ChompGator Posted November 30, 2007 Share Posted November 30, 2007 Hello, I used to program quite a bit, and I remember when I was younger and doing it I created a login script once, and every page past the members login page I had to add a little short one-or two line script on all the members page at the top of the page so that when someone tried to access any page passed the members login by just typing in the URL it would re-direct them and say "You are not logged in, please login first, before accessing this page" Any the issue Im having is for the life of me I cannot remember what the script was I used - I remember it was a short script, so Im wondering if anyone out there knows a script I can use to put on all the pages in my members area so that if someone trys to go to a particular url thats for a page in the members area, it will verify if they're logged in or not, and if they're not logged in, it will deny them access? (Login is already set up, just need a verification script as mentioned above) thanks, Quote Link to comment Share on other sites More sharing options...
Daleeburg Posted November 30, 2007 Share Posted November 30, 2007 At the login set a $_SESSION[login] = 1, then every page after that just have this script at the top If ($_SESSION[login] != 1) { #code to tell them redirect them to login } else { # display code for page }; ~D Quote Link to comment Share on other sites More sharing options...
ChompGator Posted November 30, 2007 Author Share Posted November 30, 2007 Modified Post: I have included the script to my handle.php - which handles the information from the form Login Script: (This is the checklogin.php - the script that handles the information from the html form) - I added what you said to add <?php $host="mysql105.mysite4now.com"; // Host name $username="aiim"; // Mysql username $password="k7YuHeFv"; // Mysql password $db_name="login"; // Database name $tbl_name="staff"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $username=$_POST['username']; $password=$_POST['password']; $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row If ($_SESSION[login] != 1) { #http://www.url-to-redirect-them-to-login.com } else { # display html for login }; if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:login_success.php"); } else { echo "Wrong Username or Password"; } ?> I know there are some errors in this scripting, but could you perhaps mention some errors/what to take out/what to add, and Ill clean it up, I haven't done php in so many years its all slowly coming back to me lol Thanks, Quote Link to comment Share on other sites More sharing options...
asmith Posted November 30, 2007 Share Posted November 30, 2007 look at this : <?php $host="mysql105.mysite4now.com"; // Host name $username="aiim"; // Mysql username $password="k7YuHeFv"; // Mysql password $db_name="login"; // Database name $tbl_name="staff"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $username=$_POST['username']; $password=$_POST['password']; $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" $_SESSION[login] = true; header("location:login_success.php"); } else { echo "Wrong Username or Password"; } ?> then at the top of all your "user" pages : if (!isset(S_SESSION[login])) {header:("location : loginpage.php"); exit;} by the way don't use session_register, it is out of date, you don't need that, see my code above Quote Link to comment Share on other sites More sharing options...
Daleeburg Posted November 30, 2007 Share Posted November 30, 2007 No, i must have you confused In the Login script add this line $_SESSION[login] = 1; In the pages that you want to only be used by people that are logged in put this If ($_SESSION[login] != 1) { #http://www.url-to-redirect-them-to-login.com } else { # Members only content, This will have a lot of stuff in it }; The idea being that when they login a Session variable is made, which travels with them from page to page and only get destroyed when they go away from the site. Since we set the value of the session variable we can check for that value and if it exist we know they are logged in so they can see the content, else they are are redirected to a login page. ~D ps. please use code boxes pss. asmith up there has a really easy solution, you should give it a try. Quote Link to comment Share on other sites More sharing options...
gtal3x Posted November 30, 2007 Share Posted November 30, 2007 Dont post your sql username and passowrd in forum no point in that Quote Link to comment Share on other sites More sharing options...
revraz Posted November 30, 2007 Share Posted November 30, 2007 You need session_start(); at the top of each page. Quote Link to comment Share on other sites More sharing options...
ChompGator Posted November 30, 2007 Author Share Posted November 30, 2007 Thank you for your input everyone, Ill give it a try to make sure it all works, thanks! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.