Exc.BluePhoenix Posted February 8, 2008 Share Posted February 8, 2008 Hello, I having a problem with the script below, its supposed to be a simple login system, however when I run it, it does absolutely nothing. I am testing it on my local computer using WAMP 1.7.2. My reasoning on what this does is as follows: It checks to be sure the user is not logged in, if the user is, it tells them, gives links and it exits. If you are not it, a query is perform to look for user and pass in a db, if no results is returned, give error message, if something is found, give links so that they can proceed. However, once again, nothing is return when I put text in the form and click login, not even an error message. Any suggestion are greatly appreciated as to what is the problem here, thank you in advance. <?php session_start() ?> <?php $links = "<A HREF='form.htm'>Click here to proceed to the Main Page</A><BR><BR>"; $links .="<A HREF='logout.php'>Click here to log out.</A>"; if ($user && $pass) { /* This is a test condition, to see if the user is already logged in*/ if($logged_in_user == $user) { /*This exact condition is what check if the user is already logged in*/ echo $user.", You are already logged in.<BR><BR>"; echo $links; exit; } /* Not logged in user, or using a diff name*/ $db=mysql_connect("localhost","user","password") or die(mysql_error()) ; mysql_select_db("userlist",$db); $result = mysql_query("SELECT * FROM users WHERE username = '".$user."' AND password = PASSWORD('".$pass."')"); if(!$result) { /* If the result is not return*/ echo "Sorry, there seems to be a problem at the moment, we cannot enter you details, please try again later"; exit; } if(mysql_num_rows($result) > 0) { $logged_in_user = $user; session_register("logged_in_user"); echo "Welcome, ".$logged_in_user.".<BR><BR>"; echo $links; exit; } else { echo "Invalid login. Please try again, thank you!.<BR><BR>"; } } else if ($user || $pass) { echo "Please fill in both fields.<BR><BR>"; } ?> This is the form that goes with it. <form method="post" action="login.php"> Username: <input name="user" type="text"> Password: <input name="pass" type="password"> <input type="submit" value="Login"> </form> Quote Link to comment Share on other sites More sharing options...
phpSensei Posted February 8, 2008 Share Posted February 8, 2008 And this is? if ($user && $pass) Quote Link to comment Share on other sites More sharing options...
Exc.BluePhoenix Posted February 8, 2008 Author Share Posted February 8, 2008 That is supposed to be a test condition. If the user is logged in already then those variables should be available, therefore the script goes and echo you are already logged in, and then shows the links. Please know that is what I think it does, I can very much be wrong, if you know a better way please let me know. Thanks for you quick reply. Quote Link to comment Share on other sites More sharing options...
phpSensei Posted February 8, 2008 Share Posted February 8, 2008 Well there is nowhere in your script where it says: $user = $_SESSION['user']; $pass = $_SESSION['pass']; therefor the script wont run Quote Link to comment Share on other sites More sharing options...
Exc.BluePhoenix Posted February 8, 2008 Author Share Posted February 8, 2008 Thanks for the reply once again. However, what do they do? I still try to place them in my script, it still does not run, I put under the $links. A thing that it does do know, is that if i put a name and pass, I login, it loads, does nothing, if I erase the name and password and click the login again, it puts back the name and pass in the textbox. Does not know if that helps identify the problem. Thanks again. Quote Link to comment Share on other sites More sharing options...
phpSensei Posted February 8, 2008 Share Posted February 8, 2008 Never put the password in the session first of all, big security risk and hackers can sometimes print it out. Sessions are used to pass data from page to page, $_SESSION['new_session_name'] this initalisez the current session name or creates one. In order to keep track of users and data on your website, lets say for a logged in user, you use $_SESSION(s) or $_COOKIE(s). The difference is that a Session is ended when broswer is closed, but Cookies can stay as long as you want them to. You can even add a time() function to set the expiration in seconds for the cookies. $user is supose to check if the username session is online, this session contains the logged in user's username. $logged_in_user = $user; session_register("logged_in_user"); echo "Welcome, ".$logged_in_user.".<BR><BR>"; echo $links; As you can see, you didnt set the username session, to keep track of this user. So change that piece of code to $logged_in_user = $user; session_register("logged_in_user"); $_SESSION['user'] = $user; echo "Welcome, ".$logged_in_user.".<BR><BR>"; echo $links; And replace the top with this: <?php session_start(); $user = $_SESSION['username']; $logged_in_user = $_SESSION['logged_in_user']; $links = "<A HREF='form.htm'>Click here to proceed to the Main Page</A><BR><BR>"; $links .="<A HREF='logout.php'>Click here to log out.</A>"; if ($user) { /* This is a test condition, to see if the user is already logged in*/ if($logged_in_user == $user) { /*This exact condition is what check if the user is already logged in*/ echo $user.", You are already logged in.<BR><BR>"; echo $links; exit; } Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.