|
PHP - User Multiple Login But Having $_session Variable Problem
Quote
Hi guys, I have a question, I have a fairly large site wich we have resellers for, but in certain circumstances for admin purposes, we need to be able to login under the same credentials EG: I might be doing something on one machine and i need to log in on another machine to do something else but with my user name and pass At the moment when i try to to this It will log out the session already logged in when i try to log in from the other machine Is there away around this,, i suspect that when i log in from the other machine its ending the first session Any Idears Guys and Gals..... really stuck Similar Tutorials
First let me explain my code. This is later included in project_status.php] . In project_status.php] , I have included another file project_status_app.php which contains a HTML form.
<?php
include 'inc_fn_header_and_menu.php';
function includeFile($file,$variable) {
$var = $variable;
include($file);
}
if (isset($_GET['id']) && $_GET['id']!="") {
$pid = $_GET['id'];
$_SESSION['pidForApproval'] = $_GET['id'];
$query = 'SELECT * FROM `profile` WHERE pid ='.'\''.$pid.'\'';
$result=mysqli_query($db,$queryToRetrievePP) or die("There are no records to display ... \n" . mysqli_error());
foreach ($result as $row) {
$status = $row['status'];
}
}
...........some PHP and HTML code.......
<div id="customerPurchaseApprovalForm">
<?php
echo '<p>APPROVAL FOR CUSTOMER PURCHASE</p>';
$discountApprovalStatus = "Granted";
if ($discountApprovalStatus == "Granted") {
includeFile("project_status_app.php",$highestannualvalue);
} else {
//.........
}
In project_status_app.php I am attempting to retrieve pidForApproval from the $_SESSION array.
<?php
// put your code here UPDATE `pp` SET `customer_purchase_remarks` = 'hahaha' WHERE `pp`.`id` = 207;
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
include '../../inc/fastlogin.php';
$sql = "UPDATE pp SET customer_purchase_remarks ='{$_POST['remarkstxt']}' WHERE pp.pid='{$_SESSION['pidForApproval']}'";
$result = mysqli_query ( $fastdb, $sql ) ;
if (mysqli_affected_rows($fastdb) != 1) {
$_SESSION['err_cpa_rmks'] = "<p>Error while updating WHERE id='{$_SESSION['pidForApproval']}'</p>";
//echo "<p>Error while updating WHERE id='{$_POST['pidForApproval']}'</p>".mysqli_error($fastdb);
} else {
$_SESSION['suc_cpa_rmks'] = "<p>Records was updated successfully.</p>";
//echo "Records was updated successfully.";
}
header ("location: project_status.php?id="$_SESSION['pidForApproval']);
exit();
}
?>
When I load project_status.php, project_status_app.php is supposed to display the form. Once the user fills in the form the and the submit button has been pressed, the UPDATE statement is supposed to run and then it is supposed to navigate back to project_status.php?id=FA142. But the update is failing and the when the project_status.php is loaded back, the url looks like this http://localhost/fast/project_status.php?id= . The id is empty. It is supposed to be something like this http://localhost/fast/project_status.php?id=FA142. With the id being populated at the
header ("location: project_status.php?id=".$_SESSION['pidForApproval']);
Missing some information. Hey guys, I have an issue with my php code. After registering in my site, i (the user) can't login again. It displays a message: Quote The email and password combination you entered is incorrect. Code: [Select] <?php if(logged_in()) { $user_data = user_data('name'); echo 'Welcome, ', $user_data['name']; } else { ?> <form action="" method="post" > <p> Email: <input type="email" name="login_email" /> Password: <input type="password" name="login_password" /> <input type="submit" value="Log in" /> </p> </form> <?php } if (isset($_POST['login_email'], $_POST['login_password'])) { $login_email = $_POST['login_email']; $login_password = $_POST['login_password']; $errors = array(); if(empty($login_email) || empty($login_password)){ $errors[] = 'Email and password are required!'; } else { $login = login_check($login_email, $login_password); if($login === false) { $errors[] = 'The email and password combination you entered is incorrect.'; } } if(!empty($errors)) { foreach ($errors as $error) { echo $error. '<br />'; } } else { $_SESSION['user_id'] = $login; header('Location: index.php'); exit(); } } ?> And here's the function where I call check the login: Code: [Select] <?php function login_check($email, $password) { $email = mysql_escape_string($email); $login_query = mysql_query("SELECT COUNT(`user_id`) as `count`, `user_id` FROM `users` WHERE `email`='$email' AND `password`='".md5($password) ."'"); return(mysql_result($login_query, 0) == 1) ? mysql_result($login_query, 0, 'user_id') : false; echo mysql_error(); } ?> Any clue of what this could be? I would appreciate your assistance, there are tons of login scripts and they work just fine. However I need my operators to login and then list their activities for the other operators who are logged in to see and if desired send their clients on the desired activity. I have the login working like a charm and the activities are listed just beautifully. How do I combine the two tables in the MySQL with PHP so the operator Logged in can only make changes to his listing but see the others. FIRST THE ONE script the member logges in here to the one table in MSQL: <?php session_start(); require_once('config.php'); $errmsg_arr = array(); $errflag = false; $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } $login = clean($_POST['login']); $password = clean($_POST['password']); if($login == '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'Password missing'; $errflag = true; } if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: login-form.php"); exit(); } $qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'"; $result=mysql_query($qry); if($result) { if(mysql_num_rows($result) == 1) { session_regenerate_id(); $member = mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $member['member_id']; $_SESSION['SESS_FIRST_NAME'] = $member['firstname']; $_SESSION['SESS_LAST_NAME'] = $member['lastname']; session_write_close(); header("location: member-index.php"); exit(); }else { header("location: login-failed.php"); exit(); } }else { die("Query failed"); } ?> ................................................. ................................ Now I need the person who logged in to the table above to be able to make multiple entries to the table below <? $ID=$_POST['ID']; $title=$_POST['title']; $cost=$_POST['cost']; $activity=$_POST['activity']; $ayear=$_POST['aday']; $aday=$_POST['ayear']; $seats=$_POST['special']; $special=$_POST['seats']; mysql_connect("xxxxxx", "xxx350234427", "========") or die(mysql_error()); mysql_select_db("xxxx") or die(mysql_error()); mysql_query("INSERT INTO `activity` VALUES ('ID','$title', '$cost','$activity', '$aday', '$ayear', '$special', '$seats')"); Print "Your information has been successfully added to the database!" ?> Click <a href="member-profile.php">HERE</a> to return to the main menu <?php ?> When a user logs into my site I was to store the user_name, user_role, and user_id in a session variable, then store this in a regular variable to make querying easier, but I am having issues with my code as its causing issues with my queries. Code: [Select] if (mysqli_num_rows($data) > 0) { //set sessions $row = mysqli_fetch_array($data); $_SESSION['username'] = $row['username']; $_SESSION['user_role'] = $row['role']; $_SESSION['user_id'] = $row['user_id']; //set variables $username = $_SESSION['username']; $user_role = $_SESSION['user_role']; $user_id = $_SESSION['user_id']; } Any ideas whats wrong?! Thanks for the help!! Code: [Select] <?php function Login() { session_start(); $_SESSION["loggedin"] = true; echo "You are logged in!"; header("Location: ../L_index.php"); //Aka Logged in Index. } function Logout() { $_SESSION["loggedin"] = false; session_destroy(); } function checklogin() { session_start(); if ($_SESSION["loggedin"] == true) { return true; } else { return false; } } ?> This is just a tiny bit of my code, there is security holes, but as you see, there is 3 functions: Login Logout Checklogin But when i use the Login function, everything is fine, but if i then use the checklogin, then it always returns true(it returns true after i used the logout function), why? Hi guys, Can anyone assist me. I am trying to create a login for admin and user (if user not a member click register link) below is my code: But whenever I enter the value as: Username: admin Password:123 - I got an error message "That user does not exist!" Any suggestion and help would be appreciated. Thanks. login.php <?php //Assigned varibale $error_msg as empty //$error_msg = ""; session_start(); $error_msg = ""; if (isset($_POST['submit'])) { if ($a_username = "admin" && $a_password = "123") { //Define $_POST from form text feilds $username = $_POST['username']; $password = $_POST['password']; //Add some stripslashes $username = stripslashes($username); $password = stripslashes($password); //Check if usernmae and password is good, if it is it will start session if ($username == $a_username && $password == $a_password) { session_start(); $_SESSION['session_logged'] = 'true'; $_SESSION['session_username'] = $username; //Redirect to admin page header("Location: admin_area.php"); } } $username = (isset($_POST['username'])) ? $_POST['username'] : ''; $password = (isset($_POST['password'])) ? $_POST['password'] : ''; if($username && $password) { $connect = mysql_connect("localhost", "root", "") or die ("Couldn't connect!"); mysql_select_db("friendsdb") or die ("Couldn't find the DB"); $query = mysql_query ("SELECT * FROM `user` WHERE username = '$username'"); $numrows = mysql_num_rows($query); if ($numrows != 0){ while ($row = mysql_fetch_array($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } //Check to see if they are match! if ($username == $dbusername && md5($password) == $dbpassword) { header ("Location: user_area.php"); $_SESSION['username'] = $username; } else $error_msg = "Incorrect password!"; //code of login }else $error_msg = "That user does not exist!"; //echo $numrows; } else $error_msg = "Please enter a username and password!"; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Login Page</title> </head> <body> <br /> <?php require "header.php"; ?><br /> <div align="center"> <table width="200" border="1"> <?php // If $error_msg not equal to emtpy then display error message if($error_msg!="") echo "<div id=\"error_message\"style=\"color:red; \">$error_msg</div><br />";?> <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post"> <!--form action="login_a.php" method="post"--> Username: <input type="text" name="username" /><br /><br /> Password: <input type="password" name="password" /><br /><br /> <input type="submit" name = "submit" value="Log in" /> </form> <p> </p> Register a <a href="register.php">New User</a> </table> </div> </body> </html> Hi all, here's my code: Code: [Select] <?php foreach ($_SESSION['topping'] as $value) { echo "<tr><td width='30%'>Topping</td><td width='50%'>$value</td><td width='20%'><select name='notopping'>"; foreach ($_SESSION['cupcake'] as $number) { '<option name="notoppings[]" value="'.$number.'">".$number."</option>'; } echo "</select></td></tr>"; } ?> $_SESSION['cupcake'] is a value from either 6, 12, 24 or 36. What I want to do is put them into a drop down box (second foreach) as the value and the displayed value - counting up from 1 (so 1,2,3,4,5,6 or up to 12,24 etc). Also by creating this as an array, does this mean than for each topping (say Vanilla and Chocolate) the value dynamically created can be used on the next page by using $_POST['notoppings'] to display each type (two different numbers - one for Vanilla and one for Chocolate). Does that make sense? Thanks! Jason Hallo everybody,
the user is in the table, but i get error (user not found!).
thank you very much for your help
Rafal
<!DOCTYPE html>
<html>
<head>
<title>index</title>
<meta http-EQUIV="CONTENT-LANGUAGE" content="en">
<?php
SESSION_START();
include("abc.php");
$link2 = mysqli_connect("$hoster", "$nameuser", "$password", "$basedata")
or die ("connection error" . mysqli_error($link2));
$email = $_POST["inp_email"];
$pwd = $_POST["inp_pwd"];
if($email && $pwd)
{
$chkuser = mysqli_query("SELECT email FROM $table2 WHERE email = '$email' ");
$chkuserare = mysqli_num_rows($chkuser);
if ($chkuserare !=0)
{
$chkpwd = mysqli_query("SELECT pwd FROM $table2 WHERE email = '$email'");
$pwddb = mysqli_fetch_assoc($chkpwd);
if (md5($pwd) != $pwddb["pwd"])
{
echo "Password is wrong!";
}
else
{
$_SESSION['username'] = $email;
header ('Location:list.php');
}
}
else
{
echo "user not found!";
}
}
else
{
echo "enter your Email and Password!";
}
mysqli_close($link2);
?>
</head>
<body style="font-family: arial;margin: 10; padding: 0" bgcolor="silver">
<font color="black">
<br>
<form action="index.php" method="post">
<b>Login</b><br><br>
<table width="100%">
<tr><td>
Email:<br><input type="text" name="inp_email" style="width:98%; padding: 4px;"><br>
Password:<br><input type="password" name="inp_pwd" style="width:98%; padding: 4px;"><br>
<br>
<input type="submit" name="submit" value="Login" style="width:100%; padding: 4px;">
</td></tr>
</table>
</form>
</font>
</body>
</html>
Hallo everybody,
i have the following code.
but i get allways this error while the user exist in the database.
User not found!
what do i do wrong?
thank you very much for your help
Rafal
<html>
<head>
<?php
$connection = mysql_connect("db.xyz.com", "username", "password")
or die ("connection fehler");
mysql_select_db("db0123456789")
or die ("database fehler");
$email = $_POST["inp_email"];
$pwd = $_POST["inp_pwd"];
if($email && $pwd)
{
$chkuser = mysql_query("SELECT email FROM gbook WHERE email = '($email)' ");
$chkuserare = mysql_num_rows($chkuser);
echo $email;
echo $pwd;
if ($chkuserare !=0)
{
$chkpwd = mysql_query("SELECT pwd FROM gbook WHERE email = '($email)' ");
$pwddb = mysql_fetch_assoc($chkpwd);
if ($pwd != $pwddb["pwd"])
{
echo "password is wrong!";
}
else
{
echo "login successed";
}
}
else
{
echo "User not found!";
}
}
else
{
echo "Pleas enter your email and password!";
}
mysql_close($connection);
?>
</head>
<body>
<form action="login.php" method="post">
Email <input type="text" name="inp_email"><br>
Password <input type="text" name="inp_pwd"><br>
<input type="submit" name="submit" value="login">
</form>
</body>
</html>
Edited by rafal, 21 September 2014 - 04:33 PM. I am trying to allow the user to update a variable he chooses by radio buttons, which they will then input text into a box, and submit, to change some attributes. I really need some help here. It works just fine until I add the second layer of variables on top of it, and I can't find the answer to this question anywhere. <?PHP require('connect.php'); ?> <form action ='' method='post'> <select name="id"> <?php $extract = mysql_query("SELECT * FROM cars"); while($row=mysql_fetch_assoc($extract)){ $id = $row['id']; $make= $row['make']; $model= $row['model']; $year= $row['year']; $color= $row['color']; echo "<option value=$id>$color $year $make $model</option> ";}?> </select> Which attribute would you like to change?<br /> <input type="radio" name="getchanged" value="make"/>Make<br /> <input type="radio" name="getchanged" value="model"/>Model<br /> <input type="radio" name="getchanged" value="year" />Year<br /> <input type="radio" name="getchanged" value="color" />Color<br /><br /> <br /><input type='text' value='' name='tochange'> <input type='submit' value='Change' name='submit'> </form> //This is where I need help... <?PHP if(isset($_POST['submit'])&&($_POST['tochange'])){ mysql_query(" UPDATE cars SET '$_POST[getchanged]'='$_POST[tochange]' where id = '$_POST[id]' ");}?> Hi all, I'm in trouble with a strange problem. At the system login a script sets a $_SESSION['status'], this keeps user status for admin (a), user (u), and so on... In another part of the system I need to post a value also called 'status': Code: [Select] <input value="N" type="hidden" name="status"/> and this 'status' value has nothing to do with 'status' session. The problem is that when I post the value 'N' it overwrite the session value, crashing the system then. The most strange is that on the localhost the problem does not happen, it only occurs on the server. Any clue? Thankx Danilo Jr. Hiya, I'm quite new to php. My script was working fine till I transferred to a new host. The login system doesn't seem to register the $_SESSION 'userid' variable, so the proper page won't load because it thinks I'm not logged in. login.php - processes the login information Code: [Select] <?php session_start(); include('functions.php'); connect(); // note: session_start needs to be on every document apart // from index.php, login.php and register.php $username = protect($_POST['username']); $password = protect($_POST['password']); // the password and username from the inputs are stored in variables if ($username&&$password) { // if both the username and password variables are true $query = mysql_query("SELECT * FROM users WHERE username='$username'"); $numrow = mysql_num_rows($query); if ($numrow!=0) { // if $numrow does not equal nothing while ($row = mysql_fetch_assoc($query)) { $userid = $row['userid']; $dbusername = $row['username']; $dbpassword = $row['password']; } if ($username==$dbusername&&md5($password)==$dbpassword) { // $password gets encrypted so it can be checked on the database password $_SESSION['username'] = $username; $_SESSION['userid'] = $userid; // used for sessions knowing who is logged in header("Location:main.php"); // redirects to main.php page after successful login } else { echo "Incorrect password"; } } else { ?> <html> <head> <title>University Crusade</title> <link rel="stylesheet" href="css/style.css" type="text/css" media="screen"> <meta name="viewport" content="width=device-width, minimum-scale=1,maximum-scale=1, user-scalable=no"> </head> <body> <div id="wrapper"> <?php die (" That account doesn't exist...<br /><a href=\"index.php\">try again,</a> <a href=\"register.php\">or register an account.</a> "); } } else { die("Please enter a username and password"); } ?> </div> <div id="footer"> </div> </body> </html> and the main.php - after login.php it takes the user here Code: [Select] <?php session_start(); include('functions.php'); connect(); ?> <html> <head> <title>University Crusade</title> <link rel="stylesheet" href="css/new.css" type="text/css" media="screen"> <meta name="viewport" content="width=device-width, minimum-scale=1,maximum-scale=1, user-scalable=no"> </head> <body> <?php if (isset($_SESSION['userid'])) { include('safe.php'); ?> <ul id="tab-nav"> <li><a href="stats.php" id="tab-character">CHARACTER</a></li> <li><a href="games.php" id="tab-games">GAMES</a></li> <li><a href="account.php" id="tab-account">ACCOUNT</a></li> </ul> <div id="wrapper"> <h2 id="name">Hello, <?php echo $_SESSION['username'] ?>!</h2> <p> Welcome to UNIVERSITY CRUSADE the fantasy-themed pervasive web game! </p> <p> To start playing, begin with clicking the "games" button at the top of the screen, from there choose a challenge and follow the instructions </p> <p> What are the other buttons for? Well, the "account" button (top-right) is where you can change settings for your account - things like changing your password, deleting your account etc. The "character" button (top-left) when clicked takes you to your character, you can change your display picture, view your statistics and battle other players. </p> <p> More help with the game is available in the "account" section, this includes a detailed game manual describing in-detail game concepts and information. </p> </div> <div id="footer"> <a href="logout.php" class="button">log me out</a> </div> <?php } else { die (" <div id=\"wrapper\"> <p>Opps! You don't seem to be logged in...</p> <a class=\"button\" href=\"index.php\">login now</a><br /> <p>Don't have an account? No worries, just <a href=\"register.php\">register for one.</a></p> </div> "); } ?> </body> </html> I appreciate any help, as I'm left scratching my head. So like When somones enter my site it shows them as a guest, but then if they havn't clicked anywere for about 5minutes and then refresh or if somone else refresh it will delete from the active users list because it's been over 5 minutes, but then if that same person refreshes again my script wont catch them as a GUEST AGAIN!! It just shows no one online, none of my if's catch him and put him in the ibf_session table! Code: [Select] //check for cookies //If no username, Is a Guest, Has COOKIE_ID and cookie USER_NAME and COOKIe PASSWORD if(!isset($_SESSION['user_name']) && !isset($_SESSION['is_guest']) && isset($_COOKIE['user_id']) && isset($_COOKIE['user_name']) && isset($_COOKIE['password'])){ $user_cond = "user_name='{$_COOKIE['user_name']}'"; $sql = "SELECT `id`,`user_name`,`approved` FROM users WHERE $user_cond AND `pwd` = '{$_COOKIE['password']}' AND `banned` = '0' "; $result = mysql_query($sql) or die (mysql_error()); $num = mysql_num_rows($result); // Match row found with more than 1 results - the user is authenticated. if ( $num > 0 ) { list($id,$full_name,$approved) = mysql_fetch_row($result); if(!$approved) { echo "YOU FREAKING HACKER"; exit(); } $_SESSION['user_id']= $id; $_SESSION['user_name'] = $full_name; $lol = session_id(); //$minute5 = 30 ? (time() - 30) : (time() - 3600); // mysql_query("DELETE FROM ibf_sessions WHERE running_time < {$minute5}"); mysql_query("INSERT INTO ibf_sessions (id, member_name, member_id, ip_address, running_time, location, member_group) ". "VALUES ('".$lol."', '{$_SESSION['user_name']}', '{$_SESSION['user_id']}', '{$_SERVER['REMOTE_ADDR']}', '".time()."', ". "'Index', '1')") or die(mysql_error()); unset($_SESSION['is_guest']); } } $lol = session_id(); //Thanks if (!$id) { //Create Guest Session ~ if (!isset($_SESSION['user_id']) && @(!$_SESSION['is_guest']) && !isset($_COOKIE['password'])) { //$minute5 = 39 ? (time() - 30) : (time() - 3600); //echo $minute5; // mysql_query("DELETE FROM ibf_sessions WHERE running_time < {$minute5}"); mysql_query("INSERT INTO ibf_sessions (id, member_name, member_id, ip_address, running_time, location, member_group) ". "VALUES ('".$lol."', 'Guest', '0', '{$_SERVER['REMOTE_ADDR']}', '".time()."', ". "'Index', '0')") or die(mysql_error()); $_SESSION['is_guest'] = 'yes'; } } if (isset($_SESSION['user_id']) && !isset($_SESSION['is_guest'])) { mysql_query("UPDATE ibf_sessions SET member_name='{$_SESSION['user_name']}',member_id='{$_SESSION['user_id']}',member_group='1', running_time='".time()."', in_forum='".$f."', in_topic='".$topicid."', location='".$act."' WHERE id='".$lol."'") or die(mysql_error()); } else { mysql_query("UPDATE ibf_sessions SET member_name='Guest',member_id='0',member_group='0', running_time='".time()."', in_forum='".$f."', in_topic='".$topicid."', location='".$act."' WHERE id='".$lol."'") or die(mysql_error()); } Thanks, it might be confusing but re read Hi, I'm kinda new to php, so I followed a video tutorial on making a login/registration system and nearly everything works, except for when a registered user follows a link to the members.php page, the $_SESSION variable is supposed to check if they are logged-in and say "Welcome, [name of user]!. But it keeps saying I need to be logged in, even though I am. The php code from the members.php page. Code: [Select] if ($_SESSION['username']) { echo "Welcome," .$_SESSION['username']. "!"; } else { die ("You must be logged in."); } This is the php code form the login page. Code: [Select] session_start(); $username = $_POST['username']; $password = $_POST['password']; if ($username&&$password) { $connect = mysql_connect("localhost","root","password") or die ("Unable to connect"); mysql_select_db("database") or die ("Unable to find database"); $query = mysql_query("SELECT * FROM users WHERE username='$username'"); $numrow = mysql_num_rows($query); if ($numrow!=0) { // while ($row = mysql_fetch_assoc($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } if ($username==$dbusername&&md5($password)==$dbpassword) echo "You're in! - <a href=\"members.php\">Go to members page</a>"; $_SESSION['username'] == $dbusername; } else { echo "Incorrect password"; } } else { die ("That user doesn't exist"); } } else { die("Please enter a username and password"); } Any help would be much appreciated. I am trying to create a history of requested URI's (upto 3) for two purposes Login page and Error Logging. My problem is the Session is written and the values are set yet i can not retrieve the values in it upon a refresh. The use of an Array is to manage the quantity of max values (not written in yet).
<?phpSession contains
REQUEST_URI|a:1:{i:0;s:19:"1422925783,/~Debug/";}
After a refresh i expect
REQUEST_URI|a:2:{i:0;s:19:"1422925783,/~Debug/";i:1;s:28:"1422925784,/~Debug/index.php";}
Yet it only contains
REQUEST_URI|a:1:{i:0;s:28:"1422925784,/~Debug/index.php";}
Hello, Ok. I would like to be able to do this :: http://webdeveloper.50webs.com/js.login.htm in PHP and with a database. I know it may look like a simple login script, but I would like it to redirect to a specific URL based on each user. I.E. "http://example.com/users/index.php" is the login page, and once the user logs in, it would redirect them to "http://example.com/users/username/" Unless someone has a better idea. I know this isn't secure (because someone could just change the url to a different username, and they now have access to that users account.) The only reason I would like to do it this way, is because I have an upload script, and because of the way it uploads, the files are placed in a folder (So username/files is were the files are stored) and I have a file browser (username/browser.php) And I don't know how to display only the files the user has uploaded. (I.E. if I had one main file that the users see once they login, they would all see everyones uploads.) I would forfeit a tiny bit of security if users had there files not publicly visible. (People still have to login to see the files, and they would have to know the URL to a specific username.) So basically what I would like to do, is have a database (I.E. "Users") and have a table in that database with "username" "password" "email" "URL" and the PHP script looks up the database, and checks the username, and the password, and if they match, looks at the URL and sees were its supposed to redirect the user. I have attached the PHP code I have found, and use. If anyone knows how to do this, please let me know! Thanks in advance! Cheers! ------ Anders I am having trouble finding a tutorial on how to have a login system like facebook and many other sites where when you login you get taken to your own profile with your own information using PHP and Mysql. Any help would be much appreciated. Thanks I have a question for some more advanced developers out there. I am creating a user login class that I want to make secure. Now without cookies, no problem but everyone wants a remember me . So what I was planning on doing was storing a single unique value in a cookie. Now when the user visits the page it will check there unique value against the values in the database. Then what I wanted to do was have some other data that is unique to that user to see if they are the same person or not. For example when user A with ip address 0.0.0.0 goes to access my page and has a cookie stored it will check the database for user with ip address 0.0.0.0 and the unique value in there cookie. Now my question is, what values should I check against. It is my understanding that users can spoof ip addresses so that isnt exactly the best check. I was also going to use the hostname as well but you have to have the right ip address in order to check it so that isnt really reliable either. Another option is securing it another way. If anyone has any other suggestions that are secure to do a user login please let me know. I am open to anything at this point because I am creating the system from scratch. However, only secure systems are the way I want to go. I have advanced experience in php so dont worry about me not understanding . Any help is appreciated. Hello can someone point me into the right direction? I've got this code: if ($userdata["user_level"] <> 1 ){ die(); } The above code works but now I want to give users with level 3 also acces but not the users having level 2. Anyone has an idea? Regards Richard |
|||||||