Ezilon.com - Target Your Audience, be Seen in Your Region
HomeBuilding Your WebsiteWeb Programming and Application Development

Session Problems..

You are viewing this site as a guest. Join our community to get your questions answered and share knowledge. Active members may advertise and ask for a website critique.

nuk3 posted this at 10:01 — 17th May 2003.

He has: 238 posts

Joined: May 2002

I've been trying to create a login script and I've managed to get the database side of things up and running. I cant seem to get the sessions to work. I've tried multiple combinations of conditional statements but no matter what I try I cant seem to get my head around it. As you can see it's a total mess..

Here is what I have at the moment..

<?php
session_start();

function footer() {

include("/home/silonet/public_html/includes/footer.php\");

}

include(\"/home/silonet/public_html/includes/header.php\");

if(!$submit) {

if (!session_is_registered(\"username\")) {

<form action=\"=$PHP_SELFif($QUERY_STRING){ echo\"?\". $QUERY_STRING;}\" method=\"POST\">
<p align=\"center\">Members only. Please login to access this document.</p>
<table align=\"center\" border=\"0\">
<tr>
  <th>
Username:
  </th>
  <th>
<input type=\"text\" name=\"username\">
  </th>
</tr>
<tr>
  <th>
Password:
  </th>
  <th>
<input type=\"password\" name=\"password\">
  </th>
</tr>
<tr>
  <th colspan=\"2\" align=\"right\">
<input type=\"submit\" name=\"submit\" value=\"Login\">
</form>
  </th>
</tr>
</table>
</body>
</html>

footer();
exit();
}}

else {

$_SESSION['username'] = '$username';

$db = mysql_connect(\"*************\");

if (!$db)
echo \"A conection to the database could not be established. Please try again later or contact the website administrator.\";

mysql_select_db(\"******\");

$password2 = md5($password);

$sql = mysql_query(\"SELECT password FROM member WHERE username = '$username'\");
$fetch_em = mysql_fetch_array($sql);
$numrows = mysql_num_rows($sql);

if($numrows != \"0\" & $password2 == $fetch_em[\"password\"]) {
$valid_user = 1;
}
else {
$valid_user = 0;
}
}
if (!$valid_user)

{

session_unset();   // Unset session variables.
session_destroy(); // End Session we created earlier.

<form action=\"=$PHP_SELFif($QUERY_STRING){ echo\"?\". $QUERY_STRING;}\" method=\"POST\">
<p align=\"center\">Incorrect login information, please try again. You must login to access this document.</p>
<table align=\"center\" border=\"0\">
<tr>
  <th>
Username:
  </th>
  <th>
<input type=\"text\" name=\"username\">
  </th>
</tr>
<tr>
  <th>
Password:
  </th>
  <th>
<input type=\"password\" name=\"password\">
  </th>
</tr>
<tr>
  <th colspan=\"2\" align=\"right\">
<input type=\"submit\" name=\"submit\" value=\"Login\">
</form>
  </th>
</tr>
</table>
</body>
</html>

footer();
exit();
}

if ($id = logoff) {

session_unregister('username');
session_unregister('password');
session_destroy();
}

<a href=\"http://www.silonetwork.com/member/login.php?id=logoff\">Log Off</a>

include(\"/home/silonet/public_html/includes/footer.php\");
?>

nuk3.com | Free funny flash movies and addictive games

Mark Hensler posted this at 17:08 — 17th May 2003.

Mark Hensler's picture

He has: 4,044 posts

Joined: Aug 2000

<?php
session_start();

function footer()
{
    include("/home/silonet/public_html/includes/footer.php\");
}

include(\"/home/silonet/public_html/includes/header.php\");

if ($id == 'logoff') {
    session_unregister('username');
    session_unregister('password');
    session_destroy();
    die(\"you're logged out\");
}

if ($submit) {
   
    $db = mysql_connect(\"*************\");
   
    if (!$db)
        echo \"A conection to the database could not be established. Please try again later or contact the website administrator.\";
   
    mysql_select_db(\"******\");
   
   
    $sql = mysql_query(\"SELECT id FROM member WHERE username='$username' AND password='\".md5($password).\"'\");
    $numrows = mysql_num_rows($sql);
   
    if($numrows == 1) {
        $_SESSION['username'] = $username;
       
        // stick the user id in the session data as well
        list($_SESSION['uid']) = mysql_fetch_row($result);
       
        // this should most likely be a redirect:
        // header(\"Location: index.php\");
        die(\"your logged in\");
    }
    elseif($numrows > 1) {
        // you should have `username` and `password` both under the same
        // UNIQUE key in mysql so that this never happens
        $prompt = 'More than one account was found with the same login information.';
        $prompt .= '  This system cannot proceed.  Please contact the administrator.';
        die($prompt);
    }
    else {
        $prompt = 'Incorrect login information, please try again. You must login to access this document.';
    }
   
}
else {
    $prompt = 'Members only. Please login to access this document.';
}

<form action=\"=$PHP_SELFif($QUERY_STRING){ echo\"?\". $QUERY_STRING;}\" method=\"POST\">
<p align=\"center\">$prompt</p>
<table align=\"center\" border=\"0\">
<tr>
  <th>
Username:
  </th>
  <th>
<input type=\"text\" name=\"username\">
  </th>
</tr>
<tr>
  <th>
Password:
  </th>
  <th>
<input type=\"password\" name=\"password\">
  </th>
</tr>
<tr>
  <th colspan=\"2\" align=\"right\">
<input type=\"submit\" name=\"submit\" value=\"Login\">
</form>
  </th>
</tr>
</table>
</body>
</html>

<a href=\"http://www.silonetwork.com/member/login.php?id=logoff\">Log Off</a>

include(\"/home/silonet/public_html/includes/footer.php\");
?>

Mark Hensler ["Max Albert"] [Email]
If there is no answer on Google, then there is no question.

nuk3 posted this at 02:01 — 18th May 2003.

He has: 238 posts

Joined: May 2002

The script didn't work. I found a couple of mistakes:
$prompt // Should've been <?=$prompt?>
And the the column is userid not id. // My error

I'm getting the following error:

Warning: mysql_fetch_row(): supplied argument is not a valid MySQL result resource in /home/silonet/public_html/member/login.php on line 38
Your logged in

--
Try a login with 'hey' and 'hey'.
http://www.silonetwork.com/member/login.php

nuk3.com | Free funny flash movies and addictive games

Mark Hensler posted this at 19:42 — 18th May 2003.

Mark Hensler's picture

He has: 4,044 posts

Joined: Aug 2000

mysql_fetch_row() should be using $sql. or, change $sql to $result above.

nuk3 posted this at 06:33 — 19th May 2003.

He has: 238 posts

Joined: May 2002

What can I do about the header errors I'm getting with the Header Location uncommented?

Warning: Cannot modify header information - headers already sent by (output started at /home/silonet/public_html/includes/header.php:14) in /home/silonet/public_html/member/login.php on line 40
Your logged in

nuk3.com | Free funny flash movies and addictive games

Mark Hensler posted this at 11:22 — 20th May 2003.

Mark Hensler's picture

He has: 4,044 posts

Joined: Aug 2000

Move the include(header.php) after the header() call.

nuk3 posted this at 08:09 — 21st May 2003.

He has: 238 posts

Joined: May 2002

Ok then