Jump to content

Session

unidox

By unidox
in PHP Coding Help

Recommended Posts

unidox Advanced Member

unidox

Posted
Posted

Here is my login code:

 

if (mysql_num_rows($q) == 1) { // Makes sure the username and password match up.
        		if ($rem != "") {
				setcookie(user, $r['username']);
				setcookie(pass, $r['password']);
			}
			mysql_query("UPDATE `pcp_users` SET ip = '$ip', date = '$date' WHERE password = '$pass' AND username = '$user' AND level <= '$admin'");
            	$_SESSION['admin'] = 1;
            	$_SESSION['user'] = $r['username'];
            	header("Location: index.php");
        	} else {
            	header("Location: login.php?e=4");
            	exit();
        	}

 

and the index.php:

 

session_start();
include ('../incs/conf.inc.php');
if ($_SESSION['admin'] != 1) {
header("Location: login.php");
} else {

 

But it seems after I login, it shows the correct index.php page, but if I refresh, it go back to the login. Whats wrong?

Link to comment
https://forums.phpfreaks.com/topic/98644-session/
Share on other sites
unidox Advanced Member

unidox

Posted
  • Author
Posted

Login.php:

 

<?php
session_start();
include("../incs/conf.inc.php");

if ($_SESSION['admin'] == 1) {
    header("Location: index.php"); // The user is already logged in.
} elseif (($_COOKIE['user']) && ($_COOKIE['pass'])) {
$user = $_COOKIE['user'];
$pass = $_COOKIE['pass'];
$admin = $level['admin'];
$ip = $_SERVER["REMOTE_ADDR"];
    $date = "" . date('l dS \of F Y h:i:s A') . " EST";

//MySQL Query
    $q = mysql_query("SELECT * FROM `pcp_users` WHERE password = '$pass' AND username = '$user' AND level <= '$admin'");
    $r = mysql_fetch_array($q);
    
if (mysql_num_rows($q) == 1) {
	mysql_query("UPDATE `pcp_users` SET ip = '$ip', date = '$date' WHERE password = '$pass' AND username = '$user' AND level <= '$admin'");
	$_SESSION['admin'] = 1;
        $_SESSION['user'] = $r['username'];
        header("Location: index.php");
} else {
	setcookie("user", "", time()-3600);
	setcookie("pass", "", time()-3600);
	header("Location: login.php");
}
} else {
if ($_GET['s'] == 1) {
    	if ($_POST['user'] == "") {
        	header("Location: login.php?e=1");
        	exit();
    	} elseif ($_POST['pass'] == "") {
        	header("Location: login.php?e=2");
        	exit();
    	} else {
        	// Vars
        	$pass = md5($_POST['pass']); // Encrypts the password.
        	$user = escape_data($_POST['user']);
        	$admin = $level['admin'];
        	$rem = $_POST['rem'];
        	$ip = $_SERVER["REMOTE_ADDR"];
        	$date = "" . date('l dS \of F Y h:i:s A') . " EST";

        	//MySQL Query
        	$q = mysql_query("SELECT * FROM `pcp_users` WHERE password = '$pass' AND username = '$user' AND level <= '$admin'");
        	$r = mysql_fetch_array($q);

        	if (mysql_num_rows($q) == 1) { // Makes sure the username and password match up.
        		if ($rem != "") {
				setcookie(user, $r['username']);
				setcookie(pass, $r['password']);
			}
			mysql_query("UPDATE `pcp_users` SET ip = '$ip', date = '$date' WHERE password = '$pass' AND username = '$user' AND level <= '$admin'");
            	$_SESSION['admin'] = 1;
            	$_SESSION['user'] = $r['username'];
            	header("Location: index.php");
        	} else {
            	header("Location: login.php?e=4");
            	exit();
        	}
    	}
} else {
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="US-EN" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252" />
<title>Test</title>
<link rel="stylesheet" type="text/css" href="incs/admin.css" />
    <script type="text/javascript" src="incs/tip.js"></script>
    <style type="text/css">
    body {
	background-repeat: repeat-x;
	background-image: url(images/login_bg.gif);
}
table {
	font-size: 12px;
	font-family: verdana, arial, sans-serif;
}
</style>
</head>
<body class="login">
<div align="center">
<table border="0" width="237" cellspacing="0" cellpadding="0" style="margin-top: 88px;">
	<tr>
		<td>
		<img border="0" src="images/login_logo.gif" width="237" height="87"></td>
	</tr>
	<tr>
		<td height="5">
		<img border="0" src="images/login_top_bar.gif" width="237" height="5"></td>
	</tr>
	<tr valign="middle">
		<form action="login.php?s=1" method="post">
		<td background="images/login_bg2.gif" height="32">
			<table border="0" width="100%" cellspacing="0" cellpadding="0" height="102">
				<tr>
					<td rowspan="5" width="10"> </td>
					<td colspan="3" height="12"></td>
					<td rowspan="5" width="16" valign="top"><?
                			if ($_GET['e'] == 1) {
                    			echo "<img src=\"images/info.gif\" style=\"margin-right: 5px;\" width=\"11\" height=\"11\" alt=\"\" onMouseover=\"ddrivetip('<strong class=red>Error:</strong> You need to enter a username.', 300)\"; onMouseout=\"hideddrivetip()\" />";
                			} elseif ($_GET['e'] == 2) {
                    			echo "<img src=\"images/info.gif\" style=\"margin-right: 5px;\" width=\"11\" height=\"11\" alt=\"\" onMouseover=\"ddrivetip('<strong class=red>Error:</strong> You need to enter a password.', 300)\"; onMouseout=\"hideddrivetip()\" />";
                			} elseif ($_GET['e'] == 3) {
                    			echo "<img src=\"images/info.gif\" style=\"margin-right: 5px;\" width=\"11\" height=\"11\" alt=\"\" onMouseover=\"ddrivetip('<strong class=red>Error:</strong> You need to enter something other than the default username/password.', 300)\"; onMouseout=\"hideddrivetip()\" />";
                			} elseif ($_GET['e'] == 4) {
                    			echo "<img src=\"images/info.gif\" style=\"margin-right: 5px;\" width=\"11\" height=\"11\" alt=\"\" onMouseover=\"ddrivetip('<strong class=red>Error:</strong> Incorrect username/password.', 300)\"; onMouseout=\"hideddrivetip()\" />";
                			} elseif ($_GET['e'] == 5) {
                    			echo "<img src=\"images/info.gif\" style=\"margin-right: 5px;\" width=\"11\" height=\"11\" alt=\"\" onMouseover=\"ddrivetip('<strong class=green>Success:</strong> You have been logged out.', 300)\"; onMouseout=\"hideddrivetip()\" />";
                			}?>
					</td>
				</tr>
				<tr height="20">
					<td>Username:</td>
					<td width="5"> </td>
					<td><input name="user" class="login" size="18" /></td>
				</tr>
				<tr height="18">
					<td colspan="3"></td>
				</tr>
				<tr height="20">
					<td>Password:</td>
					<td> </td>
					<td><input name="pass" type="password" class="login" size="18" /></td>
				</tr>
				<tr height="30">
					<td colspan="3" align="left">
						<table border="0" width="100%" cellspacing="0" cellpadding="0" height="30">
							<tr valign="middle">
								<td>
									<label style="margin-top: 0;">Remember Me:</label> <input style="margin-top: 0;" name="rem" type="checkbox"></td>
								<td align="right"><p class="submit"><input value="" type="submit"></p></td>
							</tr>
						</table>
					</td>
				</tr>
			</table>
		</td>
	</form>
	</tr>
	<tr>
		<td height="5">
		<img border="0" src="images/login_btm_bar.gif" width="237" height="5"></td>
	</tr>
</table>
</div>
</body>
</html>
<?
}
}
?>

 

Index.php:

 

<?php
session_start();
include ('../incs/conf.inc.php');
if ($_SESSION['admin'] != 1) {
header("Location: login.php");
} else {
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="US-EN" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252" />
<title>Test</title>
<link rel="stylesheet" type="text/css" href="incs/admin.css" />
    <script type="text/javascript" src="incs/tip.js"></script>
    <style type="text/css">
    body {
	background-color: #FFFFFF;
}
table {
	font-size: 12px;
	font-family: verdana, arial, sans-serif;
}
.side,a {
	color: #FFFFFF;
	text-decoration: none;
}
div.pure {
	width: 400px;
	font-size: 12px;
	font-family: verdana, arial, sans-serif;
	height: 20px;
	text-align: left;
	position: absolute;
	margin-left: 10px;
	margin-top: 540px;
}
</style>
</head>
<body>
<table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
	<td background="images/admin_header.gif" height="52"> </td>
</tr>
<tr>
	<td height="100%" align="center">
	<table border="0" width="850" cellspacing="0" cellpadding="0">
		<tr>
			<td colspan="2" background="images/admin_nav.gif" height="35" class="side" style="text-align: center; letter-spacing:2pt">
			<div style="margin-left: 15px;"><a href="index.php">Home</a> | Modules | Pages | Users | Look & Feel | Support | <a href="logout.php">Logout</a></div>
			</td>
		</tr>
		<tr>
			<td width="193">
			<table border="0" width="100%" cellspacing="0" cellpadding="0" height="100%" class="side">
				<tr style="text-align: left;">
					<td background="images/admin_side_top.gif" height="33">
					<table border="0" width="100%" cellspacing="0" cellpadding="0" height="100%" class="side">
						<tr>
							<td width="15"> </td>
							<td style="font-weight: bold; font-size:10px">
							www.pure-cp.com</td>
						</tr>
					</table>
					</td>
				</tr>
				<tr>
					<td>
					<img border="0" src="images/admin_side_sep.gif" width="193" height="10"></td>
				</tr>
				<tr>
					<td background="images/admin_side_body.gif" height="397" valign="top">
					<table border="0" width="100%" cellspacing="0" cellpadding="0" height="29" background="images/admin_side_bg2.gif" class="side">
						<tr>
							<td width="15"> </td>
							<td style="text-align: left" height="29">- Home</td>
						</tr>
						<tr>
							<td width="15"> </td>
							<td style="text-align: left" height="29">- News</td>
						</tr>
						<tr>
							<td width="15"> </td>
							<td style="text-align: left" height="29">- Help</td>
						</tr>
						<tr>
							<td width="15"> </td>
							<td style="text-align: left" height="29">- 
							Support</td>
						</tr>
					</table>
					</td>
				</tr>
				<tr>
					<td>
					<img border="0" src="images/admin_side_btm.gif" width="193" height="4"></td>
				</tr>
			</table>
			</td>
			<td background="images/admin_bg.gif" valign="top" height="100%">
			<table border="0" width="100%" cellspacing="0" cellpadding="0" height="100%">
				<tr>
					<td height="440" valign="top" style="text-align: left;">
						<?php
						if ($_GET['p']) {
							include("pages/" . $_GET['p'] . ".inc.php");
						} else {
							include("pages/main.inc.php");
						}
						?>
					</td>
				</tr>
				<tr>
					<td>
					<img border="0" src="images/admin_main_btm.gif" width="657" height="4"></td>
				</tr>
			</table>
			</td>
		</tr>
	</table>
	</td>
</tr>
<tr>
	<td height="100%" align="center">
	Test</td>
</tr>
</table>
</body>
</html>
<?
}
?>

Link to comment
https://forums.phpfreaks.com/topic/98644-session/#findComment-504828
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.