[SOLVED] Loging Problems!! (Cant set it up)

mikebyrne · November 30, 2007

I'm trying to get my login screen working but im getting loads of errror:

Warning: session_register() [function.session-register]: Cannot send session cookie - headers already sent by (output started at C:\xampp\htdocs\checklogin.php:2) in C:\xampp\htdocs\checklogin.php on line 23

Warning: session_register() [function.session-register]: Cannot send session cache limiter - headers already sent (output started at C:\xampp\htdocs\checklogin.php:2) in C:\xampp\htdocs\checklogin.php on line 23

Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\checklogin.php:2) in C:\xampp\htdocs\checklogin.php on line 25

Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0

My code is:

Main Login

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>

Checklogin

<?php
ob_start();

include('config.php');

// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

$tbl_name2="users";


$sql="SELECT * FROM $tbl_name2 WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}

ob_end_flush();
?>

Confirm

<?php
include('config.php');

// Passkey that got from link
## added here
if (!isset($_GET['passkey']))
{
echo "Error here :: Validation Failed";
}else{
//Cleanup
$passkey = mysql_escape_string($_GET['passkey']);

## table name
$tbl_name="temp_users";
$tbl_name2="users";

// after connecting succesfully: 
$sql1 = "SELECT * FROM $tbl_name WHERE confirm_code ='$passkey'";
$result = mysql_query($sql1) or die(mysql_error());
$found = mysql_num_rows( $result);
if($found > 0)
{
	//Don't need loop as only 1 record is valid per passkey
	$row = mysql_fetch_array($result);
	$sql2="INSERT INTO $tbl_name2(name, address, address1, address2, address3, address4, county, zip, telephone, email, username, password, user)VALUES('".$row['name'] . "', '".$row['address'] . "', '".$row['address1'] . "', '".$row['address2'] . "', '".$row['address3'] . "', '".$row['address4'] . "', '".$row['county'] . "', '".$row['zip'] . "', '".$row['telephone'] . "', '".$row['email'] . "', '".$row['username'] . "', '".$row['password'] . "', 1)";
	$result2=mysql_query($sql2)or die(mysql_error());
	echo "Your account has been activated";
	$sql3="DELETE FROM $tbl_name WHERE confirm_code = '$passkey'";
	$result3=mysql_query($sql3)or die(mysql_error());
}else{
	echo "Error here :: PASSKEY NOT FOUND ";
}
}
?>

Loginsuccess

// Check if session is not registered , redirect back to main page.
// Put this code in first line of web page.
<?php
session_start();
if(!session_is_registered(myusername)){
header("location:main_login.php");
}
?>

<html>
<body>
Login Successful
</body>
</html>

MadTechie · November 30, 2007

try this

<?php
include('config.php');

if(isset($_POST['myusername']) && isset($_POST['mypassword']))
{
session_start();
// Define $myusername and $mypassword
$myusername=mysql_escape_string($_POST['myusername']);
$mypassword=mysql_escape_string($_POST['mypassword']);

$tbl_name2="users";

$sql="SELECT * FROM $tbl_name2 WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1)
{
	$row = mysql_fetch_assoc($result);
	// Register $myusername, $mypassword and redirect to file "login_success.php"
	$_SESSION['myusername'] = $row['username'];
	$_SESSION['mypassword'] = $row['password'];
	header("Location: login_success.php");
}else{
	echo "Wrong Username or Password";
}
}
?>

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>

<?php
// Check if session is not registered , redirect back to main page.
// Put this code in first line of web page.
session_start();
if(isset($_SESSION['myusername']))
{
header("Location: main_login.php");
}
?>

<html>
<body>
Login Successful
</body>
</html>

please read, the code and make sure it makes sense

PS Confirm looks okay

This hasn't been tested at all !!

dodgy · November 30, 2007

Make sure that their is no output to the browser in any of your files that gets called before the session_start() function ie.

No white spaces before "<?php" or after the "?>" in your files Not even html comments link

Hope this helps

mikebyrne · November 30, 2007

It seems to take in the code but just displays the login screen again

MadTechie · November 30, 2007

OPPS add the ! to the if see below

<?php
// Check if session is not registered , redirect back to main page.
// Put this code in first line of web page.
session_start();
if(!isset($_SESSION['myusername']))
{
header("Location: main_login.php");
}
?>

<html>
<body>
Login Successful
</body>
</html>

mikebyrne · November 30, 2007

Brilliant!!

Now what i wanted to do was but a bit of rediredtion because I've 2 types of users

the code for users = 1 admin =0

I wanted something like this but cant seem to get it to work!

$defaultPage = "customer/index.php";

if($rows['user'] == "1")

{

$defaultPage = "emp/index.php";

}

header("location:$defaultPage");

MadTechie · November 30, 2007

looks ok to me.. whats the problem ?

mikebyrne · November 30, 2007

Jesus, It the first bit of code I got right all day!! LOL

Just not sure where to place it

MadTechie · November 30, 2007

What about this

<?php
// Check if session is not registered , redirect back to main page.
// Put this code in first line of web page.
session_start();
if(!isset($_SESSION['myusername']))
{
header("Location: main_login.php");
}
if(isset($_SESSION['type']))
{
switch($_SESSION['type'])
{
	case "Emp":
		$defaultPage = "emp/index.php";
	break;
	default:
	case "Cust":
		$defaultPage = "customer/index.php";
	break;
}
header("Location: $defaultPage");
}
//the HTML below is unused.. might as well remove it 
?>

<html>
<body>
Login Successful
</body>
</html>

and change the login.php

	$row = mysql_fetch_assoc($result);
	// Register $myusername, $mypassword and redirect to file "login_success.php"
	$_SESSION['myusername'] = $row['username'];
	$_SESSION['mypassword'] = $row['password'];

to

	$row = mysql_fetch_assoc($result);
	// Register $myusername, $mypassword and redirect to file "login_success.php"
	$_SESSION['myusername'] = $row['username'];
	$_SESSION['mypassword'] = $row['password'];
	$_SESSION['type'] = ($row['user']==1)?"Emp":"Cust";

make sence ?

revraz · November 30, 2007

What I would do is just set a $_SESSION variable when they log in to Admin=True or along those lines and then just check it on any page you need Admin rights.

Brilliant!!

Now what i wanted to do was but a bit of rediredtion because I've 2 types of users

the code for users = 1 admin =0

I wanted something like this but cant seem to get it to work!

$defaultPage = "customer/index.php";

if($rows['user'] == "1")

{

$defaultPage = "emp/index.php";

}

header("location:$defaultPage");

mikebyrne · November 30, 2007

Could you emplain the line:

$_SESSION['type'] = ($row['user']==1)?"Emp":"Cust";

not sure why the "Emp":"Cust" is there

revraz · November 30, 2007

The : acts as a Else. So if row user =1 then its a Emp, otherwise it's a Cust.

mikebyrne · November 30, 2007

I want it to be if its a 1 its a customer and a 0 is an employee

adam291086 · November 30, 2007

$_SESSION['type'] = ($row['user']==1)?"Emp":"Cust";

like revraz said

At the moment u have if user = 1 then Emp else Cust

So if you want the opposit switch Emp with Cust

mikebyrne · November 30, 2007

Thanks!!

mikebyrne · November 30, 2007

Whatever way I log in I still get the customer page?? I checked that the user filed is either 1 or 0 for each log

revraz · November 30, 2007

Echo $_SESSION['type'] and $row['user'] to see what they contain.

mikebyrne · November 30, 2007

I've change customerindex.php to this:

<?php
echo "Customer Page";
Echo $_SESSION['type'] ; 
Echo $row['user'] ;
?>

But the only output is Customer PAge

revraz · November 30, 2007

You need session_start(); at the top of each page in order for the $_SESSION variables to pass.

mikebyrne · November 30, 2007

The output on the Cutomer page is now

Customer PageCust

mikebyrne · November 30, 2007

The output is the same if I log in as Admin

revraz · November 30, 2007

So your row doesn't match your session.

Lets see your code again for what it's comparing. Is it still

 $_SESSION['type'] = ($row['user']==1)?"Cust":"Emp";

mikebyrne · November 30, 2007

No it wasn't

$_SESSION['type'] = ($row['user']==1)?"Emp":"Cust";

But when I swapped them the opposite is happening ie Imjust getting the empindex.php page for both users

revraz · November 30, 2007

The thing is, you don't have Admin listed as something to compare to.

How many Roles do you have, what are their numbers in your DB, and what are their names.

mikebyrne · November 30, 2007

The filed im comparing is the users field in the Users table. Each person who registers get a 1 in the users column. I put in the admin will have a 0 in the users column

Sign In

[SOLVED] Loging Problems!! (Cant set it up)

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Archived

Important Information