zimmer Posted December 8, 2007 Author Share Posted December 8, 2007 change session_start(); if(!session_is_registered(myusername)){ header("location:main_login.php"); } to <?php session_start(); if(!isset($_SESSION['is_logged'])){ header("Location: Login.php"); } ?> I made both changes and now I can not log in, it continues to take me back to the main_login page after each login attempt, but only if i use the correct password. If I use a wrong password, then I get the correct error message. Quote Link to comment Share on other sites More sharing options...
revraz Posted December 8, 2007 Share Posted December 8, 2007 Your Login Page sets the $_SESSION variable and your other page checks it. If you want, post both pages and we can check it for you. Quote Link to comment Share on other sites More sharing options...
zimmer Posted December 8, 2007 Author Share Posted December 8, 2007 Here is what I have listed: main_login.php <?php ob_start(); $hostname='host'; // Host name $username="username"; // Mysql username $password="password"; // Mysql password $db_name="database"; // Database name $tbl_name="table"; // Table name // Connect to server and select databse. mysql_connect("$hostname", "$username", "$password")or die("Couldn't connect to SQL Server on $hostname"); mysql_select_db("$db_name")or die("Couldn't select database on $db_name"); // Define $myusername and $mypassword $myusername=mysql_real_escape_string($_POST['myusername']); $mypassword=mysql_real_escape_string($_POST['mypassword']); $sql="SELECT * FROM ".$tbl_name." WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql) or die(mysql_error()); $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count == 0){ echo "Wrong Username or Password"; } else { // Register $myusername, $mypassword and redirect to file "employees.php" $_SESSION['username'] = $username; $_SESSION['is_logged'] = true; header("Location:employees.php"); } ob_end_flush(); ?> first few lines in employees.php <?php session_start(); if(!isset($_SESSION['is_logged'])){ header("Location: main_login.php"); } ?> <head> Quote Link to comment Share on other sites More sharing options...
revraz Posted December 8, 2007 Share Posted December 8, 2007 There is nothing on your main_login.php to allow you to enter your login info. How do they log in? Quote Link to comment Share on other sites More sharing options...
zimmer Posted December 8, 2007 Author Share Posted December 8, 2007 with this: <head> <body> <table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> <tr> <form name="form1" method="post" action="checklogin.php"> <td> <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td colspan="3"><strong>Member Login </strong></td> </tr> <tr> <td width="78">Username</td> <td width="6">:</td> <td width="294"><input name="myusername" type="text" id="myusername"></td> </tr> <tr> <td>Password</td> <td>:</td> <td><input name="mypassword" type="password" id="mypassword"></td> </tr> <tr> <td> </td> <td> </td> <td><input type="submit" name="Submit" value="Login"></td> </tr> </table> </td> </form> </tr> </table> </body> </head> Quote Link to comment Share on other sites More sharing options...
revraz Posted December 8, 2007 Share Posted December 8, 2007 That calls checklogin.php, you posted main_login.php Quote Link to comment Share on other sites More sharing options...
zimmer Posted December 8, 2007 Author Share Posted December 8, 2007 hm....brb Quote Link to comment Share on other sites More sharing options...
zimmer Posted December 8, 2007 Author Share Posted December 8, 2007 main_login.php <head> <body> <table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> <tr> <form name="form1" method="post" action="checklogin.php"> <td> <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td colspan="3"><strong>Member Login </strong></td> </tr> <tr> <td width="78">Username</td> <td width="6">:</td> <td width="294"><input name="myusername" type="text" id="myusername"></td> </tr> <tr> <td>Password</td> <td>:</td> <td><input name="mypassword" type="password" id="mypassword"></td> </tr> <tr> <td> </td> <td> </td> <td><input type="submit" name="Submit" value="Login"></td> </tr> </table> </td> </form> </tr> </table> </body> </head> checklogin.php <?php ob_start(); $hostname='host'; // Host name $username="user"; // Mysql username $password="password"; // Mysql password $db_name="database"; // Database name $tbl_name="table"; // Table name // Connect to server and select databse. mysql_connect("$hostname", "$username", "$password")or die("Couldn't connect to SQL Server on $hostname"); mysql_select_db("$db_name")or die("Couldn't select database on $db_name"); // Define $myusername and $mypassword $myusername=mysql_real_escape_string($_POST['myusername']); $mypassword=mysql_real_escape_string($_POST['mypassword']); $sql="SELECT * FROM ".$tbl_name." WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql) or die(mysql_error()); $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count == 0){ echo "Wrong Username or Password"; } else { // Register $myusername, $mypassword and redirect to file "employees.php" $_SESSION['username'] = $username; $_SESSION['is_logged'] = true; header("Location:employees.php"); } ob_end_flush(); ?> first few lines in employees.php <?php session_start(); if(!isset($_SESSION['is_logged'])){ header("Location: main_login.php"); } ?> Quote Link to comment Share on other sites More sharing options...
phpSensei Posted December 8, 2007 Share Posted December 8, 2007 Add a session_start(); ON every page on the first line. I thought i fixed your problem, whats wrong now? Quote Link to comment Share on other sites More sharing options...
zimmer Posted December 8, 2007 Author Share Posted December 8, 2007 I thought that was only for pages I wanted only logged in users to see? I changed $_SESSION['username'] = $username; $_SESSION['is_logged'] = true; and <?php session_start(); if(!isset($_SESSION['is_logged'])){ header("Location: main_login.php"); } ?> becuase I used mypassword before and it was not secure, but now I can not log in, but I get the correct "Invalid username/password" error when I use a wrong password. Quote Link to comment Share on other sites More sharing options...
revraz Posted December 8, 2007 Share Posted December 8, 2007 Add session_start(); to your checklogin.php page as the first line under <?PHP Quote Link to comment Share on other sites More sharing options...
zimmer Posted December 8, 2007 Author Share Posted December 8, 2007 Add session_start(); to your checklogin.php page as the first line under <?PHP Well, that did it! Quote Link to comment Share on other sites More sharing options...
phpSensei Posted December 8, 2007 Share Posted December 8, 2007 Every page where you want to use $_SESSION, put on the first line a session_start(); Mark this topic solved please. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.