PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Moderator: General Moderators
C_Calav
Forum Contributor
Posts: 395 Joined: Wed Jun 02, 2004 10:55 pm
Location: New Zealand
Post
by C_Calav » Mon Jul 19, 2004 10:10 pm
i have a login page and i can login and set a session but can anyone help me with using that session across certain pages eg, admin pages?
can anyone point me to some useful tutorial pages or some help?
im stuck with how sessions work across pages!
login.php -->
Code: Select all
<?php
session_start();
$username = $_POST['username'];
// Register session key with the value
$_SESSION['name'] = $username;
if(!empty($_POST['submit']))
{
$db = mysql_pconnect('***') or die ("Could not connect to database");
mysql_select_db('models') or die ("Could not select database!");
$sql = "select * from usser where name = '$username'";
$result = mysql_query($sql, $db) or die ("Execution failed.");
while ($row=mysql_fetch_array($result))
{
if ($row["password"]==$password)
{
echo " ('Successfully Logged In!<a href='index.php'>Click Here</a>') ";
}
else
{
echo "wrong password";
}
}
}
?>
feyd
Neighborhood Spidermoddy
Posts: 31559 Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA
Post
by feyd » Mon Jul 19, 2004 10:16 pm
if you have session_start() on each page, and the session cookie is set up right, they should be available through $_SESSION..
John Cartwright
Site Admin
Posts: 11470 Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:
Post
by John Cartwright » Mon Jul 19, 2004 10:24 pm
you had quite a few errors in your code
login.php
Code: Select all
<?php
session_start();
$username = $_POST["username"];
$password = $_POST["password"];
if(!empty($_POST['submit']))
{
$db = mysql_pconnect('***') or die ("Could not connect to database");
mysql_select_db('models') or die ("Could not select database!");
$sql = "select * from user where name = '$username'";
$result = mysql_query($sql, $db) or die ("Execution failed.");
while ($row=mysql_fetch_array($result))
{
if ($row["password"]== $_POST["password"])
{
echo " ('Successfully Logged In!<a href='index.php'>Click Here</a>') ";
$_SESSION["name"] = $username;
$_SESSION["loggedin"] = "set";
}
else
{
echo "wrong password";
}
}
}
?>
admin.php
Code: Select all
if (!isset($_SESSION["loggedin"]))
{
exit("Hacking Attempt!");
}
echo "Welcome to the Admin Section, ".$_SESSION["username"];
Last edited by
John Cartwright on Mon Jul 19, 2004 10:45 pm, edited 2 times in total.
feyd
Neighborhood Spidermoddy
Posts: 31559 Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA
Post
by feyd » Mon Jul 19, 2004 10:29 pm
missing a ] in there.. (just after the while loop start)
John Cartwright
Site Admin
Posts: 11470 Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:
Post
by John Cartwright » Mon Jul 19, 2004 10:39 pm
feyd wrote: missing a ] in there.. (just after the while loop start)
SHHHHHH!!!!!!!!!
feyd
Neighborhood Spidermoddy
Posts: 31559 Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA
Post
by feyd » Mon Jul 19, 2004 10:42 pm
psst, still not right
John Cartwright
Site Admin
Posts: 11470 Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:
Post
by John Cartwright » Mon Jul 19, 2004 10:46 pm
SHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHhhh
C_Calav
Forum Contributor
Posts: 395 Joined: Wed Jun 02, 2004 10:55 pm
Location: New Zealand
Post
by C_Calav » Mon Jul 19, 2004 11:33 pm
hi thanx Phenom and Feyd for your help.
Phenom i tried the script u fixed up and all it says is "execution failed" it wont do anything else. ?
i went back to my old script and it worked. whats going on here?
and this code:
Code: Select all
<?php
if (!isset($_SESSION["loggedin"]))
{
exit("Hacking Attempt!");
}
echo "Welcome to the Admin Section, ".$_SESSION["username"];
?>
is this all i need at the top of each page in my admin? this says "if no session dont let them in" is that correct?
thanx heaps.
feyd
Neighborhood Spidermoddy
Posts: 31559 Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA
Post
by feyd » Mon Jul 19, 2004 11:48 pm
that code will only check whether they are marked as logged in..
C_Calav
Forum Contributor
Posts: 395 Joined: Wed Jun 02, 2004 10:55 pm
Location: New Zealand
Post
by C_Calav » Mon Jul 19, 2004 11:50 pm
do you know why the login.php that Phenom posted only says Execution Faild?
feyd
Neighborhood Spidermoddy
Posts: 31559 Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA
Post
by feyd » Mon Jul 19, 2004 11:56 pm
likely, there's an error in the query or connection, selection... add mysql_error() to the string sent to die()
C_Calav
Forum Contributor
Posts: 395 Joined: Wed Jun 02, 2004 10:55 pm
Location: New Zealand
Post
by C_Calav » Tue Jul 20, 2004 12:01 am
done that and got this error..
Warning: Wrong parameter count for mysql_query() in /var/users/modelair/modelaircraft.co.nz/htdocs/admin/login.php on line 19
Execution failed.
on this line:
Code: Select all
<?php
$result = mysql_query($sql, $db, mysql_error()) or die ("Execution failed.");
?>
what does this mean?
thanx feyd
feyd
Neighborhood Spidermoddy
Posts: 31559 Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA
Post
by feyd » Tue Jul 20, 2004 12:15 am
uh..
Code: Select all
$result = mysql_query($sql,$db) or die("Execution failed: ".mysql_error());
C_Calav
Forum Contributor
Posts: 395 Joined: Wed Jun 02, 2004 10:55 pm
Location: New Zealand
Post
by C_Calav » Tue Jul 20, 2004 12:18 am
thanx
learning here
C_Calav
Forum Contributor
Posts: 395 Joined: Wed Jun 02, 2004 10:55 pm
Location: New Zealand
Post
by C_Calav » Tue Jul 20, 2004 12:34 am
awsome feyd i think im there!
echo "Welcome to the Admin Section,---> ".$_SESSION["username"]; <---
so all my pages i wont secure i go:
Code: Select all
<?php
session_start();
if (!isset($_SESSION["loggedin"]))
{
exit("Hacking Attempt!");
}
echo "Welcome to the Admin Section, ".$_SESSION["username"];
?>
<html>
</head>
<body>
Hello there! ur at the admin page!
</body>
</html>