Include if not logged in...problem

[discoDrive]

Hey guys. Ive got a working login and signup function on the website im developing. Id like to start using include functions to manage content and the first step Id like to take is using an include function to include a login form if the user has not already logged in, or not include if they are already signed in. I dont really have a clue where to start, so if anybody could give me some advice as to what I need to do it would be much appreciated! Thankyou!

[peranha]

Do you track users with sessions or cookies?

[paul2463]

if you are using sessions to prove or disprove that some one is logged in you could use something like

<?php
if(!isset($_SESSION['login'])) {
include("theIncludePage.php");
}
?>

[discoDrive]

How can I tell which method I am using? I tried the code. It includes the form when i load the page, which i wanted, but it doesnt change when I log in. I am returning to the same page, but i want the login form to disapear and be able to add content which cannot be seen when not signed in....im sorry if this doesnt make sense...

[paul2463]

it will show the page initially when you go to the page because a session will not have been started, it is normally started after a successful logon, as I do not know how you control the login of your system I cannot help with much more.

[discoDrive]

Ok im pretty sure I use sessions and not cookies. If i posted the code would it be any help? I dont want to post loads of code because it will just take you a long time to trawl through it all. I could post the php code from my page if it would help you to see how it works?

[peranha]

Do you start the page with session_start()?  but you could post some code to help out.

[discoDrive]

<?php require_once('Connections/conn.php'); ?>
<?php
// *** Validate request to login to this site.
session_start();

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($accesscheck)) {
  $GLOBALS['PrevUrl'] = $accesscheck;
  session_register('PrevUrl');
}

if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "includetest.php";
  $MM_redirectLoginFailed = "index.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_conn, $conn);
  
  $LoginRS__query=sprintf("SELECT username, password FROM members WHERE username='%s' AND password='%s'",
    get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); 
   
  $LoginRS = mysql_query($LoginRS__query, $conn) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $GLOBALS['MM_Username'] = $loginUsername;
    $GLOBALS['MM_UserGroup'] = $loginStrGroup;	      

    //register the session variables
    session_register("MM_Username");
    session_register("MM_UserGroup");

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Untitled Document</title>
</head>

<body>
<form name="login" id="login" method="POST" action="<?php echo $loginFormAction; ?>">
  <label>Username:
  <input type="text" name="username" tabindex="1" />
  </label>
  <label>Password:
  <input type="password" name="password" tabindex="2" />
  <input type="image" name="submit" value="Log In" src="images/go.gif" tabindex="3" alt="Go Button" />
</label></form>
<div id="signup">Login or <a href="signup.php">Sign Up</a></div>
</body>
</html>