Code doesnt work

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Worqy
Forum Newbie
Posts: 20
Joined: Tue Feb 02, 2010 6:41 am

Code doesnt work

Post by Worqy »

Hello.
When i tested my login script I saw that the 'login system' doesnt work.
I'll explain more later, here is the codes:
login.php

Code: Select all

<html>
<form name="form1" method="post" action="checklogin.php">
<head>
    <meta http-equiv="Content-Language" content="fi">
    <title>Login</title>
</head>
<body bgcolor="#666666">
 
 
<p align="center"><font face="Aharoni" size="5">Login</font></p>
<p align="left">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; 
Login</p>
 
<input name="myusername" type="text" id="myusername">&nbsp;
<p>
<input name="mypassword" type="password" id="mypassword"></p>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
<input type="submit" name="Submit" value="Login">
</body>
</form>
</html>
 
login_success.php

Code: Select all

<?php
// Check if session is not registered , redirect back to main page.
// Put this code in first line of web page.
session_start();
if(!session_is_registered(myusername)){
header("Location:login.php");
}
?>
 
<html> 
 
<head>
<meta http-equiv="Content-Language" content="fi">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Login Success</title>
 
<body bgcolor="#666666" onload="FP_preloadImgs(/*url*/'button6.jpg',/*url*/'button7.jpg',/*url*/'button9.jpg',/*url*/'buttonA.jpg',/*url*/'buttonC.jpg',/*url*/'buttonD.jpg')">
 
<p align="center">&nbsp;</p>
<p align="center"><i><font size="5" face="Aharoni">You have been logged in 
successfully!</font></i></p>
<p align="center">&nbsp;</p>
<p align="left">&nbsp;</p>
<p align="left">&nbsp;</p>
<p align="left"><a href="index.php">
<img border="0" id="img2" src="button8.jpg" height="20" width="100" alt="Main Page" onmouseover="FP_swapImg(1,0,/*id*/'img2',/*url*/'button9.jpg')" onmouseout="FP_swapImg(0,0,/*id*/'img2',/*url*/'button8.jpg')" onmousedown="FP_swapImg(1,0,/*id*/'img2',/*url*/'buttonA.jpg')" onmouseup="FP_swapImg(0,0,/*id*/'img2',/*url*/'button9.jpg')" fp-style="fp-btn: Brick Row 9" fp-title="Main Page"></a></p>
<p align="left"><a href="cpanel.php">
<img border="0" id="img3" src="buttonB.jpg" height="20" width="100" alt="cPanel" onmouseover="FP_swapImg(1,0,/*id*/'img3',/*url*/'buttonC.jpg')" onmouseout="FP_swapImg(0,0,/*id*/'img3',/*url*/'buttonB.jpg')" onmousedown="FP_swapImg(1,0,/*id*/'img3',/*url*/'buttonD.jpg')" onmouseup="FP_swapImg(0,0,/*id*/'img3',/*url*/'buttonC.jpg')" fp-style="fp-btn: Brick Row 9" fp-title="cPanel"></a></p>
<p align="left"><a href="logout.php">
<img border="0" id="img1" src="button5.jpg" height="20" width="100" alt="Logout" onmouseover="FP_swapImg(1,0,/*id*/'img1',/*url*/'button6.jpg')" onmouseout="FP_swapImg(0,0,/*id*/'img1',/*url*/'button5.jpg')" onmousedown="FP_swapImg(1,0,/*id*/'img1',/*url*/'button7.jpg')" onmouseup="FP_swapImg(0,0,/*id*/'img1',/*url*/'button6.jpg')" fp-style="fp-btn: Brick Row 9" fp-title="Logout"></a></p>
 
</body>
 
</html>
 
And ofc the coming cPanel.php

Code: Select all

<?php
 
session_start();
 
if (!(isset($_SESSION['login']) && $_SESSION['login'] != '')) {
header ("Location: login.php");
}
 
?> 
 
<html>
<head>
    <title>Control Panel</title>
</head>
<body>
 
Control Panel
 
</body>
</html> 
I want this to happend:
I login -> I get access to cPanel
I logout -> I dont have access to cPanel anymore

This happens:
I login -> I dont have access to cPanel ( it puts me back to login.php)
I logout -> I dont have access to cPanel

SO I think something is wrong with the session codes...
cone13cone
Forum Newbie
Posts: 24
Joined: Fri Mar 20, 2009 8:32 pm

Re: Code doesnt work

Post by cone13cone »

Cant determine the problem without seeing where you store your $_SESSION variables.

Code: Select all

 
session_is_registered();
 
This function has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 6.0.0. Relying on this feature is highly discouraged.
I'm not sure where where you are getting the argument passed to it anyway ?? is it the input field on the login script?

Code: Select all

 
if (!(isset($_SESSION['login']) && $_SESSION['login'] != ''))
 
The logic here is flawed, its reads if session login is not set AND session login does not equal an empty string.

Other than that Im not really sure whats going on, seeing how you store/validate your usernames/passwords would be most helpful.
Worqy
Forum Newbie
Posts: 20
Joined: Tue Feb 02, 2010 6:41 am

Re: Code doesnt work

Post by Worqy »

"Other than that Im not really sure whats going on, seeing how you store/validate your usernames/passwords would be most helpful."
I'm very new to this, so I can have many big misstakes in the code.

If I understood you correctly; I stroe my username and password in MySQL.
And here is the checklogin.php:

Code: Select all

<?php
$host="localhost"; // Host name
$username="root"; // Mysql username
$password="160995kk"; // Mysql password
$db_name="Game"; // Database name
$tbl_name="members"; // Table name
 
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
 
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
 
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
 
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
 
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
 
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>
Post Reply