burnside Posted November 24, 2007 Share Posted November 24, 2007 i am working on a small login script for a site i am working on. Problem is it wont display the information. the code is : Checklogin.php <?php $title = "SeverancE Dawn of Destruction - Login Security "; include("connect.php"); // username and password sent from signup form $username=$_POST['username']; $password=$_POST['password']; $sql="SELECT * FROM users WHERE username='$username' and password='$password'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:login_success.php"); } else { include("indextop.php"); echo "<strong><font color=\"black\">Unable to login</font></strong><br /> <br /><ul><li>wrong username supplied</li><br /><li>wrong password supplied</li></ul><br /><br /><center><a href=index.php>back</a></center>"; include("indexbottom.php");} ?> witch works and loges you in if the information is correct. But the file below seems to be the problem login_success.php <? session_start(); if(!session_is_registered(username)){ header("location:main_login.php"); } $title = "SeverancE Dawn of Destruction - Members area"; $page = "Login Area"; include("connect.php"); include("top.php"); $check = mysql_query("SELECT * FROM users WHERE username = '$myusername'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) echo " blah blah $info[username <-- [color=red]SOULD display username[/color]]"; include("bottom.php"); ?> it should display the username but doesnt do any thing. [code] [/code] Quote Link to comment Share on other sites More sharing options...
LordOrange Posted November 24, 2007 Share Posted November 24, 2007 You need to put the variable as an and instead of in the inverted commers so: echo "bla bla bla". $info['username']; try that and see if it works. Quote Link to comment Share on other sites More sharing options...
revraz Posted November 24, 2007 Share Posted November 24, 2007 If Register Globals are off, use $_SESSION instead along with session_start(); Quote Link to comment Share on other sites More sharing options...
burnside Posted November 24, 2007 Author Share Posted November 24, 2007 If Register Globals are off, use $_SESSION instead along with session_start(); how you mean?? $_SESSION(username) ?? any help would be gret. Quote Link to comment Share on other sites More sharing options...
burnside Posted November 24, 2007 Author Share Posted November 24, 2007 You need to put the variable as an and instead of in the inverted commers so: echo "bla bla bla". $info['username']; try that and see if it works. no doesnt work sorry just echo " bla bla bla "; Quote Link to comment Share on other sites More sharing options...
odisey Posted November 24, 2007 Share Posted November 24, 2007 Try this: echo '<p> "bla bla bla" ' . $info['username'] . '</p>' ; I spaced stuff out so you can see the single quotes. So you could also say it is 'spaced out!' Marc Quote Link to comment Share on other sites More sharing options...
burnside Posted November 24, 2007 Author Share Posted November 24, 2007 odisey : it doent work i treid all that its got me. Quote Link to comment Share on other sites More sharing options...
LordOrange Posted November 24, 2007 Share Posted November 24, 2007 where have you defined $myusername? Quote Link to comment Share on other sites More sharing options...
revraz Posted November 24, 2007 Share Posted November 24, 2007 You have this in your first script session_register("myusername"); but this in your second if(!session_is_registered(username)) Try changing them to match, either myusername or username. Also, I would think session_is_registered is looking for a string, so try if(!session_is_registered("myusername")) Also, you shouldn't use session_start() along with session_is_registered or session_register. http://us3.php.net/session_is_registered Quote Link to comment Share on other sites More sharing options...
revraz Posted November 24, 2007 Share Posted November 24, 2007 One other question. Since you are validating them in the first code, why are you doing a query again in the second script? If the session was set, then they are logged in correct? Quote Link to comment Share on other sites More sharing options...
burnside Posted November 24, 2007 Author Share Posted November 24, 2007 yeah but ill need to check every page so if not logged in they wont be able to acsess the pages wont i? Quote Link to comment Share on other sites More sharing options...
revraz Posted November 24, 2007 Share Posted November 24, 2007 If you check the Session and it's set, then they are logged in. If the session isn't set, route them back to your Login page. yeah but ill need to check every page so if not logged in they wont be able to acsess the pages wont i? Quote Link to comment Share on other sites More sharing options...
burnside Posted November 24, 2007 Author Share Posted November 24, 2007 If you check the Session and it's set, then they are logged in. If the session isn't set, route them back to your Login page. yeah but ill need to check every page so if not logged in they wont be able to acsess the pages wont i? i dont quite understand what you mean Quote Link to comment Share on other sites More sharing options...
LordOrange Posted November 24, 2007 Share Posted November 24, 2007 I rote a similar page.... have you thaught about using cookies??? Quote Link to comment Share on other sites More sharing options...
revraz Posted November 24, 2007 Share Posted November 24, 2007 Cookies are good for returning users, but not for the initial login nor should it replace sessions once you are navigating the site. Quote Link to comment Share on other sites More sharing options...
burnside Posted November 24, 2007 Author Share Posted November 24, 2007 so what i need to do to get it to work? Quote Link to comment Share on other sites More sharing options...
revraz Posted November 24, 2007 Share Posted November 24, 2007 Read reply #7 and #8 Quote Link to comment Share on other sites More sharing options...
burnside Posted November 24, 2007 Author Share Posted November 24, 2007 i have tired and its still not working. Quote Link to comment Share on other sites More sharing options...
revraz Posted November 24, 2007 Share Posted November 24, 2007 Post your updated code. Quote Link to comment Share on other sites More sharing options...
burnside Posted November 24, 2007 Author Share Posted November 24, 2007 login_success.php <? session_start(); if(!session_is_registered(username)){ header("location:main_login.php"); } $title = "SeverancE Dawn of Destruction - Members area"; $page = "Login Area"; include("connect.php"); include("top.php"); $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) echo " blah blah $info[username] <-- [color=red]SOULD display username[/color]]"; include("bottom.php"); ?> Checklogin.php <?php $title = "SeverancE Dawn of Destruction - Login Security "; include("connect.php"); // username and password sent from signup form $username=$_POST['username']; $password=$_POST['password']; $sql="SELECT * FROM users WHERE username='$username' and password='$password'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $username and $password, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("username"); session_register("password"); header("location:login_success.php"); } else { include("indextop.php"); echo "<strong><font color=\"black\">Unable to login</font></strong><br /> <br /><ul><li>wrong username supplied</li><br /><li>wrong password supplied</li></ul><br /><br /><center><a href=index.php>back</a></center>"; include("indexbottom.php");} ?> i have changed what you have said. sorry im new to this. Quote Link to comment Share on other sites More sharing options...
revraz Posted November 24, 2007 Share Posted November 24, 2007 You are still using session_start() with session_register. In this line here $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); Where are you getting $username from? Quote Link to comment Share on other sites More sharing options...
revraz Posted November 24, 2007 Share Posted November 24, 2007 I'm leaving for the day, if someone else doesn't help you out today, I'll help you work it out tomorrow. We'll do some tests with sessions to make sure they work on your server, then we'll rewrite your code to make it functional. Quote Link to comment Share on other sites More sharing options...
burnside Posted November 24, 2007 Author Share Posted November 24, 2007 okay. thank you i really apriciate it. Quote Link to comment Share on other sites More sharing options...
Wolphie Posted November 24, 2007 Share Posted November 24, 2007 Try this: Login.php <?php session_start(); switch($_GET['do']) { default: echo ' <form action="?do=login" method="post"> Username:<input type="text" name="username" /><br /> Password:<input type="password" name="password" /><br /> <input type="submit" value="Log in" /> </form> '; break; case 'login': $username = mysql_escape_string($_POST['username']); $password = mysql_escape_string($_POST['password']); // $password = mysql_escape_string(MD5($_POST['password'])); if you have MD5 encryption $login = mysql_query(sprintf("SELECT * FROM `users` WHERE `username` = '%s' AND `password` = '%s' LIMIT 1", $username, $password)) or die('Error: ' . mysql_error()); if($obj = mysql_fetch_object($login)) { $_SESSION['valid'] = true; $_SESSION['username'] = $username; $_SESSION['log_date'] = date("m-d-Y"); echo 'Logged in successfully'; } else { $_SESSION['valid'] = false; echo 'The password/username you have entered appears to be invalid. Please try again.'; } break; } ?> UserCP.php // example <?php session_start(); if($_SESSION['valid']) { echo 'Your username is: ' . $_SESSION['username']; echo 'Last login: ' . $_SESSION['log_date']; } else { echo 'You must login to view this page.'; } ?> Quote Link to comment Share on other sites More sharing options...
burnside Posted November 25, 2007 Author Share Posted November 25, 2007 Try this: Login.php <?php session_start(); switch($_GET['do']) { default: echo ' <form action="?do=login" method="post"> Username:<input type="text" name="username" /><br /> Password:<input type="password" name="password" /><br /> <input type="submit" value="Log in" /> </form> '; break; case 'login': $username = mysql_escape_string($_POST['username']); $password = mysql_escape_string($_POST['password']); // $password = mysql_escape_string(MD5($_POST['password'])); if you have MD5 encryption $login = mysql_query(sprintf("SELECT * FROM `users` WHERE `username` = '%s' AND `password` = '%s' LIMIT 1", $username, $password)) or die('Error: ' . mysql_error()); if($obj = mysql_fetch_object($login)) { $_SESSION['valid'] = true; $_SESSION['username'] = $username; $_SESSION['log_date'] = date("m-d-Y"); echo 'Logged in successfully'; } else { $_SESSION['valid'] = false; echo 'The password/username you have entered appears to be invalid. Please try again.'; } break; } ?> UserCP.php // example <?php session_start(); if($_SESSION['valid']) { echo 'Your username is: ' . $_SESSION['username']; echo 'Last login: ' . $_SESSION['log_date']; } else { echo 'You must login to view this page.'; } ?> it works i think thank you. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.