Jump to content

[SOLVED] completly stuck

beansandsausages

By beansandsausages
in PHP Coding Help

Recommended Posts

beansandsausages Regular Member

beansandsausages

Posted
Posted

i am working on a small login script for a site i am working on. Problem is it wont display the information.

 

the code is : Checklogin.php

<?php

$title = "SeverancE Dawn of Destruction - Login Security ";


include("connect.php");

// username and password sent from signup form 
$username=$_POST['username']; 
$password=$_POST['password']; 

$sql="SELECT * FROM users WHERE username='$username' and password='$password'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else { include("indextop.php");
echo "<strong><font color=\"black\">Unable to login</font></strong><br /> <br /><ul><li>wrong username supplied</li><br /><li>wrong password supplied</li></ul><br /><br /><center><a href=index.php>back</a></center>";
	include("indexbottom.php");}
?>

 

witch works and loges you in if the information is correct.

 

But the file below seems to be the problem

 

login_success.php

 


<? 
session_start();
if(!session_is_registered(username)){
header("location:main_login.php");
}


$title = "SeverancE Dawn of Destruction - Members area";
$page = "Login Area"; 


include("connect.php");
include("top.php");


$check = mysql_query("SELECT * FROM users WHERE username = '$myusername'")or die(mysql_error()); 
while($info = mysql_fetch_array( $check )) 



echo " blah blah $info[username <-- [color=red]SOULD display username[/color]]";








include("bottom.php");

?>

it should display the username but doesnt do any thing. 

[code]

[/code]

Link to comment
https://forums.phpfreaks.com/topic/78679-solved-completly-stuck/
Share on other sites
revraz Member

revraz

Posted
Posted

You have this in your first script

 

session_register("myusername");

 

but this in your second

 

if(!session_is_registered(username))

 

Try changing them to match, either myusername or username.  Also, I would think session_is_registered is looking for a string, so try

 

if(!session_is_registered("myusername"))

 

Also, you shouldn't use session_start() along with session_is_registered or session_register.

 

http://us3.php.net/session_is_registered

revraz Member

revraz

Posted
Posted

If you check the Session and it's set, then they are logged in.  If the session isn't set, route them back to your Login page.

 

yeah but ill need to check every page so if not logged in they wont be able to acsess the pages wont i?

beansandsausages Regular Member

beansandsausages

Posted
  • Author
Posted

If you check the Session and it's set, then they are logged in.  If the session isn't set, route them back to your Login page.

 

yeah but ill need to check every page so if not logged in they wont be able to acsess the pages wont i?

 

i dont quite understand what you mean

beansandsausages Regular Member

beansandsausages

Posted
  • Author
Posted

login_success.php

 


<? 
session_start();
if(!session_is_registered(username)){
header("location:main_login.php");
}


$title = "SeverancE Dawn of Destruction - Members area";
$page = "Login Area"; 


include("connect.php");
include("top.php");


$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); 
while($info = mysql_fetch_array( $check )) 



echo " blah blah $info[username] <-- [color=red]SOULD display username[/color]]";








include("bottom.php");

?>

 

Checklogin.php

 

<?php

$title = "SeverancE Dawn of Destruction - Login Security ";


include("connect.php");
// username and password sent from signup form 
$username=$_POST['username']; 
$password=$_POST['password']; 

$sql="SELECT * FROM users WHERE username='$username' and password='$password'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $username and $password, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("username");
session_register("password"); 
header("location:login_success.php");
}
else { include("indextop.php");
echo "<strong><font color=\"black\">Unable to login</font></strong><br /> <br /><ul><li>wrong username supplied</li><br /><li>wrong password supplied</li></ul><br /><br /><center><a href=index.php>back</a></center>";
	include("indexbottom.php");}
?>

 

i have changed what you have said. sorry im new to this.

 

Wolphie Member

Wolphie

Posted
Posted

Try this:

 

 

Login.php

<?php
session_start();

switch($_GET['do'])
{
  default:
    echo '
    <form action="?do=login" method="post">
    Username:<input type="text" name="username" /><br />
    Password:<input type="password" name="password" /><br />
    <input type="submit" value="Log in" />
    </form>
    ';
    break;

  case 'login':
    $username = mysql_escape_string($_POST['username']);
    $password = mysql_escape_string($_POST['password']); // $password = mysql_escape_string(MD5($_POST['password'])); if you have MD5 encryption

    $login = mysql_query(sprintf("SELECT * FROM `users` WHERE `username` = '%s' AND `password` = '%s' LIMIT 1", $username, $password)) 
               or die('Error: ' . mysql_error());

    if($obj = mysql_fetch_object($login))
    {
      $_SESSION['valid'] = true;
      $_SESSION['username'] = $username;
      $_SESSION['log_date'] = date("m-d-Y");
      echo 'Logged in successfully';
    }
    else
    {
      $_SESSION['valid'] = false;
      echo 'The password/username you have entered appears to be invalid. Please try again.';
    }

    break;
}
?>

 

 

UserCP.php // example

 

<?php
session_start();

if($_SESSION['valid'])
{
  echo 'Your username is: ' . $_SESSION['username'];
  echo 'Last login: ' . $_SESSION['log_date'];
}
else
{
   echo 'You must login to view this page.';
}

?>

beansandsausages Regular Member

beansandsausages

Posted
  • Author
Posted

Try this:

 

 

Login.php

<?php
session_start();

switch($_GET['do'])
{
  default:
    echo '
    <form action="?do=login" method="post">
    Username:<input type="text" name="username" /><br />
    Password:<input type="password" name="password" /><br />
    <input type="submit" value="Log in" />
    </form>
    ';
    break;

  case 'login':
    $username = mysql_escape_string($_POST['username']);
    $password = mysql_escape_string($_POST['password']); // $password = mysql_escape_string(MD5($_POST['password'])); if you have MD5 encryption

    $login = mysql_query(sprintf("SELECT * FROM `users` WHERE `username` = '%s' AND `password` = '%s' LIMIT 1", $username, $password)) 
               or die('Error: ' . mysql_error());

    if($obj = mysql_fetch_object($login))
    {
      $_SESSION['valid'] = true;
      $_SESSION['username'] = $username;
      $_SESSION['log_date'] = date("m-d-Y");
      echo 'Logged in successfully';
    }
    else
    {
      $_SESSION['valid'] = false;
      echo 'The password/username you have entered appears to be invalid. Please try again.';
    }

    break;
}
?>

 

 

UserCP.php // example

 

<?php
session_start();

if($_SESSION['valid'])
{
  echo 'Your username is: ' . $_SESSION['username'];
  echo 'Last login: ' . $_SESSION['log_date'];
}
else
{
   echo 'You must login to view this page.';
}

?>

 

it works i think thank you.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.