nano Posted March 1, 2008 Share Posted March 1, 2008 Hey Guys, For the past few weeks now I have been pulling out my hair as I can never seem to get the simplest of login scripts working! I think it's something to do with the sessions not registering.. but I could be wrong. Let me show you some code snipets that I have in use, and maybe you guys can see where I have gone wrong. database.php <?php $conn = mysql_connect("localhost", "user", "password") or die(mysql_error()); mysql_select_db('stream_simple', $conn) or die(mysql_error()); ?> login.php <form name="login_form" id="login_form" action="logon.php" method="post"> <font class="login_content">Email:</font> <input name="email" type="text" maxlength="50" id="email" class="member_boxes"> <font class="login_content">Password:</font> <input name="password" type="password" maxlength="15" id="password" class="member_boxes"> <input type="checkbox" name="remember" value="rememberme" /> Remeber me on this computer <font class="forgot">I cannot login to my account</font> <input type="submit" value="Sign In" id="sign_in" name="Submit"> </form> logon.php (checks login) <?php session_start(); include("database/database.php"); $tbl_name="user_system"; $email=stripslashes($_POST['email']); $password=stripslashes($_POST['password']); $encpass = md5($password); mysql_real_escape_string($email); mysql_real_escape_string($password); $sql="SELECT * FROM $tbl_name WHERE email='$email' and password='$encpass'"; $result=mysql_query($sql); $count=mysql_num_rows($result); if($count==1){ session_register("email"); session_register("password"); echo "<meta http-equiv='refresh' content='0;url=members.php'>"; } else { session_destroy(); echo "<meta http-equiv='refresh' content='0;url=failed.php'>"; } ?> members.php <?php session_start(); if(!session_is_registered(email)){ header("location:login.php"); } ?> The problem I seem to have, if I remove the php from the top of members.php - it will redirect to the page fine, which means to me, that the login and logon are both working. As soon as I add the session check to the members.php page, it will always redirect to login.php! I have tested the logon.php by printing the $sql, $result and $count - all looked ok. Sorry for the messy code and any help would be appreciated! Thanks guys. Quote Link to comment Share on other sites More sharing options...
harristweed Posted March 1, 2008 Share Posted March 1, 2008 I use: if(!isset($_SESSION[email]) it seems to work for me. Quote Link to comment Share on other sites More sharing options...
nano Posted March 1, 2008 Author Share Posted March 1, 2008 That doesn't seem to work for me either.. Ive noticed it's like my sessions are not being stored? for example... I put this in my logon.php for when user entered correct information: $_SESSION['password']=test; header("location:members.php"); then my members.php has this at the top: <?php session_start(); echo "password=". $_SESSION['password']; ?> Nothing will be shown on the members page which means to me, the sessions are not stored or being transferred to the next page? I have enabled cookies, sessions and tried on a couple of different PC's Cheers. Quote Link to comment Share on other sites More sharing options...
trq Posted March 1, 2008 Share Posted March 1, 2008 session_register() has long been depricated, don't use it. And here.... $_SESSION['password']=test; you set $_SESSION['password'] to the undefined constant test. Hence it show up empty later. Quote Link to comment Share on other sites More sharing options...
nano Posted March 1, 2008 Author Share Posted March 1, 2008 relating to one of your previous posts thorpe http://www.phpfreaks.com/forums/index.php/topic,166472.0.html and with the points taken on board, I don't understand how this still doesn't work... am I doing something seriously wrong? logon.php <?php include("database/database.php"); $tbl_name="user_system"; $email=stripslashes($_POST['email']); $password=stripslashes($_POST['password']); $encpass = md5($password); mysql_real_escape_string($email); mysql_real_escape_string($password); $sql="SELECT * FROM $tbl_name WHERE email='$email' and password='$encpass'"; $result=mysql_query($sql); $count=mysql_num_rows($result); if($count==1){ session_start(); $_SESSION['email']=$email; echo "<meta http-equiv='refresh' content='0;url=members.php'>"; } else { session_destroy(); echo "<meta http-equiv='refresh' content='0;url=failed.php'>"; } ?> members.php <?php session_start(); if (!isset($_SESSION['email'])){ header("Location:login.php"); exit(); } ?> It will always just divert me to login.php as stated in the members.php header.. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted March 1, 2008 Share Posted March 1, 2008 Put the following two lines in after your first opening <?php tag in both of your php scripts to get php to show any errors that might be preventing the session from working - ini_set ("display_errors", "1"); error_reporting(E_ALL); Quote Link to comment Share on other sites More sharing options...
nano Posted March 1, 2008 Author Share Posted March 1, 2008 I think you have saved the day All this time and it is because the right permissions are not set on the web server! Thanks for all the help, I believe this one is solved Quote Link to comment Share on other sites More sharing options...
revraz Posted March 1, 2008 Share Posted March 1, 2008 You'll also want to move session_start() to the top of the page instead of using it in the middle. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.