burge124 Posted February 29, 2008 Share Posted February 29, 2008 hi i have successfully created a login/logout page and register pages that work fine... what im wondering is if a user logs in then moves to another page does php recognize that the user is still the same user or do i have to include code at the top of everypage? such as session etc.... thanks Quote Link to comment Share on other sites More sharing options...
deansatch Posted February 29, 2008 Share Posted February 29, 2008 You will have to include session_start() and your "is user logged in?" verification code on every page that is just for registered users, otherwise anyone can view them. As long as you don't kill the session, they should be able to navigate away to other non-registered pages of your site and come back and still be logged in. Quote Link to comment Share on other sites More sharing options...
burge124 Posted February 29, 2008 Author Share Posted February 29, 2008 hi further to my original question i have this login checker.... // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $UserName=$_POST['UserName']; $Password=$_POST['Password']; $_SESSION["UserName"] = $user["UserName"]; $sql="SELECT * FROM $tbl_name WHERE username='$UserName' and password='$Password'"; $result=mysql_query($sql); if($result){ } on another page i want to just echo the current users name got session_start(); at the top then is it echo "your username is "$_SESSION["UserName']"; or echo $user['UserName']; i need to put or is it something else? thanks Quote Link to comment Share on other sites More sharing options...
deansatch Posted February 29, 2008 Share Posted February 29, 2008 your username is "$_SESSION["UserName']"; But make sure you put a "logged in check" at the start of each page as well. Quote Link to comment Share on other sites More sharing options...
burge124 Posted February 29, 2008 Author Share Posted February 29, 2008 how do i create a logged in check? Quote Link to comment Share on other sites More sharing options...
conker87 Posted February 29, 2008 Share Posted February 29, 2008 At the top of your pages you want to protect, use: session_start(); $sql="SELECT * FROM $tbl_name WHERE username='{$_SESSION['UserName']}'"; $result=mysql_query($sql); if($result){ // Your user is logged in, page here. } else { // Your user is not logged in, display error. } I hope you're encrypting your password and sanitise your inputs. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.