Login Problems
Moderator: General Moderators
Login Problems
I have created a website with a login at http://usoba.org/mem/memlogin.php I am using session variables to store user data. The problem I am having is that sometimes when some people try to log in, the page just appears to refresh, and they do not get to log in. I have solved this with many people by changing their cookie settings, but now I have someone who set their cookies to accept all and not even that worked. I am a little confused on how session variables are handled. Is this a problem that can be fixed?
- Buddha443556
- Forum Regular
- Posts: 873
- Joined: Fri Mar 19, 2004 1:51 pm
Since I don't see a hidden value in your login form, I'm guessing your checking for the submit button? That might not work if the user hits enter in a text field instead of clicking the submit button.
To fix this insert a hidden input value and check for it instead. Like this:
In this case, you would check for "form_submitted" with the value "login".
To fix this insert a hidden input value and check for it instead. Like this:
Code: Select all
<input type="HIDDEN" name="form_sumitted" value="login">
<input class="button" type="SUBMIT" name="submit" value="SUBMIT">Code: Select all
// Begin Function checkPass()
function checkPass($login, $password) {
global $link;
global $mysql_prefix;
$password = encrypt($password);
$query="SELECT login, password FROM ".$mysql_prefix."users WHERE login='$login' AND password='$password' AND deleted != 1";
$result=mysql_query($query, $link)
or die("checkPass fatal error: ".mysql_error());
if(mysql_num_rows($result)==1) {
$row=mysql_fetch_array($result);
return $row;
}
return false;
}
// End Function checkPass()
// Begin Function cleanMemberSession()
function cleanMemberSession($login, $password, $company_name, $contact_name) {
$_SESSIONї"company_name"]=$company_name;
$_SESSIONї"contact_name"]=$contact_name;
$_SESSIONї"login"]=$login;
$_SESSIONї"password"]=$password;
$_SESSIONї"loggedIn"]=true;
}
// End Function cleanMemberSession()Code: Select all
if($_POSTї"submit"])
{
field_validator("login name", $_POSTї"login"], "alphanumeric", 4, 15);
field_validator("password", $_POSTї"password"], "string", 4, 15);
$login = mysql_escape_string($_POSTї"login"]);
$password= mysql_escape_string($_POSTї"password"]);
if($messages)
{
doIndex();
exit;
}
if( !($row = checkPass($login, $password)) )
{
$messagesї]="Incorrect login/password, try again\n ";
}
if($messages)
{
doIndex();
exit;
}
$query="SELECT * FROM ".$mysql_prefix."users WHERE login='$login' AND deleted != 1";
$result=mysql_query($query, $link);
$printforsession=mysql_fetch_array($result);
cleanMemberSession($rowїlogin], $rowїpassword], $printforsessionїcompany_name], $printforsessionїcontact_name]);
$logins_month = $printforsessionї"logins_month"] + 1;
$logins_total = $printforsessionї"logins_total"] + 1;
$query="UPDATE ".$mysql_prefix."users SET logins_month = '$logins_month', logins_total = $logins_total where login='$login' AND deleted = 0";
$result=mysql_query($query, $link) or die("Died inserting login info into db. Error returned if any: ".mysql_error());
header("Location: memsect.php");
}
else
{
doIndex();
}- smpdawg
- Forum Contributor
- Posts: 292
- Joined: Thu Jan 27, 2005 3:10 pm
- Location: Houston, TX
- Contact:
This is part of the help for session_start
Description
bool session_start ( void )
session_start() creates a session or resumes the current one based on the current session id that's being passed via a request, such as GET, POST, or a cookie.
This function always returns TRUE.
Note: If you are using cookie-based sessions, you must call session_start() before anything is outputted to the browser.
Description
bool session_start ( void )
session_start() creates a session or resumes the current one based on the current session id that's being passed via a request, such as GET, POST, or a cookie.
This function always returns TRUE.
Note: If you are using cookie-based sessions, you must call session_start() before anything is outputted to the browser.
- feyd
- Neighborhood Spidermoddy
- Posts: 31559
- Joined: Mon Mar 29, 2004 3:24 pm
- Location: Bothell, Washington, USA
yes. Have a read :: http://php.net/session
- Buddha443556
- Forum Regular
- Posts: 873
- Joined: Fri Mar 19, 2004 1:51 pm
http://www.faqts.com/knowledge_base/vie ... /774/fid/6

Almost like being at work... no one listen to me there either.I used to use the SubmitFoo method shown above until I realized that
IE5.0 does not always send the SubmitFoo name/value pair! If you have a
form with only one input element (e.g., an input box and a submit
button), and if you submit the form from IE5.0 by simply hitting
<RETURN> rather than explicitly mouse-clicking the submit button, then
the SubmitFoo value will NOT be passed to the server and the above
check will not work. You can get around this by also passing in a
hidden field called SubmitFoo with some arbitrary value. I don't know
which versions of IE5.x do this, but I see it in 5.00.2314.1003 without
fail. -Loren