Code: Select all
$query = "SELECT useracc, userid FROM user WHERE userid='$u' AND password=PASSWORD('$p')";
$result = @mysql_query ($query);
$row = mysql_fetch_array ($result, MYSQL_NUM);
if ($row) { // A match was made.
// Start the session, register the values & redirect.
session_name('userlogin');
session_start();
$_SESSIONї'userid'] = $rowї1];
$_SESSIONї'useracc'] = $rowї0];
header ("Location: http://" . $_SERVERї'HTTP_HOST'] . dirname($_SERVERї'PHP_SELF']) . "/writerindex.php");
exit();
} else { // No match was made.
echo '<p><font color="red" size="+1">The username and password entered do not match those on file.</font></p>';
}here is the code i put at the top of my secured page
Code: Select all
session_name('userlogin');
session_set_cookie_params(900);
session_start();
if(!isset($_SESSIONї'userid']))
{
header ("Location: http://" . $_SERVERї'HTTP_HOST'] . dirname($_SERVERї'PHP_SELF']) . "/unauthorized.html");
exit();
}