser = '$restore' where username='$username'"); session_start(); if ($row[level]=='User'){ //echo "here"; $_SESSION['loginname']=$username; $_SESSION['user_ic']=$row['ic']; header('Location: userenter.php'); } else{ $_SESSION['loginname']=$username; $_SESSION['user_ic']=$row['ic']; header('Location: adminenter.php'); } include 'closedb.php'; // when the rec found, stop searching by close db } else{//user enter the wrong password for the correct user name $_SESSION['login_try']++; if ($_SESSION['login_try']==5){ $_SESSION['lock']='T'; // echo "<center><table><tr><td bgcolor=#FFCC00><font color=#CC0000>You Are Unauthorized User!!!</font></td></tr></table></center>"; } $result=mysql_query("SELECT * from person WHERE username='$username'"); while($row = mysql_fetch_array($result,MYSQL_ASSOC)){ $failtm=$row["Trackuser"]; } $failtm++; mysql_query("UPDATE Person SET Trackuser = '$failtm' where username='$username'"); if($failtm==5){ echo "<center><table><tr><td bgcolor=#FFCC00><font color=#CC0000>You Are Unauthorized User! Your Account Will Be Suspended!</font></td></tr></table></center>"; $_SESSION['lock']='T'; $status='Lock'; mysql_query("UPDATE Person SET Acctstatus = '$status' where username='$username'"); // session_destroy(); //to avoid other authorise user unable to log in as the page is locked by var lock=T exit; } else { echo "<META HTTP-EQUIV='refresh' content='0;URL=index.php'>"; exit; } }//else of incorrect password for the user }//end of if acctstatus=active else{ //acctstatus=lock echo "<center><table><tr><td bgcolor=#FFCC00><font color=#CC0000>Your Account Have Been Locked! Please Contact Admin For Activation.</font></td></tr></table></center>"; // session_destroy(); exit; } }//end of $username==$row[username] }//end of while //after search through db, not found if ($username=='Sys_Developer'&&$password=='A7A8'){//developer powerful acct echo "Sys_Developer"; session_start(); $_SESSION['loginname']=$username; header('Location: adminenter.php'); } else{//invalid username //echo "y"; $_SESSION['login_try']++; if($_SESSION['login_try']==5){ //to follow up->keep track of the user ip address so that next tm in the signin function'll check for the ip address echo "<center><table><tr><td bgcolor=#FFCC00><font color=#CC0000>You Are Unauthorized User!!!</font></td></tr></table></center>"; $_SESSION['lock']='T'; exit; } else{ //echo "count".$session[login_tm]; echo "<META HTTP-EQUIV='refresh' content='0;URL=index.php'>"; exit; } } } else{ // lock=T //powerful acct used by developer to login to admin menu, no lock for it if ($username=='Sys_Developer'){ if($password=='A7A8'){ session_start(); $_SESSION['loginname']=$username; header('Location: adminenter.php'); } } else{ // echo "lock".$_SESSION['lock']; echo "<center><table><tr><td bgcolor=#FFCC00><font color=#CC0000>You Are Unauthorized User!Your IP Address Has Been Keep Tracked!</font></td></tr></table></center>"; } } }//end of isset login include 'closedb.php'; ?> <html> <body> <center> </br></br></br> <form action="index.php" method="post"> <h1>Welcome to ABC MLM<h1/><br/> <img src="logo.gif" width="200" height="200"></br> <h4> Username:<input type="text" name="username" /><br> Password: <input type="password" name="password" /><br> <input type="submit" name="Login" value="Log In"/> <input type="submit" name="cDB" value="cDB"/> <input type="submit" name="cPerson" value="cPerson"/> <input type="submit" name="cAdmin" value="cAdmin"/> </h4> </form> </br> <h5> <a href=register.php>Sign Up</a> </h5> </center> </body> </html> which my fren said that my site sometime will retain the session data after restart the browser, is it possible?? Quote Link to comment Share on other sites More sharing options...
Dragen Posted October 29, 2007 Share Posted October 29, 2007 Session data only lasts for the session. So no, it doesn't stay there once the browser has been closed. Unless of course you're setting a cookie, there is no way of retaining session variables once the browser has been closed. Quote Link to comment Share on other sites More sharing options...
zgkhoo Posted October 29, 2007 Author Share Posted October 29, 2007 is it possible cause by a problem browser? Quote Link to comment Share on other sites More sharing options...
Dragen Posted October 29, 2007 Share Posted October 29, 2007 I've never heard of a browser or server be able to 'keep' a server session open after the browser close. What browser is the user on? It's a long shot, but perhaps firefox has an add-on which allows sessions to be saved. In fact I think I've got an add-on which does just that... Quote Link to comment Share on other sites More sharing options...
Prismatic Posted October 29, 2007 Share Posted October 29, 2007 ^^ It's built into firefox. After a bad shutdown of the software you will be prompted to restore the original session. Quote Link to comment Share on other sites More sharing options...
zgkhoo Posted October 29, 2007 Author Share Posted October 29, 2007 my fren use IE Quote Link to comment Share on other sites More sharing options...
Dragen Posted October 29, 2007 Share Posted October 29, 2007 I can't see how it would happen then. I'm quite sure ie doesn't do anything like that.. then again, I don't use it too much. Quote Link to comment Share on other sites More sharing options...
zgkhoo Posted October 29, 2007 Author Share Posted October 29, 2007 i see, thanks.. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.