|
PHP - Log-in Disappears Upon Login?
I'm using this php web script and would like to know what happens upon log-in. I see "will auto hide when logged in". Does this mean the log-in box disappears after log-in? Does it get replaced with something? Can you read the code below and tell me? If so, what replaces it? Thanks.
Code: [Select] <!-- start of login box - will auto hide when logged in--> <div id="IndexLoginGoldBox_1"> <!--[onload_300;block=div;when [var.show_login_box]=1;comm]--> <div id="IndexLoginGoldBox_2"> <div id="IndexLoginGoldBox_content"> <div id="RelatedVideosTitle"> <span class="font5_14">Login and start Uploading!</span></div> <ul class="IndexLoginGoldBox_list"> <form name="login" action="login.php" method="POST" class="FormIndexLogin"> <li>Username <input type="text" name="user_name_login" size="20" /> </li> <li>Password <input type="password" name="password_login" size="20" /> </li> <li> <input type="hidden" name="submitted" value="yes" /> <input type="submit" value="Login Now" name="logi_n" /> </li> </form> </ul> </div> </div> </div> <!-- end of login box --> Similar TutorialsThe option chosen in my form disappears -- both the initial default and the option chosen are no longer visible after the value is chosen. I use an ajax call to refresh the page, if that's any clue. Perhaps there's a way I can save the value and write to the drop-down field or something? Mark Hi! I'm working on a simple e-commerce script. I have some $_SESSION variables that is defined and works fine while surfing on the site. But when I close the browser and reenter the site, all the session-variables are not defined (unset?), until i click on a link on the site. Weird behavior... please help! /I I've added this code (below) to a file called uploader.php (attached).
When I simply open the corresponding html page, I see "Invalid upload file" in the top left corner of the page. When I remove this code from uploader.php the "Invalid upload file" disappears. Any ideas on how to resolve this will be appreciated.
$allowedExts = array("gif", "jpeg", "jpg", "png");
$temp = explode(".", $_FILES["file"]["name"]);
$extension = strtolower( end($temp) ); // in case user named file ".JPG" etc.!!!
if ( $_FILES["file"]["size"] < 200000
&& in_array($extension, $allowedExts) )
{
if ($_FILES["file"]["error"] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
} else {
$length = 20;
$randomString = substr(str_shuffle(md5(time())),0,$length);
$newfilename = $randomString . "." . $extension;
move_uploaded_file($_FILES["file"]["tmp_name"], "upload/" . $newfilename);
$file_location = '<a href="http://www.-----.com/upload/' . $newfilename . '">' . $newfilename . '</a>';
}
} else {
echo "Invalid upload file";
}
$description = $description . " \n " . $newfilename;
Hello, I am having issues with getting cookies to function how i'd like them to. My goal is to be able to capture a cookie value from the url if a user comes to my site via something like adwords. An example URL they could come to is http://www.mysite.com?kw=hello I am trying to capture the word 'hello' and tie it to that visitor regardless of where they go on the site. I need to use that value to pass through if they complete a form on my site so that i can track the keyword source. I have included the following as the first line of code on every page of my site: Code: [Select] $kw = $_GET["kw"]; setcookie('kw',$kw); Then, if i go to this url: http://www.mysite.com?kw=hello and then later go to a url like this: http://www.mysite.com/page1.html, i am able to echo out the cookie on page1.html using the following code which is contained in page1.html: Code: [Select] echo $_COOKIE["kw"]; The problem is, if i then refresh page1.html i can no longer echo out the cookie--it disappears. I need the cookie to stay with the user no matter what page they are on within the site and not matter how many different pages they visit. I hope i am explaining myself in a way someone can understand. Perhaps cookies aren't the best way? Should i use sessions instead? Thanks in advance for your help Hey--New to the forum, and php. I have a drop-down list populated by a MySQL database. Submitting that selection retrieves php scripts which I run using eval(). One of them is a form. The scripts evaluate fine, but when I submit the second form, it disappears and I get a resource id where the "result" script was. The resource ids change between 3 and 4 when I refresh the page. Any hints on what I'm doing wrong? Here is the main script: <?php $host="localhost"; $username="root"; $password="root"; $con = mysql_connect($host,$username,$password); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("calculators", $con); $result = mysql_query("SELECT * FROM calculator"); while($row = mysql_fetch_array($result)) { echo "<option type='text' " . "value='" . $row['Title'] . "'>" . $row['Title'] . "</option>"; } echo "</select>"; echo "<br>"; echo "<input type='submit' name='submit1'>"; echo "</form>"; $title = mysql_real_escape_string($_GET['Title']); $result = mysql_query('SELECT * FROM calculator WHERE Title = "' . $title . '"'); while($row = mysql_fetch_array($result)) { $header = $row['Header']; $calculator = $row['Calculator']; $result = $row['Result']; $formula = $row['Formula']; $reference = $row['Reference']; } eval('?>' . $header . '<?php '); echo "<h2>Calculator</h2>"; eval('?>' . $calculator . '<?php '); echo "<h2>Result</h2>"; eval('?>' . $result . '<?php '); echo "<h2>Formula</h2>"; eval('?>' . $formula . '<?php '); echo "<h2>Reference</h2>"; eval('?>' . $reference . '<?php '); mysql_close($con); ?> Thanks, Davis hi i need help an idea how can i separate members from admins since i dont know how to create login form i used tutorial ( http://www.youtube.com/watch?v=4oSCuEtxRK8 ) (its session login form only that i made it work other tutorials wre too old or something) how what i want to do is separate members and admins because admin need more rights to do now i have idea but dont know will it work like that what i want to do is create additional row in table named it flag and create 0 (inactive user) 1 (member) 2 (admin) will that work? and how can i create different navigation bars for users and admins? do you recommend that i use different folders to create it or just script based on session and flag? Hi guys. What I want to create is really complicated. Well I have a login system that works with post on an external website. I have my own website, but they do not give me access to the database for security reasons, therefore I have to use their login system to verify my users. What their website does is that it has a post, with username and password. The POST website is lets say "https://www.example.com/login". If login is achieved (i.e. username and password are correct), it will redirect me to "https://www.example.com/login/success" else it will redirect me to "https://www.example.com/login/retry". So I want a PHP script that will do that post, and then according to the redirected website address it will return me TRUE for success, FALSE for not successful login. Any idea?? Thanks Hello guys, Is there on web any updated tutorial on how can I add Facebook login on my simple php login script? Hi guys, Can anyone assist me. I am trying to create a login for admin and user (if user not a member click register link) below is my code: But whenever I enter the value as: Username: admin Password:123 - I got an error message "That user does not exist!" Any suggestion and help would be appreciated. Thanks. login.php <?php //Assigned varibale $error_msg as empty //$error_msg = ""; session_start(); $error_msg = ""; if (isset($_POST['submit'])) { if ($a_username = "admin" && $a_password = "123") { //Define $_POST from form text feilds $username = $_POST['username']; $password = $_POST['password']; //Add some stripslashes $username = stripslashes($username); $password = stripslashes($password); //Check if usernmae and password is good, if it is it will start session if ($username == $a_username && $password == $a_password) { session_start(); $_SESSION['session_logged'] = 'true'; $_SESSION['session_username'] = $username; //Redirect to admin page header("Location: admin_area.php"); } } $username = (isset($_POST['username'])) ? $_POST['username'] : ''; $password = (isset($_POST['password'])) ? $_POST['password'] : ''; if($username && $password) { $connect = mysql_connect("localhost", "root", "") or die ("Couldn't connect!"); mysql_select_db("friendsdb") or die ("Couldn't find the DB"); $query = mysql_query ("SELECT * FROM `user` WHERE username = '$username'"); $numrows = mysql_num_rows($query); if ($numrows != 0){ while ($row = mysql_fetch_array($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } //Check to see if they are match! if ($username == $dbusername && md5($password) == $dbpassword) { header ("Location: user_area.php"); $_SESSION['username'] = $username; } else $error_msg = "Incorrect password!"; //code of login }else $error_msg = "That user does not exist!"; //echo $numrows; } else $error_msg = "Please enter a username and password!"; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Login Page</title> </head> <body> <br /> <?php require "header.php"; ?><br /> <div align="center"> <table width="200" border="1"> <?php // If $error_msg not equal to emtpy then display error message if($error_msg!="") echo "<div id=\"error_message\"style=\"color:red; \">$error_msg</div><br />";?> <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post"> <!--form action="login_a.php" method="post"--> Username: <input type="text" name="username" /><br /><br /> Password: <input type="password" name="password" /><br /><br /> <input type="submit" name = "submit" value="Log in" /> </form> <p> </p> Register a <a href="register.php">New User</a> </table> </div> </body> </html> How to add the ability to login with username or email for login?
<?php
ob_start();
include('../header.php');
include_once("../db_connect.php");
session_start();
if(isset($_SESSION['user_id'])!="") {
header("Location: ../dashboard");
}
if (isset($_POST['login'])) {
$email = mysqli_real_escape_string($conn, $_POST['email']);
$password = mysqli_real_escape_string($conn, $_POST['password']);
$result = mysqli_query($conn, "SELECT * FROM users WHERE email = '" . $email. "' and pass = '" . md5($password). "'");
if ($row = mysqli_fetch_array($result)) {
$_SESSION['user_id'] = $row['uid'];
$_SESSION['user_name'] = $row['user'];
$_SESSION['user_email'] = $row['email'];
header("Location: ../dashboard");
} else {
$error_message = "Incorrect Email or Password!!!";
}
}
?>
When I put "hello" in a text field it disappears, when the html page is submitted it dont like "" for example <input name="FirstName" type="text" id="FirstName" value="<?php if (isset($_POST['FirstName'])) echo ($_POST['FirstName']); ?>" maxlength="20" /> Hi everyone i wonder if you can help me he I need a script for a login and check login- create cookie. Here is my form: <form method="post" action="check_login.php"> <p> <input type="submit" name="Submit2" value="go" /> </fieldset> </p> </form> that sends it to check_login (which BEFORE i deleted something by accident, used to take me to a username and password box) But now all it does is send me straight to the memebrs area??? Can i change the check_login.php script to make it work correctly: Code: [Select] <?php // Connects to your Database mysql_connect("server", "user", "password") or die(mysql_error()); mysql_select_db("DB") or die(mysql_error()); //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) //if there is, it logs you in and directes you to the members page { $username = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['upassword']) { } else { header("Location: members_area.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['username'] | !$_POST['upassword']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) { $_POST['upassword'] = stripslashes($_POST['upassword']); $info['upassword'] = stripslashes($info['upassword']); $_POST['upassword'] = md5($_POST['upassword']); //gives error if the password is wrong if ($_POST['upassword'] != $info['upassword']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['username'], $hour); setcookie(Key_my_site, $_POST['upassword'], $hour); //then redirect them to the members area header("Location: members_area.php"); } } } else { // if they are not logged in ?> <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table width="316" height="120" border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="40"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="upassword" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> <?php } ?> Hello, I am once again desperately asking for your help, I am working on a simple login page and I am having trouble actually getting it to login. I display error messages for if the user doesn't enter anything but I can't seem to get it to work for if the credentials are wrong. It logs the user in whether the information is right or not and i dont even know what to do now
This is the code any suggestions would be greatly appreciated
<?php
/*
Name: Deanna Slotegraaf
Course Code: WEBD3201
Date: 2020-09-22
*/
$file = "sign-in.php";
$date = "2020-09-22";
$title = "WEBD3201 Login Page";
$description = "This page was created for WEBD3201 as a login page for a real estate website";
$banner = "Login Page";
require 'header.php';
$error = "";
if($_SERVER["REQUEST_METHOD"] == "GET")
{
$username = "";
$password = "";
$lastaccess = "";
$error = "";
$result = "";
$validUser = "";
}
else if($_SERVER["REQUEST_METHOD"] == "POST")
{
$conn;
$username = trim($_POST['username']); //Remove trailing white space
$password = trim($_POST['password']); //Remove trailing white space
if (!isset($username) || $username == "") {
$error .= "<br/>Username is required";
}
if (!isset($password) || $password == ""){
$error .= "<br/>Password is required";
}
if ($error == "") {
$password = md5($password);
$query = "SELECT * FROM users WHERE EmailAddress='$username' AND Password='$password'";
$results = pg_query($conn, $query);
//$_SESSION['username'] = $username;
//$_SESSION['success'] = "You are now logged in";
header('location: dashboard.php');
}else {
$error .= "Username and/or Password is incorrect";
}
}
?>
<div class = "form-signin">
<?php
echo "<h2 style='color:red; font-size:20px'>".$error."</h2>";
?>
<form action = "<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<label for="uname"><b>Login ID</b></label>
<input type="text" name="username" value="<?php echo $username; ?>"/>
<br/>
<label for="psw"><b>Password</b></label>
<input type="password" name="password" value="<?php echo $password; ?>"/>
<br/>
<button type="submit" name="login_user">Login</button>
<button type="reset">Reset</button></div>
</form>
</div>
<?php require "footer.php"; ?>
I am trying to create a login page where i am comparing a username and a password from two text boxes to a username and a password field from a database. I am having trouble getting the database variables to do the comparison with. /////HTML/////////////////////////////////////////////////////////////////////////// User Name: <input id="UserBox" type="text" name="uname" /><br /> Password: <input id="PassBox" type="password" name="pname" /><br /> <input id="theButton" type="button" class="roundedClass" value="Login" onClick="passCheck()" /> /////////////////////////////////////////////////////////////////////////////////////// <script type="text/javascript"> function passCheck() { var u = document.getElementById("UserBox"); var p = document.getElementById("PassBox"); if (u.value == $username && p.value == $password) { window.location.href ='mainPage.html'; } else alert("Invalid username or password.\nPlease try again ."); } </script> ///////////////////////////////////////////////////////// <?php // Include file to Connnect to online database include_once "mysql_connect.php"; // Collects data from table $data = mysql_query("SELECT * FROM login") or die(mysql_error()); while($info = mysql_fetch_array( $data )){ $username=$info['username']; $password=$info['password']; } ?> my question is how can i gain access to $username and $password so they can be used in the passCheck() function as they wont work as above?any help would be appreciated. Eoin. Here is the Code: Code: [Select] <?php include_once("functions/databaseconnect.php"); // Include Database File /* ****** CREATED BY Photonic ********* ****** 1/8/2012 *************************** */ // Start Login Script if(!empty($_POST['user001'])){ // If something is sent thru user input $user = cleanQuery($_POST['user001']); // Clean Sent Info if(!empty($_POST['pass001'])){ // If something is sent thru pass input $pass = cleanQuery($_POST['pass001']); // Clean Sent Info $q = "SELECT * FROM `Colonies001` WHERE `Username001` = '$user'"; // Select All Info from Database Where username is the one sent in user input $res = mysql_query($q) or die(mysql_error()); // Get SQL Resulting Information $row = mysql_fetch_array($res); // Add Information to Variable. if(!empty($res)){ // If information comes back from SQL Result $passEnc = md5($pass); // Encrypt Password for Database Usage. if($row['Passsword001']==$passEnc){ // If Database password is Equal to Encrypted Password $_SESSION['account'] = $row['id']; // Set Session to Account ID for Info Retrieval. header("Location: ingame.php?error=Welcome Back ".$user."!"); // Send Ingame Welcome Back User! }else{ // Else Wrong Pass header("Location: index.php?error=Incorrect Account Information!"); // Send Error } }else{ // Else Query header("Location: index.php?error=Account does not Exist with that Information!"); // Send to Login Page with Error } }else{ header("Location: index.php?error=You must enter a Valid Password!"); } }else{ header("Location: index.php?error=You must enter a Valid Username!"); } ?> Ok even tho the $row['Passsword001'] and $passEnc is the same (I have died both of them out and they ARE the same) it keeps throwing me back to line 43: this keeps running When I know it should not be header("Location: index.php?error=Incorrect Account Information!"); // Send Error Please Help Pho. Hey Guys, Im trying to work on my login script after successfully doing my register script. The problem im having trouble is that when i login with false details, it still prompts me with 'You have logged in". Also if the user is not activated it should say "Account has not been activated." Could someone help me out. Thanks. Code: [Select] <?php include"database.php";?> <html> <head> <title>Login</title> </head> <body> <h1>Manager Login</h1> <form action="login.php" method="post"> <TABLE BORDER="0"> <TR> <TD>Email:</TD> <TD> <input type="text" name="email" size="20"> </TD> </TR> <TR> <TD>Password:</TD> <TD><INPUT TYPE="password" NAME="password" SIZE="20"></TD> </TR> </table> <P> <input type="submit" name="login" value="Login" /> </form> <?php session_start(); if (isset($_POST['login'])) { if (empty($_POST['email']) || empty($_POST['password'])) { $errors[] = "Please fill out all fields."; } $email = $_POST['email']; $password = $_POST['password']; $level = 'level'; $check = mysql_query("SELECT * FROM users WHERE email='".$email."' AND password='".$password."'"); if (mysql_num_rows($check)>=1) { $errors[] = "Wrong Details. Try Again."; } $check = mysql_query("SELECT * FROM users WHERE level='".$level."'"); if (mysql_num_rows($check)>=1) { if ($level == '0') { $errors[] = "Account has not been activated."; }} if (empty($errors)) { echo "You have logged in!"; } else { foreach($errors as $nErrors){ echo $nErrors . "<br>"; } } } ?> how do i edit this, so it links to mySQL database customer table? if($userName=="janet" && $passWord=="qwerty") { // Assign userName to a session variable to track and use on each page $_SESSION['userName']=$userName; // Assign valid string to a session variable to track session validity $_SESSION['status']="valid"; } else { // error state $_SESSION['status']="invalid"; } Hello I was wondering if anyone can spot what I am doing wrong here been trying to get it to work for a good few hours now with no luck! Basically.... A customer logs in = isadmin = 0. It then makes three session vairables: logged in vairable username vairable user id vairable This all works fine it's only when I try to add the second bit which is after the 3 vairables are created another select statement is done to check if there are any orders by this user in the order table. For example where the session "userid" = the customer id in the order table. If there is an order by this user another session vairable will be created carrying the order id if there are no orders the session vairable will not be set. All I seem to get is "warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result..." I hope this makes sense! Don't hesitate to ask if not! Thanks for taking your time having a look. Code: [Select] $sqlu = mysql_query("SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' AND isadmin='0'"); $sqla = mysql_query("SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword' AND isadmin='1'"); if(mysql_num_rows($sqlu)==1) { $resultu = mysql_fetch_assoc($sqlu); $_SESSION["loggedin"] = 1; $_SESSION["gatekeeper"] = $myusername; $_SESSION['userid'] = $resultu['ID']; $ordersql = "SELECT id FROM order WHERE customer_id = '".$_SESSION['userid']."' AND status < 2"; $orderresult = mysql_query($ordersql); $orderrow = mysql_fetch_assoc($orderresult); session_register("ordernum"); $_SESSION['ordernum'] = $orderrow['id']; header("location:menu.php"); } elseif(mysql_num_rows($sqla) == 1) { $resulta = mysql_fetch_assoc($sqla); $_SESSION['admin'] = $myusername; header("location:admincentre.php"); } else header("location:tryagain.php"); ?> Hi ive been trying to get this login to work but it doesn't seem to work please help: login.php: <?php //ob ob_start(); //session session_start(); if (isset($_SESSION['username'])) { header("Location: main.php"); exit(); } //connect $error = 'Could not connect to the database'; mysql_connect('localhost','************','***************') or die($error); mysql_select_db('********') or die($error); if ($_POST['login']) { //get form data $username = addslashes(strip_tags(strtolower($_POST['username']))); $password = addslashes(strip_tags(md5($_POST['password']))); if (!$username||!$password) echo "Please enter a username and password<p />"; else { //find username $find = mysql_query("SELECT * FROM ********** WHERE username='$username' AND password='$password'"); if (mysql_num_rows($find)==0) echo "Username or password is incorrect<p />"; else { $_SESSION['username']=$username; header("Location: main.php"); exit(); } } } ?> main.php <? // You may copy this PHP section to the top of file which needs to access after login. session_start(); // Use session variable on this page. This function must put on the top of page. $username = $_SESSION['username'] ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <link rel=StyleSheet href="style.css" type="text/css" media=screen> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> </head> <body> <div id="nomargin"><img src="banner.jpg" alt="" /></div> <div id="login"><form name="login" method="post" action="login.php"> <table border="0" width="220" align="center"> <tr> <? if(!session_is_registered("username")){ // if session variable "username" does not exist. echo "<td width='71'>Username:</td> <td width='139'><input type='text' name='username' size='16' style='font-family: Times New Roman, Times, serif; font-size: 11pt;' /></td> </tr> <tr> <td width='71'>Password:</td> <td width='139'><input type='password' name='password' size='16' style='font-family: Times New Roman, Times, serif; font-size: 11pt;' /></td> </tr> <tr> <td colspan='2' align='center'><input name='signup' type='submit' value='Log In' style='background-color: #900002; border-color: #555555; color: #FFFFFF; font-weight: bold; width: 60px;' /></td>"; }else{ echo "<td><b>Welcome $username</b> <a href='logout.php'><b>Logout</b></a></td>"; } ?> </tr> </table> </form></div> <div id="menutext"><span class="class1"><a href="**************">Home</a> <a href="http://www.fightwatcher.com">News</a> <a href="http://www.fightwatcher.com">Profile</a> <a href="http://www.fightwatcher.com">Friends & Fighters</a> <a href="http://www.fightwatcher.com">Videos</a> <a href="http://www.fightwatcher.com">Groups</a> <a href="http://www.fightwatcher.com">Forum</a></span></div> </body> </html> Hi. I'm having a little problem creating a login using PHP. Looked at several tutorials and not having much luck. I've created a database in MySql called "member" with a username and password field just to test but don't appear to be getting as far as that. I'm also using XAMPP. So basically the PHP so far is five different pages. "config.inc" contains: <?php $hostname = 'localhost'; // Your MySQL hostname. Usualy named as 'localhost', so you're NOT necessary to change this even this script has already online on the internet. $dbname = 'member'; // Your database name. $username = 'root'; // Your database username. $password = ''; // Your database password. If your database has no password, leave it empty. // Let's connect to host mysql_connect($hostname, $username, $password) or DIE('Connection to host is failed, perhaps the service is down!'); // Select the database mysql_select_db($dbname) or DIE('Database name is not available!'); ?> "index.php" contains: <?php // Inialize session session_start(); // Check, if user is already login, then jump to secured page if (isset($_SESSION['username'])) { header('Location: securedpage.php'); } ?> <html> <head> <title>PHPMySimpleLogin 0.3</title> </head> <body> <h3>User Login</h3> <table border="0"> <form method="POST" action="loginproc.php"> <tr><td>Username</td><td>:</td><td><input type="text" name="username" size="20"></td></tr> <tr><td>Password</td><td>:</td><td><input type="password" name="password" size="20"></td></tr> <tr><td> </td><td> </td><td><input type="submit" value="Login"></td></tr> </form> </table> </body> </html> "loginproc.php" contains: <?php // Inialize session session_start(); // Include database connection settings include('config.inc'); // Retrieve username and password from database according to user's input $login = mysql_query("SELECT * FROM user WHERE (username = '" . mysql_real_escape_string($_POST['username']) . "') and (password = '" . mysql_real_escape_string(md5($_POST['password'])) . "')"); // Check username and password match if (mysql_num_rows($login) == 1) { // Set username session variable $_SESSION['username'] = $_POST['username']; // Jump to secured page header('Location: securedpage.php'); } else { // Jump to login page header('Location: index.php'); } ?> "securedpage.php" contains: <?php // Inialize session session_start(); // Check, if username session is NOT set then this page will jump to login page if (!isset($_SESSION['username'])) { header('Location: index.php'); } ?> <html> <head> <title>Secured Page</title> </head> <body> <p>This is secured page with session: <b><?php echo $_SESSION['username']; ?></b> <br>You can put your restricted information here.</p> <p><a href="logout.php">Logout</a></p> </body> </html> "logout.php" contains: <?php // Inialize session session_start(); // Delete certain session unset($_SESSION['username']); // Delete all session variables // session_destroy(); // Jump to login page header('Location: index.php'); ?> BASICALLY - when i go into this and enter the username and password the same page index.php stays. Apologies for the length of this post, just wanted to get the info in. Also have checked that MySql server is running etc. Finaly Year Project Student here and i don't want to fall at the first hurdle so any help is appreciated |
|||||||