HomeBuilding Your WebsiteWeb Programming and Application Development

PHP Login status display?

DarkLight posted this at 14:23 — 11th December 2007.

DarkLight's picture

He has: 287 posts

Joined: Oct 2007

Hi, I need a script that shows if you are logged.
if they are not, it says "Log In".
if they are, it says, "Log Out -username-"

Thanks in advance, this is very important.

All the best news here: https://newsbotnet.com

calculator posted this at 15:55 — 11th December 2007.

calculator's picture

They have: 40 posts

Joined: Nov 2007

Hi ChildOfEvil,

Try http://www.evolt.org/article/PHP_Login_Script_with_Remember_Me_Feature/17/60265/index.html
or
http://www.evolt.org/article/PHP_Login_System_with_Admin_Features/17/60384/index.html

For two great tutorials on ow to create a login page.

If you already have a login script, all you need to do is call whichever variable (database or $_SESSION) which holds the username and display it.

Hope this helps

DarkLight posted this at 16:04 — 11th December 2007.

DarkLight's picture

He has: 287 posts

Joined: Oct 2007

thank you, i will take a look now. i have just found a script, but it does not look too stable.
thanks for your help.

pr0gr4mm3r posted this at 16:50 — 11th December 2007.

pr0gr4mm3r's picture

He has: 1,502 posts

Joined: Sep 2006

On my sites, if a user signs in, I place their profile in $_SESSION['profile']. Then, I use something like this:

<?php
    if (isset($_SESSION['profile']))
    {
        echo 'You are signed in as ' . $_SESSION['profile']['user'];
    }
    else
    {
        echo '<a href=\"login.php\">Sign In</a>';
    }
?>

DarkLight posted this at 20:41 — 11th December 2007.

DarkLight's picture

He has: 287 posts

Joined: Oct 2007

I cannot seem to get it to work, here is my "checklogin.php" script...

<?php
$host=\"localhost\";
$username=\"USERNAME\";
$password=\"PASSWORD\";
$db_name=\"DATABASE\";
$tbl_name=\"TABLE\";

// Connect to server and select databse.
mysql_connect(\"$host\", \"$username\", \"$password\")or die(\"cannot connect\");
mysql_select_db(\"$db_name\")or die(\"cannot select DB\");

// username and password sent from signup form
$username=$_POST['username'];
$password=$_POST['password'];

$sql=\"SELECT * FROM $tbl_name WHERE username='$username' and password='$password'\";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file \"login_success.php\"
session_register(\"username\");
session_register(\"password\");
header('location:http://pcgenius.pcriot.com/members/basic/login/login_success.php');
}
else {
header('location:http://pcgenius.pcriot.com/members/basic/login/login_failed.php');
}
?>

What would I need to do to display the content of the created cookie on a different page?
Thanks you so much in advance, i am fed up of this now, i cannot seem to get the right script.

All the best news here: https://newsbotnet.com

pr0gr4mm3r posted this at 03:43 — 12th December 2007.

pr0gr4mm3r's picture

He has: 1,502 posts

Joined: Sep 2006

First thing is that I can't stress enough how important it is to escape your user inputs. You will leave your site vulnerable to SQL injection otherwise.

I think the main problem you were having is you forgot to fetch your row. I added that in and changed your session assignment. See the code below as I made some other comments (comments in /* */).

<?php
$host=\"localhost\";
$username=\"USERNAME\";
$password=\"PASSWORD\";
$db_name=\"DATABASE\";
$tbl_name=\"TABLE\";

// Connect to server and select databse.
/* variables do not need to be in quotes */
mysql_connect($host, $username, $password)or die(\"cannot connect\");
mysql_select_db($db_name)or die(\"cannot select DB\");

// username and password sent from signup form
/* always escape strings that are going from a user input to a SQL query */
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);

/* added 'LIMIT 1' - we know that there is only one result, but adding the limit tells MySQL to stop looking after it finds one */
$sql=\"SELECT * FROM $tbl_name WHERE username='$username' and password='$password' LIMIT 1\";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file \"login_success.php\"
/* forgot to fetch the row */
$row = mysql_fetch_assoc($result);
/* Use of session_register() is deprecated */
$_SESSION['username'] = $row['username']; /* 'username' should be the field in the DB that contains the user name */

header('location:http://pcgenius.pcriot.com/members/basic/login/login_success.php');
}
else {
header('location:http://pcgenius.pcriot.com/members/basic/login/login_failed.php');
}
?>

DarkLight posted this at 22:27 — 12th December 2007.

DarkLight's picture

He has: 287 posts

Joined: Oct 2007

AHHAH!!!
I sorted it.
all i did was add...

<?php
session_start();
?>

to every page i wanted the code to work on, it simply reminds the browser that it has a session in progress. thanks for your help. Very much appreciated your help Laughing out loud

All the best news here: https://newsbotnet.com

pr0gr4mm3r posted this at 22:29 — 12th December 2007.

pr0gr4mm3r's picture

He has: 1,502 posts

Joined: Sep 2006

Oops, forgot about that. I always have that in a header php file in my day-to-day coding so I forget that it's needed.

DarkLight posted this at 22:35 — 12th December 2007.

DarkLight's picture

He has: 287 posts

Joined: Oct 2007

nm. i should have notice, i was trying to force a cookie into the script, but then stopped, and thought, why the hell do i need a cookie for something this small. i just use sessions. i never actually DIRECTLY write cookies on here with "setcookie".
anyway, thanks for your help. Smiling

All the best news here: https://newsbotnet.com

gtuges posted this at 10:49 — 24th April 2012.

They have: 2 posts

Joined: Apr 2012

I know this is an old post but can I ask a question? Do we really have to have

<?php
session_start();
?>

on all our page to have it working and if we need to have it on only one page, where do we place it?

Thanks

Greg K posted this at 07:34 — 10th May 2012.

Greg K's picture

He has: 2,145 posts

Joined: Nov 2003

You can tell the server to automatically start the session for every PHP call by setting

session.auto_start = 1
(you can try putting this in a php.ini file in the root of your site, or look up how to set PHP settings via .htaccess)

I prefer just having all scripts for a site calling a global configuration file that calls session_start() at the top of it.

-Greg

DarkLight posted this at 11:43 — 10th May 2012.

DarkLight's picture

He has: 287 posts

Joined: Oct 2007

Hi guys, this post is very old. I am lightyears from this now Smiling Feel free to stay open for others needing help on this subject, but I myself don't require it anymore.

Just a note.

All the best news here: https://newsbotnet.com

Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.