I hope someone can show me a good way to conquer my problem!
I'm creating a members area and on the left hand side of my page there is a login box visible on every page.
When the user logs in that box turns in to a control panel that gives a simple greeting and displays
a few links for members only. The problem is that when the user logs in obviously a session is started and the POST
variables are posted to the page but the login box doesnt change to the control panel.
The rest of the page does change however (i.e to the members area). It is only when i refresh the page that the log in box finally changes to the control panel.
heres my code:
Code: Select all
<?php
if (isset ($_SESSION['user_logged']) && $_SESSION['user_logged'] != "") {
?>
<div id="loginset">
<img src="images/left-members-logged.png" />
<h3>Hello <?php print $_SESSION['user_logged']; ?></h3>
<p>You are logged in!
<br />
<a href="logout.php">Logout</a></p>
</div> <!-- close loginset --->
<?php
} else { // No session, provide login
?>
<div id="login">
<img src="images/left-members.png" />
<form action="members.php" method="post">
<p><b>Username:</b><input type="text" name="username" size="15" /></p>
<p><b>Password:</b><input type="password" name="password" size="15" /></p>
<p><input type="submit" name="submit" value="Login" /></p>
</form>
</div> <!-- close login --->
<?php }
//error check
if (isset ($_POST['submit']) && $_POST['submit'] == "Login"){ // if submit is pressed
if ($_POST['username'] != "" && // and username and password not empty run SQL
$_POST['password'] != "")
{
$query = "SELECT username, password FROM user_info " .
"WHERE username = '" . $_POST['username'] . "' " .
"AND password = (PASSWORD ('" . $_POST['password'] . "'))";
$result = mysql_query($query) or die(mysql_error());
if (mysql_num_rows($result) == 1 ){
$_SESSION['user_logged'] = $_POST['username'];
$_SESSION['user_password'] = $_POST['password'];
} else { echo "<b>The username and/or password were not found, please try again.</b>"; }
} else {
echo "<b>Please input a valid username and password.</b>";
}
}?>Thanks guys