Jump to content

[SOLVED] completly stuck

beansandsausages

By beansandsausages
in PHP Coding Help

 Share

Recommended Posts

beansandsausages Regular Member

beansandsausages

Posted
Posted

i am working on a small login script for a site i am working on. Problem is it wont display the information.

 

the code is : Checklogin.php

<?php

$title = "SeverancE Dawn of Destruction - Login Security ";


include("connect.php");

// username and password sent from signup form 
$username=$_POST['username']; 
$password=$_POST['password']; 

$sql="SELECT * FROM users WHERE username='$username' and password='$password'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else { include("indextop.php");
echo "<strong><font color=\"black\">Unable to login</font></strong><br /> <br /><ul><li>wrong username supplied</li><br /><li>wrong password supplied</li></ul><br /><br /><center><a href=index.php>back</a></center>";
	include("indexbottom.php");}
?>

 

witch works and loges you in if the information is correct.

 

But the file below seems to be the problem

 

login_success.php

 


<? 
session_start();
if(!session_is_registered(username)){
header("location:main_login.php");
}


$title = "SeverancE Dawn of Destruction - Members area";
$page = "Login Area"; 


include("connect.php");
include("top.php");


$check = mysql_query("SELECT * FROM users WHERE username = '$myusername'")or die(mysql_error()); 
while($info = mysql_fetch_array( $check )) 



echo " blah blah $info[username <-- [color=red]SOULD display username[/color]]";








include("bottom.php");

?>

it should display the username but doesnt do any thing. 

[code]

[/code]

Link to comment
https://forums.phpfreaks.com/topic/78679-solved-completly-stuck/
Share on other sites
revraz Member

revraz

Posted
Posted

You have this in your first script

 

session_register("myusername");

 

but this in your second

 

if(!session_is_registered(username))

 

Try changing them to match, either myusername or username.  Also, I would think session_is_registered is looking for a string, so try

 

if(!session_is_registered("myusername"))

 

Also, you shouldn't use session_start() along with session_is_registered or session_register.

 

http://us3.php.net/session_is_registered

revraz Member

revraz

Posted
Posted

If you check the Session and it's set, then they are logged in.  If the session isn't set, route them back to your Login page.

 

yeah but ill need to check every page so if not logged in they wont be able to acsess the pages wont i?

beansandsausages Regular Member

beansandsausages

Posted
  • Author
Posted

If you check the Session and it's set, then they are logged in.  If the session isn't set, route them back to your Login page.

 

yeah but ill need to check every page so if not logged in they wont be able to acsess the pages wont i?

 

i dont quite understand what you mean

beansandsausages Regular Member

beansandsausages

Posted
  • Author
Posted

login_success.php

 


<? 
session_start();
if(!session_is_registered(username)){
header("location:main_login.php");
}


$title = "SeverancE Dawn of Destruction - Members area";
$page = "Login Area"; 


include("connect.php");
include("top.php");


$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); 
while($info = mysql_fetch_array( $check )) 



echo " blah blah $info[username] <-- [color=red]SOULD display username[/color]]";








include("bottom.php");

?>

 

Checklogin.php

 

<?php

$title = "SeverancE Dawn of Destruction - Login Security ";


include("connect.php");
// username and password sent from signup form 
$username=$_POST['username']; 
$password=$_POST['password']; 

$sql="SELECT * FROM users WHERE username='$username' and password='$password'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $username and $password, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("username");
session_register("password"); 
header("location:login_success.php");
}
else { include("indextop.php");
echo "<strong><font color=\"black\">Unable to login</font></strong><br /> <br /><ul><li>wrong username supplied</li><br /><li>wrong password supplied</li></ul><br /><br /><center><a href=index.php>back</a></center>";
	include("indexbottom.php");}
?>

 

i have changed what you have said. sorry im new to this.

 

revraz Member

revraz

Posted
Posted

I'm leaving for the day, if someone else doesn't help you out today, I'll help you work it out tomorrow.

We'll do some tests with sessions to make sure they work on your server, then we'll rewrite your code to make it functional.

Wolphie Member

Wolphie

Posted
Posted

Try this:

 

 

Login.php

<?php
session_start();

switch($_GET['do'])
{
  default:
    echo '
    <form action="?do=login" method="post">
    Username:<input type="text" name="username" /><br />
    Password:<input type="password" name="password" /><br />
    <input type="submit" value="Log in" />
    </form>
    ';
    break;

  case 'login':
    $username = mysql_escape_string($_POST['username']);
    $password = mysql_escape_string($_POST['password']); // $password = mysql_escape_string(MD5($_POST['password'])); if you have MD5 encryption

    $login = mysql_query(sprintf("SELECT * FROM `users` WHERE `username` = '%s' AND `password` = '%s' LIMIT 1", $username, $password)) 
               or die('Error: ' . mysql_error());

    if($obj = mysql_fetch_object($login))
    {
      $_SESSION['valid'] = true;
      $_SESSION['username'] = $username;
      $_SESSION['log_date'] = date("m-d-Y");
      echo 'Logged in successfully';
    }
    else
    {
      $_SESSION['valid'] = false;
      echo 'The password/username you have entered appears to be invalid. Please try again.';
    }

    break;
}
?>

 

 

UserCP.php // example

 

<?php
session_start();

if($_SESSION['valid'])
{
  echo 'Your username is: ' . $_SESSION['username'];
  echo 'Last login: ' . $_SESSION['log_date'];
}
else
{
   echo 'You must login to view this page.';
}

?>

beansandsausages Regular Member

beansandsausages

Posted
  • Author
Posted

Try this:

 

 

Login.php

<?php
session_start();

switch($_GET['do'])
{
  default:
    echo '
    <form action="?do=login" method="post">
    Username:<input type="text" name="username" /><br />
    Password:<input type="password" name="password" /><br />
    <input type="submit" value="Log in" />
    </form>
    ';
    break;

  case 'login':
    $username = mysql_escape_string($_POST['username']);
    $password = mysql_escape_string($_POST['password']); // $password = mysql_escape_string(MD5($_POST['password'])); if you have MD5 encryption

    $login = mysql_query(sprintf("SELECT * FROM `users` WHERE `username` = '%s' AND `password` = '%s' LIMIT 1", $username, $password)) 
               or die('Error: ' . mysql_error());

    if($obj = mysql_fetch_object($login))
    {
      $_SESSION['valid'] = true;
      $_SESSION['username'] = $username;
      $_SESSION['log_date'] = date("m-d-Y");
      echo 'Logged in successfully';
    }
    else
    {
      $_SESSION['valid'] = false;
      echo 'The password/username you have entered appears to be invalid. Please try again.';
    }

    break;
}
?>

 

 

UserCP.php // example

 

<?php
session_start();

if($_SESSION['valid'])
{
  echo 'Your username is: ' . $_SESSION['username'];
  echo 'Last login: ' . $_SESSION['log_date'];
}
else
{
   echo 'You must login to view this page.';
}

?>

 

it works i think thank you.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.