Page 1 of 1

Session Management

Posted: Tue Sep 09, 2003 7:20 am
by keiko
Hi,
how do I go about doing a PHP session Management? What are the files I need besides the index.php for logging and the session.php?

And what is wrong with my code below for index.php and session.php respectively?

INDEX.PHP
--------------

# Start / track sessions
session_start();

# Check if we are logging out before continuing
$Logout = $HTTP_GET_VARS["Logout"];
if($Logout){
session_destroy();
$Username = null;
$Password = null;
}

# Redirect the user if they have one set in their
# settings (users.php)
if($Redirect) header("Location: $Redirect");

# Include the users file
if(!$Username) $Username = "fakeuser"; // Fake username to pull user count out
include("users.inc");
if($Username == "fakeuser") $Username = null; // Reset username
$userCount = sizeof($User); // Member count
?>
<HTML>
<HEAD>
<script language=JavaScript>
<!--

//Disable right click script III- By Renigade (renigade@mediaone.net)
//For full source code, visit http://www.dynamicdrive.com

var message="";
///////////////////////////////////
function clickIE() {if (document.all) {(message);return false;}}
function clickNS(e) {if
(document.layers||(document.getElementById&&!document.all)) {
if (e.which==2||e.which==3) {(message);return false;}}}
if (document.layers)
{document.captureEvents(Event.MOUSEDOWN);document.onmousedown=clickNS;}
else{document.onmouseup=clickNS;document.oncontextmenu=clickIE;}

document.oncontextmenu=new Function("return false")
// -->
</script>

<!-- Please do not remove the author and copyright meta tags, change
// the keywords and description as required by your site -->
<META NAME = "Author" CONTENT = "Mike Holloway">
<META NAME = "Copyright" CONTENT = "Mike Holloway, 2003">
<META NAME = "Keywords" CONTENT = "memberArea, Member, membersArea, login">
<META NAME = "Description" CONTENT = "Simple flat-file member checking script written in php">

<LINK REL = "Stylesheet" HREF = "style.css" TYPE = "Text/Css">
<TITLE> EW | EquineWorld v4.0 - celebrating the Beauty, Spirit & Elegance of the Horse </TITLE>
</HEAD>

<?php
if($Submit || isSet($Username)){

# Initialise variables
$userFlag = 0;
$element = "NA";

# Check to see if this username exists
for($count = 0; $count < $userCount; $count++){
// Username case insensitive
if(strToUpper($Username) == strToUpper($User[$count])){
$userFlag += 1;
$element = $count;
}
else $userFlag = $userFlag;
}


# If the user exists, check we have the correct password
if($userFlag){
// Password case sensitive
if($Password == $Pass[$element]){

#================================
#
# SUCCESSFUL MATCH BELOW
#
#================================

# Register the users info, so they dont have to type in again
$Username = $User[$element];
$Password = $Pass[$element];

if(!session_is_registered('User')){
session_register('Username');
session_register('Password');
}

# Check that we dont have a personal redirect, include the content
# for this permission
if(!$Redirect[$element]){
switch($Permission[$element]){
case 1: # Display the moderator area
include("moderatorUser.inc");
break;

case 2: # Display the admin area
@include("masterUser.inc");
break;

default: # Display the general user member area
@include("generalUser.inc");
break;
}
}
else{
# Redirect to their page
?>
<FORM NAME = "redirectUser" METHOD = "Post" ACTION = "<?php echo $PHP_SELF; ?>">
<INPUT TYPE = "Hidden" NAME = "Redirect" VALUE = "<?php echo $Redirect[$element]; ?>">
</FORM>

<SCRIPT LANGUAGE = "Javascript" TYPE = "Text/Javascript">
<!-- // Submit form
document.redirectUser.submit();
-->
</SCRIPT>
<?php
}
}
else{
#================================
#
# UNSUCCESSFUL MATCH BELOW
#
#================================

// Reason: Password incorrect
?>
<BODY topmargin="0" leftmargin="0" bottommargin="0" rightmargin="0" BGCOLOR="#EEEEEE">
<FORM NAME = "login" METHOD = "Post" ACTION = "<?php echo $PHP_SELF; ?>">
<TABLE BORDER = "0" BACKGROUND = "http://www.equine-world.net/images/bg.jpg" CELLSPACING = "0" CELLPADDING = "0" WIDTH = "800" ALIGN = "Left" STYLE = "Height: 100%;">
<TR>
<TD>
<DIV id=table
style="z-index: 2; left: 78; width: 272; color: #000000; position: absolute; top: 30; height: 175; padding: 2px; background-position: 0% 50%">

<TABLE BORDER = "0" CELLSPACING = "0" CELLPADDING = "0" WIDTH = "95%" ALIGN = "Center">
<TR>
<TD COLSPAN = "2" vALIGN = "Middle" STYLE = "Border-Bottom: 1px Dashed #000000; Font-Weight: Bold;">
Failure to login
</TD>
</TR>
<TR>
<TD vALIGN = "Middle">
Sorry, the password you provided was incorrect. Please try again.
</TD>
</TR>
<TR>
<TD COLSPAN = "2" ALIGN = "Right" vALIGN = "Middle">
<INPUT TYPE = "Submit" NAME = "Back" VALUE = "Back">
</TD>
</TR>
</TABLE>
</div>
</TD>
</TR>
</TABLE>
</FORM>
</BODY>
<?php
}
}
else{

// Reason: No username found
?>
<BODY topmargin="0" leftmargin="0" bottommargin="0" rightmargin="0" BGCOLOR="#EEEEEE">
<FORM NAME = "login" METHOD = "Post" ACTION = "<?php echo $PHP_SELF; ?>">
<TABLE BORDER = "0" BACKGROUND = "http://www.equine-world.net/images/bg.jpg" CELLSPACING = "0" CELLPADDING = "0" WIDTH = "800" ALIGN = "Left" STYLE = "Height: 100%;">
<TR>
<TD>
<DIV id=table
style="z-index: 2; left: 78; width: 272; color: #000000; position: absolute; top: 30; height: 175; padding: 2px; background-position: 0% 50%">

<TABLE BORDER = "0" CELLSPACING = "0" CELLPADDING = "0" WIDTH = "95%" ALIGN = "Center">
<TR>
<TD COLSPAN = "2" vALIGN = "Middle" STYLE = "Border-Bottom: 1px Dashed #000000; Font-Weight: Bold;">
Failure to login
</TD>
</TR>
<TR>
<TD vALIGN = "Middle">
Sorry, the username you provided does not exist.
</TD>
</TR>
<TR>
<TD COLSPAN = "2" ALIGN = "Right" vALIGN = "Middle">
<INPUT TYPE = "Submit" NAME = "Back" VALUE = "Back">
</TD>
</TR>
</TABLE>
</div>
</TD>
</TR>
</TABLE>
</FORM>
</BODY>
<?php
}
}
else{
#================================
#
# LOGIN BELOW
#
#================================
?>
<BODY onLoad = "document.login.Username.focus();" topmargin="0" leftmargin="0" bottommargin="0" rightmargin="0" BGCOLOR="#EEEEEE">
<FORM NAME = "login" METHOD = "Post" ACTION = "<?php echo $PHP_SELF; ?>">
<TABLE BORDER = "0" BACKGROUND = "http://www.equine-world.net/images/bg.jpg" CELLSPACING = "0" CELLPADDING = "0" WIDTH = "800" ALIGN = "Left" STYLE = "Height: 100%;">
<TR>
<TD>
<DIV id=table
style="z-index: 2; left: 78; width: 272; color: #000000; position: absolute; top: 10; height: 175; padding: 2px; background-position: 0% 50%">

<TABLE BORDER = "0" CELLSPACING = "0" CELLPADDING = "0" WIDTH = "95%" ALIGN = "Center">
<TR>
<TD COLSPAN = "2" height="40" vALIGN = "Middle" STYLE = "Border-Bottom: 1px Dashed #000000; Font-Weight: Bold;">
<font color="#000000">Please login to continue:</font>
</TD>
</TR>
<TR>
<TD vALIGN = "Middle" height="40" WIDTH = "35%">
Username:
</TD>
<TD ALIGN = "Left" vALIGN = "Middle" WIDTH = "65%">
<INPUT TYPE = "Text" NAME = "Username" SIZE = "25" STYLE = "Width: 80%">
</TD>
</TR>
<TR>
<TD vALIGN = "Middle" WIDTH = "35%">
Password:
</TD>
<TD ALIGN = "Left" vALIGN = "Middle" WIDTH = "65%">
<INPUT TYPE = "Password" NAME = "Password" SIZE = "25" STYLE = "Width: 80%">
</TD>
</TR>
<TR>
<TD COLSPAN = "2" height="58" ALIGN = "Center" vALIGN = "Middle">
<INPUT TYPE = "Submit" NAME = "Submit" VALUE = "Login" onFocus = "checkEntry();">
</TD>
</TR>
</TABLE>
<font color="#000000" face="verdana">We currently have: <B><U><?php echo $userCount; ?></B></U> members as of Sept 6th</font>
</div>
</TD>
</TR>
</TABLE>
</FORM>

<SCRIPT LANGUAGE = "Javascript" TYPE = "Text/Javascript">
<!-- // Check the user has entered data into both fields
function checkEntry(){
if(!document.login.Username.value){
alert("Enter a username first!");
document.login.Username.focus();
return true;
}
else if(!document.login.Password.value){
alert("Enter a password first!");
document.login.Password.focus();
return true;
}
else{
return false;
}
}
-->
</SCRIPT>
</BODY>
<?php
}
?>
</HTML>

_____________________________________________________________

SESSION.PHP
----------------

<?php

session_start();

if (!isset($_SESSION['Username'])) {
header("Location: index.php");
}

?>

Also, besides adding this code: # Start / track sessions
session_start(); to all my other php files, is there anything else I need to do?

Thanks.

Posted: Tue Sep 09, 2003 7:36 am
by twigletmac
Lots of code and no tags - please read the top link in my signature. It will also help us help you if you tell us exactly what doesn't work.

Mac

Posted: Tue Sep 09, 2003 7:40 am
by keiko
Erm I just don't know why my code doesn't even work at all... :oops:

What I am trying to do is add a session management to this script i got from the internet: http://82.37.50.61/NEW/?Page=source (Members Area)

Posted: Tue Sep 09, 2003 8:27 am
by twigletmac
Basically this code is written for an older version of PHP and will not work on a default installation of PHP 4.2 or above. You would be best off trying to find a more uptodate script as this one needs considerable reworking.

Mac

Posted: Tue Sep 09, 2003 8:28 am
by keiko
Oh okie. Thanks. Will do that...