Jump to content

Session

unidox

By unidox
in PHP Coding Help

 Share

Recommended Posts

unidox Advanced Member

unidox

Posted
Posted

Here is my login code:

 

if (mysql_num_rows($q) == 1) { // Makes sure the username and password match up.
        		if ($rem != "") {
				setcookie(user, $r['username']);
				setcookie(pass, $r['password']);
			}
			mysql_query("UPDATE `pcp_users` SET ip = '$ip', date = '$date' WHERE password = '$pass' AND username = '$user' AND level <= '$admin'");
            	$_SESSION['admin'] = 1;
            	$_SESSION['user'] = $r['username'];
            	header("Location: index.php");
        	} else {
            	header("Location: login.php?e=4");
            	exit();
        	}

 

and the index.php:

 

session_start();
include ('../incs/conf.inc.php');
if ($_SESSION['admin'] != 1) {
header("Location: login.php");
} else {

 

But it seems after I login, it shows the correct index.php page, but if I refresh, it go back to the login. Whats wrong?

Link to comment
Share on other sites
unidox Advanced Member

unidox

Posted
  • Author
Posted

Login.php:

 

<?php
session_start();
include("../incs/conf.inc.php");

if ($_SESSION['admin'] == 1) {
    header("Location: index.php"); // The user is already logged in.
} elseif (($_COOKIE['user']) && ($_COOKIE['pass'])) {
$user = $_COOKIE['user'];
$pass = $_COOKIE['pass'];
$admin = $level['admin'];
$ip = $_SERVER["REMOTE_ADDR"];
    $date = "" . date('l dS \of F Y h:i:s A') . " EST";

//MySQL Query
    $q = mysql_query("SELECT * FROM `pcp_users` WHERE password = '$pass' AND username = '$user' AND level <= '$admin'");
    $r = mysql_fetch_array($q);
    
if (mysql_num_rows($q) == 1) {
	mysql_query("UPDATE `pcp_users` SET ip = '$ip', date = '$date' WHERE password = '$pass' AND username = '$user' AND level <= '$admin'");
	$_SESSION['admin'] = 1;
        $_SESSION['user'] = $r['username'];
        header("Location: index.php");
} else {
	setcookie("user", "", time()-3600);
	setcookie("pass", "", time()-3600);
	header("Location: login.php");
}
} else {
if ($_GET['s'] == 1) {
    	if ($_POST['user'] == "") {
        	header("Location: login.php?e=1");
        	exit();
    	} elseif ($_POST['pass'] == "") {
        	header("Location: login.php?e=2");
        	exit();
    	} else {
        	// Vars
        	$pass = md5($_POST['pass']); // Encrypts the password.
        	$user = escape_data($_POST['user']);
        	$admin = $level['admin'];
        	$rem = $_POST['rem'];
        	$ip = $_SERVER["REMOTE_ADDR"];
        	$date = "" . date('l dS \of F Y h:i:s A') . " EST";

        	//MySQL Query
        	$q = mysql_query("SELECT * FROM `pcp_users` WHERE password = '$pass' AND username = '$user' AND level <= '$admin'");
        	$r = mysql_fetch_array($q);

        	if (mysql_num_rows($q) == 1) { // Makes sure the username and password match up.
        		if ($rem != "") {
				setcookie(user, $r['username']);
				setcookie(pass, $r['password']);
			}
			mysql_query("UPDATE `pcp_users` SET ip = '$ip', date = '$date' WHERE password = '$pass' AND username = '$user' AND level <= '$admin'");
            	$_SESSION['admin'] = 1;
            	$_SESSION['user'] = $r['username'];
            	header("Location: index.php");
        	} else {
            	header("Location: login.php?e=4");
            	exit();
        	}
    	}
} else {
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="US-EN" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252" />
<title>Test</title>
<link rel="stylesheet" type="text/css" href="incs/admin.css" />
    <script type="text/javascript" src="incs/tip.js"></script>
    <style type="text/css">
    body {
	background-repeat: repeat-x;
	background-image: url(images/login_bg.gif);
}
table {
	font-size: 12px;
	font-family: verdana, arial, sans-serif;
}
</style>
</head>
<body class="login">
<div align="center">
<table border="0" width="237" cellspacing="0" cellpadding="0" style="margin-top: 88px;">
	<tr>
		<td>
		<img border="0" src="images/login_logo.gif" width="237" height="87"></td>
	</tr>
	<tr>
		<td height="5">
		<img border="0" src="images/login_top_bar.gif" width="237" height="5"></td>
	</tr>
	<tr valign="middle">
		<form action="login.php?s=1" method="post">
		<td background="images/login_bg2.gif" height="32">
			<table border="0" width="100%" cellspacing="0" cellpadding="0" height="102">
				<tr>
					<td rowspan="5" width="10"> </td>
					<td colspan="3" height="12"></td>
					<td rowspan="5" width="16" valign="top"><?
                			if ($_GET['e'] == 1) {
                    			echo "<img src=\"images/info.gif\" style=\"margin-right: 5px;\" width=\"11\" height=\"11\" alt=\"\" onMouseover=\"ddrivetip('<strong class=red>Error:</strong> You need to enter a username.', 300)\"; onMouseout=\"hideddrivetip()\" />";
                			} elseif ($_GET['e'] == 2) {
                    			echo "<img src=\"images/info.gif\" style=\"margin-right: 5px;\" width=\"11\" height=\"11\" alt=\"\" onMouseover=\"ddrivetip('<strong class=red>Error:</strong> You need to enter a password.', 300)\"; onMouseout=\"hideddrivetip()\" />";
                			} elseif ($_GET['e'] == 3) {
                    			echo "<img src=\"images/info.gif\" style=\"margin-right: 5px;\" width=\"11\" height=\"11\" alt=\"\" onMouseover=\"ddrivetip('<strong class=red>Error:</strong> You need to enter something other than the default username/password.', 300)\"; onMouseout=\"hideddrivetip()\" />";
                			} elseif ($_GET['e'] == 4) {
                    			echo "<img src=\"images/info.gif\" style=\"margin-right: 5px;\" width=\"11\" height=\"11\" alt=\"\" onMouseover=\"ddrivetip('<strong class=red>Error:</strong> Incorrect username/password.', 300)\"; onMouseout=\"hideddrivetip()\" />";
                			} elseif ($_GET['e'] == 5) {
                    			echo "<img src=\"images/info.gif\" style=\"margin-right: 5px;\" width=\"11\" height=\"11\" alt=\"\" onMouseover=\"ddrivetip('<strong class=green>Success:</strong> You have been logged out.', 300)\"; onMouseout=\"hideddrivetip()\" />";
                			}?>
					</td>
				</tr>
				<tr height="20">
					<td>Username:</td>
					<td width="5"> </td>
					<td><input name="user" class="login" size="18" /></td>
				</tr>
				<tr height="18">
					<td colspan="3"></td>
				</tr>
				<tr height="20">
					<td>Password:</td>
					<td> </td>
					<td><input name="pass" type="password" class="login" size="18" /></td>
				</tr>
				<tr height="30">
					<td colspan="3" align="left">
						<table border="0" width="100%" cellspacing="0" cellpadding="0" height="30">
							<tr valign="middle">
								<td>
									<label style="margin-top: 0;">Remember Me:</label> <input style="margin-top: 0;" name="rem" type="checkbox"></td>
								<td align="right"><p class="submit"><input value="" type="submit"></p></td>
							</tr>
						</table>
					</td>
				</tr>
			</table>
		</td>
	</form>
	</tr>
	<tr>
		<td height="5">
		<img border="0" src="images/login_btm_bar.gif" width="237" height="5"></td>
	</tr>
</table>
</div>
</body>
</html>
<?
}
}
?>

 

Index.php:

 

<?php
session_start();
include ('../incs/conf.inc.php');
if ($_SESSION['admin'] != 1) {
header("Location: login.php");
} else {
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="US-EN" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252" />
<title>Test</title>
<link rel="stylesheet" type="text/css" href="incs/admin.css" />
    <script type="text/javascript" src="incs/tip.js"></script>
    <style type="text/css">
    body {
	background-color: #FFFFFF;
}
table {
	font-size: 12px;
	font-family: verdana, arial, sans-serif;
}
.side,a {
	color: #FFFFFF;
	text-decoration: none;
}
div.pure {
	width: 400px;
	font-size: 12px;
	font-family: verdana, arial, sans-serif;
	height: 20px;
	text-align: left;
	position: absolute;
	margin-left: 10px;
	margin-top: 540px;
}
</style>
</head>
<body>
<table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
	<td background="images/admin_header.gif" height="52"> </td>
</tr>
<tr>
	<td height="100%" align="center">
	<table border="0" width="850" cellspacing="0" cellpadding="0">
		<tr>
			<td colspan="2" background="images/admin_nav.gif" height="35" class="side" style="text-align: center; letter-spacing:2pt">
			<div style="margin-left: 15px;"><a href="index.php">Home</a> | Modules | Pages | Users | Look & Feel | Support | <a href="logout.php">Logout</a></div>
			</td>
		</tr>
		<tr>
			<td width="193">
			<table border="0" width="100%" cellspacing="0" cellpadding="0" height="100%" class="side">
				<tr style="text-align: left;">
					<td background="images/admin_side_top.gif" height="33">
					<table border="0" width="100%" cellspacing="0" cellpadding="0" height="100%" class="side">
						<tr>
							<td width="15"> </td>
							<td style="font-weight: bold; font-size:10px">
							www.pure-cp.com</td>
						</tr>
					</table>
					</td>
				</tr>
				<tr>
					<td>
					<img border="0" src="images/admin_side_sep.gif" width="193" height="10"></td>
				</tr>
				<tr>
					<td background="images/admin_side_body.gif" height="397" valign="top">
					<table border="0" width="100%" cellspacing="0" cellpadding="0" height="29" background="images/admin_side_bg2.gif" class="side">
						<tr>
							<td width="15"> </td>
							<td style="text-align: left" height="29">- Home</td>
						</tr>
						<tr>
							<td width="15"> </td>
							<td style="text-align: left" height="29">- News</td>
						</tr>
						<tr>
							<td width="15"> </td>
							<td style="text-align: left" height="29">- Help</td>
						</tr>
						<tr>
							<td width="15"> </td>
							<td style="text-align: left" height="29">- 
							Support</td>
						</tr>
					</table>
					</td>
				</tr>
				<tr>
					<td>
					<img border="0" src="images/admin_side_btm.gif" width="193" height="4"></td>
				</tr>
			</table>
			</td>
			<td background="images/admin_bg.gif" valign="top" height="100%">
			<table border="0" width="100%" cellspacing="0" cellpadding="0" height="100%">
				<tr>
					<td height="440" valign="top" style="text-align: left;">
						<?php
						if ($_GET['p']) {
							include("pages/" . $_GET['p'] . ".inc.php");
						} else {
							include("pages/main.inc.php");
						}
						?>
					</td>
				</tr>
				<tr>
					<td>
					<img border="0" src="images/admin_main_btm.gif" width="657" height="4"></td>
				</tr>
			</table>
			</td>
		</tr>
	</table>
	</td>
</tr>
<tr>
	<td height="100%" align="center">
	Test</td>
</tr>
</table>
</body>
</html>
<?
}
?>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.