Help with PHP & MYSQL Login!

nano · March 1, 2008

Hey Guys,

For the past few weeks now I have been pulling out my hair as I can never seem to get the simplest of login scripts working!

I think it's something to do with the sessions not registering.. but I could be wrong.

Let me show you some code snipets that I have in use, and maybe you guys can see where I have gone wrong.

database.php

<?php
$conn = mysql_connect("localhost", "user", "password") or die(mysql_error());
mysql_select_db('stream_simple', $conn) or die(mysql_error());
?>

login.php

<form name="login_form" id="login_form" action="logon.php" method="post">

<font class="login_content">Email:</font>
<input name="email" type="text" maxlength="50" id="email" class="member_boxes">
<font class="login_content">Password:</font>
<input name="password" type="password" maxlength="15" id="password" class="member_boxes">
<input type="checkbox" name="remember" value="rememberme" /> Remeber me on this computer
<font class="forgot">I cannot login to my account</font>

<input type="submit" value="Sign In" id="sign_in" name="Submit">
</form>

logon.php (checks login)

<?php
session_start();

include("database/database.php");
$tbl_name="user_system";

$email=stripslashes($_POST['email']);
$password=stripslashes($_POST['password']);
$encpass = md5($password);

mysql_real_escape_string($email);
mysql_real_escape_string($password);

$sql="SELECT * FROM $tbl_name WHERE email='$email' and password='$encpass'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);

if($count==1){
session_register("email");
session_register("password"); 
echo "<meta http-equiv='refresh' content='0;url=members.php'>";
}

else {
session_destroy();
echo "<meta http-equiv='refresh' content='0;url=failed.php'>";
}

?>

members.php

<?php
session_start();
if(!session_is_registered(email)){
header("location:login.php");
}
?>

The problem I seem to have, if I remove the php from the top of members.php - it will redirect to the page fine, which means to me, that the login and logon are both working.

As soon as I add the session check to the members.php page, it will always redirect to login.php!

I have tested the logon.php by printing the $sql, $result and $count - all looked ok.

Sorry for the messy code and any help would be appreciated!

Thanks guys.

harristweed · March 1, 2008

I use:

if(!isset($_SESSION[email])

it seems to work for me.

nano · March 1, 2008

That doesn't seem to work for me either..

Ive noticed it's like my sessions are not being stored?

for example...

I put this in my logon.php for when user entered correct information:

$_SESSION['password']=test;
header("location:members.php");

then my members.php has this at the top:

<?php
session_start();
echo "password=". $_SESSION['password'];
?>

Nothing will be shown on the members page which means to me, the sessions are not stored or being transferred to the next page?

I have enabled cookies, sessions and tried on a couple of different PC's

Cheers.

trq · March 1, 2008

session_register() has long been depricated, don't use it. And here....

$_SESSION['password']=test;

you set $_SESSION['password'] to the undefined constant test. Hence it show up empty later.

nano · March 1, 2008

relating to one of your previous posts thorpe

http://www.phpfreaks.com/forums/index.php/topic,166472.0.html

and with the points taken on board, I don't understand how this still doesn't work... am I doing something seriously wrong?

logon.php

<?php

include("database/database.php");

$tbl_name="user_system";
$email=stripslashes($_POST['email']);
$password=stripslashes($_POST['password']);
$encpass = md5($password);

mysql_real_escape_string($email);
mysql_real_escape_string($password);


$sql="SELECT * FROM $tbl_name WHERE email='$email' and password='$encpass'";

$result=mysql_query($sql);

$count=mysql_num_rows($result);

if($count==1){

session_start();
$_SESSION['email']=$email;
echo "<meta http-equiv='refresh' content='0;url=members.php'>";

}

else {

session_destroy();
echo "<meta http-equiv='refresh' content='0;url=failed.php'>";

}

?>

members.php

<?php
session_start();
if (!isset($_SESSION['email'])){
    header("Location:login.php");
    exit();
}
?>

It will always just divert me to login.php as stated in the members.php header..

PFMaBiSmAd · March 1, 2008

Put the following two lines in after your first opening <?php tag in both of your php scripts to get php to show any errors that might be preventing the session from working -

ini_set ("display_errors", "1");
error_reporting(E_ALL);

nano · March 1, 2008

I think you have saved the day

All this time and it is because the right permissions are not set on the web server!

Thanks for all the help, I believe this one is solved

revraz · March 1, 2008

You'll also want to move session_start() to the top of the page instead of using it in the middle.

Sign In

Help with PHP & MYSQL Login!

Recommended Posts

nano

Link to comment

Share on other sites

harristweed

Link to comment

Share on other sites

nano

Link to comment

Share on other sites

trq

Link to comment

Share on other sites

nano

Link to comment

Share on other sites

PFMaBiSmAd

Link to comment

Share on other sites

nano

Link to comment

Share on other sites

revraz

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information