PHP - Problem With Login / Logout
Hi,
I am having a bit of problem with my login/logout script. When user is logged in I want the script to show logout and if they are not login I want the script to show login. The problem is even when the user is logged in it says "you must be logged in Click here to login " here is the script Please help Code: [Select] <?php session_start(); $_SESSION['username'] = $_POST['username']; if ($_SESSION['username']) echo "Welcome, ".$_SESSION['username']."!<br><a href='logout.php'>Logout</a>" ; else die("you must be logged in <a href='Login.php'>Click here to login</a>"); ?> what did I do wrong in this script ? Thanks Similar TutorialsHi, Just wondered if anyone could help Ive been following this tutorial: http://net.tutsplus.com/tutorials/php/user-membership-with-php/ Ive got a simple membership system working now, but just wondering about the login / login links that i currently have. The login link is currently hard coded like so: Code: [Select] <ul id="menu"> <li id="active"><a href="index.html">Home</a></li> <li><a href="About.html">About</a></li> <li><a href="Contact.php">Contact</a></li> <li class="end"><a href="login.php">Login</a></li> </ul> and same for the logout: Code: [Select] <ul id="menu"> <li id="active"><a href="index.html">Home</a></li> <li><a href="About.html">About</a></li> <li><a href="Contact.php">Contact</a></li> <li class="end"><a href="logout.php">Logout</a></li> </ul> But the problem is, when i go to the about us page for example it will still display the login which really it should have logout. Could anyone offer some assistance please I based this off some other pages read, and think I'm doing this wrong or it's just not connecting. Code: [Select] Here's the database table: CREATE TABLE users ( id INT NOT NULL AUTO_INCREMENT, username VARCHAR(30) NOT NULL UNIQUE, password VARCHAR(64) NOT NULL, salt VARCHAR(3) NOT NULL, PRIMARY KEY(id) ); Ando far I have index.php with my login form <form name="login" action="login.php" method="post"> Username: <input type="text" name="username" /> Password: <input type="password" name="password" /> <input type="submit" value="Login" /> </form><br />Would you like to <a href="register.php">register?</a></center> Then I have my actual login on login.php (header.php includes website's main image as well as session_start(): <?php include('header.php'); $username = $_POST['username']; $password = $_POST['password']; //connect to the database here $username = mysql_real_escape_string($username); $query = "SELECT password, salt FROM users WHERE username = '$username';"; $result = mysql_query($query); if(mysql_num_rows($result) < 1) //no such user exists { header('Location: login.php'); die(); } $userData = mysql_fetch_array($result, MYSQL_ASSOC); $hash = hash('sha256', $userData['salt'] . hash('sha256', $password) ); if($hash != $userData['password']) //incorrect password { header('Location: login_form.php'); die(); } else { validateUser(); //sets the session data for this user } //redirect to another page or display "login success" message ?> then I have my register php on register.php: <?php include('header.php'); //retrieve our data from POST $username = $_POST['username']; $pass1 = $_POST['pass1']; $pass2 = $_POST['pass2']; if($pass1 != $pass2) header('Location: register_form.php'); if(strlen($username) > 30) header('Location: register_form.php'); $hash = hash('sha256', $pass1); function createSalt() { $string = md5(uniqid(rand(), true)); return substr($string, 0, 3); } $salt = createSalt(); $hash = hash('sha256', $salt . $hash); $dbhost = 'localhost'; $dbname = 'mygame'; $dbuser = 'root'; $dbpass = ''; $conn = mysql_connect($dbhost, $dbuser, $dbpass); mysql_select_db($dbname, $conn); //sanitize username $username = mysql_real_escape_string($username); $query = "INSERT INTO users ( username, password, salt ) VALUES ( '$username' , '$hash' , '$salt' );"; mysql_query($query); mysql_close(); header('Location: login.php'); ?> and lastly the register form: <center><form name="register" action="register.php" method="post"> Username: <input type="text" name="username" maxlength="30" /> Password: <input type="password" name="pass1" /> Password Again: <input type="password" name="pass2" /> <input type="submit" value="Register" /> </form></center> I am getting the errors: Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /Applications/XAMPP/xamppfiles/htdocs/testing/login.php on line 13 Warning: Cannot modify header information - headers already sent by (output started at /Applications/XAMPP/xamppfiles/htdocs/testing/config.php:1) in /Applications/XAMPP/xamppfiles/htdocs/testing/login.php on line 15 Could someone explain why this is happening? This topic has been moved to Application Design. http://www.phpfreaks.com/forums/index.php?topic=313919.0 I am having problems understanding the reason for why the user has to click logout twice, here's the bulk of the code: <?php ini_set('display_errors',0); require_once 'header.html'; require_once 'db.functions.php'; require_once 'config.php'; $database = dbConnect($host, $username, $password, $database); // should output 1 or nothing at all! if($database == true) { // now connected? // carry on with logic of outputting the blog contents: $result = entries("SELECT * FROM entries"); printf("<table>"); while($row = mysql_fetch_array($result)) { printf(" <tr> <td>%s</td> <td>%s</td> </tr> <tr> <td colspan=\"2\">%s</td> </tr> ", $row[2], $row[4], $row[3]); } printf("</table>"); printf("\n\n"); session_name("jeremysmith_blog"); session_start(); if(array_key_exists('login',$_SESSION)) { if($_SESSION['login'] == 1) // change this to correspond with session on the login.php script { printf("<p>Welcome %s</p> <p>To logout, click <a href=\"index.php?action=logout\">here</a></p> ",$_SESSION['username']); } } else { printf("<p>You are not logged in, please click <a href=\"login.php\">here</a> to login.</p>"); } } else { printf("\n<p id=\"error\">Could not connect to database, please try again later.</p>"); } // init the logout script? if(array_key_exists('action',$_GET)) { if($_GET['action'] == 'logout') { // log user out of the system: unset($_SESSION['login']); unset($_SESSION['username']); session_destroy(); } } printf("\n"); // just for output format! require_once 'footer.html'; Why does the user have to click logout twice, have I missed anything? Any helps appreciated thanks. Hi, im new here Need some help. I have a database which contains users, and for every user i have logged_in value which is 1 if user is logged in and 0 if not. I use this so that user can be logged in only once. When user clicks on logout link i set logged_in on 0. My problem is when browser closes logged_in for current user is not set to 0, and after that user can't login because my site thinks he is already logged in. is there some way I can call some function when browser exits or any other solution? please help Hi there I have this problem with a button that should destroy sessions and then redirects to login page when clicked, pointing to this method: Code: [Select] public function logout(){ $this->logged_in = false; session_start(); session_unset(); session_destroy(); redirect_to("login.php"); } the function is called as bellow: Code: [Select] <form> <input id="logout" name="logout" type="submit" value="logout" onClick="<?php $session->logout(); ?> " /> </form> which is available on a page called index.php, which is the default page where you'll be directed to when logged in or just registered. unfortunately when I'm supposed to be to this page and before even clicking on the button, the function just does the work and redirects to the login page!!!.....any help please [/color][/size] Code: [Select] <?php session_start(); $_SESSION['is_logged_out'] = 1; if($_SESSION['is_logged_out'] ==1) { echo("<SCRIPT LANGUAGE='JavaScript'>window.alert('You had been successfully signed out')</SCRIPT>"); session_unset(); session_destroy(); header("Location:chatframe.php"); } ?> I got this error Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\login\logout.php:6) in C:\xampp\htdocs\login\logout.php on line 9 which mistake im put? this is not working Code: [Select] <?php session_start(); $username = $_SESSION['username']; echo mysql_query("UPDATE members SET online='0' WHERE username='$username' AND online='1'"); session_destroy(); echo "You've been logged out. <a href='index.php'>Click here</a> to return."; ?> what im trying to do is change the online mysql data from 1 back to 0 as i want to show when a user is on and off line can anyone help Hi, How logout is executed after 15 min. if does not hit or refresh any page. When writing a logout script in PHP what steps should i take? Should i: 1.) unset all session vars like: unset($_SESSION["var1"]); unset($_SESSION["var2"]); or calls session_unset(); 2.) destroy session cookie like: setcookie(session_name(), "NULL", time()-60, $params['path'], $params['domain'], $params['secure'], isset($params['httponly'])); 3.) finally destroy the session data by calling session_destroy(); or maybe just only unset the session vars - that is making only the first step? I'm asking because I've seen many logout scripts that doesn't involve these 3 steps (i most cases doing only the first one as i stated) Thx. for help. how to logout using session in proper way ? can you give me the code Hey guys, me again. A few of you were helping me with my login script, which I did finally get working. I am having one small problem though. Upon clicking the logout link, it does not re-direct back to the login page, it just stays blank. I have pasted my code from my logout.php file for reference. Thanks in advance for your help! Logout.php code <?php session_start(); session_destroy(); { header("location: login.php"); } exit(); ?> I was wondering if there is away to set a logout message when you are using sessions this is my code <?php session_start(); if($_SESSION[auth] = "yes") { session_unset(); session_destroy(); header( "Location: index.php" ); exit(); } else { if ($_SESSION[auth] != "yes") { header( "Location: index.php" ); $_SESSION['error'] = "please login!"; exit(); } } ?> For some reason my logout is not working properly. I searched other forum posts and read some tutorials but I still have an issue. Do this to create session: Code: [Select] $_SESSION['username'] = $row['username']; setcookie('username', $row['username'], time() + (60 * 60 * 24 * 5)); Do this to log out the user Code: [Select] session_start(); session_unset(); $_SESSION = array(); setcookie(session_name(), '', time() - 3600); session_destroy(); setcookie('username', '', time() - 3600); Above all else I am trying to end the $_SESSION['username'] Thank you all Hey! I have a table...with a column isOnline which is set to 1 when logging in (using login.php)...and 0 when logging out (logout.php), its how I determine whos logged in and whos not (in statistics etc.) Now the problem is if they dont have the remember me enabled..and don't log themselfs out via logout.php (which sets the isOnline to 0)...and close their browser the $_SESSIONS's get destroyed (which means their physically not logged in)...and their isOnline remains at 1 (even though their logged out) Another problem..is if they login with remember me enabled (as they want to remain logged in)....and close their browser or whatever, isOnline will still remain as 1 (theirfore others will think their online). For your info: In login.php I do an UPDATE query adding the current time generated by time() into the loginTime column...and also setting isOnline to 1. So my question is how can I overcome this, I have the isOnline (1 = logged in, 0 not logged in) and loginTime (which contains the login timestamp)? Cheers Hello, I'm currently storing a timestamp of the users last activity in my database in which if that hasn't been updated for 15 minutes (for testing doing 2 minutes) I want it to log the user out. I have been trying different things but they all seem to log me out even though they shouldn't be. Example of something I've tried $Online = time() - 120; if ($CheckOnline['lastaction'] < $Online){ header("Location: Logout.php"); session_destroy(); } Am I going at this the wrong way.? If I do $Online < $CheckOnline['lastaction'] it keeps me logged in but never logs me out.
Any help would be brillaint.
Thank you! I had set this value into the super global $_SESSION in the first file, file_1.php: <?php //there is some code here $_SESSION['salesorder'] = 'are---io'; //remaining code, includes a form. ?> When the submit button is clicked, the form is submitted to file_2.php <?php //some code over here if (isset($_POST['sales']) && $_POST['sales'] != ""){ $sales = sanitize_input(trim($_POST['sales'])); $_SESSION['salesorder'] = $sales; $host = $_SERVER['HTTP_HOST']; $uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\'); $extra = 'processSO_helper_sd.php'; header("Location: http://$host$uri/$extra?so=".$sales); exit(); } //Begin display include 'inc_fn_header_and_menu.php'; //some code over here ?> which will redirect to processSO_helper_sd.php <?php // Initialize session session_start(); $SD_ID = $_SESSION['salesorder']; $result = $db->query($sql); $row = $result->fetch_assoc(); $rowcount =$row['row_count'];*/ //print_r($_SESSION);//* $result = $tmonedb->query("SELECT COUNT(*) FROM document WHERE SD_ID = $SD_ID")->fetch_array(); $rowcount = $result[0]; //remaining code ?> My problem is that I cannot access the $_SESSION['salesorder'] in the last file processSO_helper_sd.php although I have set it twice previously. I could not add session_start(); in the file_2.php because that was already added in 'inc_fn_header_and_menu.php'; Can someone help me with this? Thank you. Please tell me if you need any additional information. is it possible to update data in mysql when a user clicks logout? Hey there guys, small problem here that I can't seem to figure out. I am in the process of programming a database with user-access control. I have the log-in system working great, but the logout link, which is located next to the logged-in username seems to not be echoing correctly. It is loading the 'Logout' text in text-form only, not link-form.... Any ideas on what may be causing this small glitch?? Thanks!! I have attached relevant code for said part for reference. <img src="images/username.png" height="20" width="20"> <b>Welcome</b> <?php echo ("<font color=#9e0219>$username</font>");?>, <?php echo '<a href="logout.php">Logout</a>';?> i have added a member area to my wordpress site. everything works good, login, edit, delete, etc. But when i upload the logout.php file to the godaddy server, it starts logging me out on every page. The programs work fine without the logout file, but as soon as it is uploaded it keeps logging out. here is the logout.php i am using <?php // If the user is logged in, delete the session vars to log them out session_start(); if (isset($_SESSION['user_id'])) { // Delete the session vars by clearing the $_SESSION array $_SESSION = array(); // Delete the session cookie by setting its expiration to an hour ago (3600) if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time() - 3600); } // Destroy the session session_destroy(); } // Delete the user ID and username cookies by setting their expirations to an hour ago (3600) setcookie('user_id', '', time() - 3600); setcookie('username', '', time() - 3600); // Redirect to the home page $home_url = 'http://' . $_SERVER['HTTP_HOST'] . '/my-account/'; header('Location: ' . $home_url); ?> i have looked around the internet but haven't found any solutions. Please help. Thank you |