? Login Controled Pages ?
Moderator: General Moderators
? Login Controled Pages ?
I am trying to figure out how to setup a login system so that people have to login to access certain pages. I want it so that when they go to a page, say to add an article, they have to be logged in and if not then it takes them to a login page.
This will only be for admin so i don't need to make it so they can register, just so that it will check their username and password against the one in the database. how would i do this?
This will only be for admin so i don't need to make it so they can register, just so that it will check their username and password against the one in the database. how would i do this?
For starter's see this excellent tutorial for the login portion. Once you understand how it works, we can probably help you figure out how to use it to protect only certain pages, etc.
k, i've tried the tutorial and this is what i get when i try to run it :
How can i fix it?
Code: Select all
Warning: Cannot send session cookie - headers already sent by (output started at /home/navigato/public_html/Admin/validate.php:8) in /home/navigato/public_html/Admin/validate.php on line 9
Warning: Cannot send session cache limiter - headers already sent (output started at /home/navigato/public_html/Admin/validate.php:8) in /home/navigato/public_html/Admin/validate.php on line 9
error making query-
JPlush76
- Forum Regular
- Posts: 819
- Joined: Thu Aug 01, 2002 5:42 pm
- Location: Los Angeles, CA
- Contact:
put this at the VERY top of your php script
that will fix it
Code: Select all
<?php
ob_start(); // turn output buffering on
?><?php
ob_start(); // turn output buffering on
session_start();
$db_user = <clipped>;
$db_pass = <clipped>;
$user_name = $_POST['user_name'];
$password = $_POST['password'];
//connect to the DB and select the "dictator" database
$connection = mysql_connect('localhost', $db_user, $db_pass) or die(mysql_error());
mysql_select_db('navigato_Directory', $connection) or die(mysql_error());
//set up the query
$query = "SELECT * FROM users
WHERE user_name='$user_name' AND password='$password'";
//run the query and get the number of affected rows
$result = mysql_query($query, $connection) or die('error making query');
$affected_rows = mysql_num_rows($result);
//if there's exactly one result, the user is validated. Otherwise, he's invalid
if($affected_rows == 1) {
$data_block = "Valid Login";
//add the user to our session variables
$_SESSION['username'] = $user_name;
}
else {
$data_block = "Invalid Login";
}
ob_start(); // turn output buffering on
session_start();
$db_user = <clipped>;
$db_pass = <clipped>;
$user_name = $_POST['user_name'];
$password = $_POST['password'];
//connect to the DB and select the "dictator" database
$connection = mysql_connect('localhost', $db_user, $db_pass) or die(mysql_error());
mysql_select_db('navigato_Directory', $connection) or die(mysql_error());
//set up the query
$query = "SELECT * FROM users
WHERE user_name='$user_name' AND password='$password'";
//run the query and get the number of affected rows
$result = mysql_query($query, $connection) or die('error making query');
$affected_rows = mysql_num_rows($result);
//if there's exactly one result, the user is validated. Otherwise, he's invalid
if($affected_rows == 1) {
$data_block = "Valid Login";
//add the user to our session variables
$_SESSION['username'] = $user_name;
}
else {
$data_block = "Invalid Login";
}
If I take your code snippet and the error message I come tocan you please post an up2date error message and the code snippet of validate.php where lines mentioned in the error message(s) are marked?
Otherwise it will be more than tricky to figure out what happens
Code: Select all
<?php
ob_start(); // turn output buffering on
session_start();
$db_user = <clipped>;
$db_pass = <clipped>;
$user_name = $_POSTї'user_name'];
$password = $_POSTї'password'];
/* <--- this is line 8, supposed to be the start of the offending output --->*/
//connect to the DB and select the "dictator" database /* <--- line 9, very odd --->*/
$connection = mysql_connect('localhost', $db_user, $db_pass) or die(mysql_error());
mysql_select_db('navigato_Directory', $connection) or die(mysql_error());
//set up the query
$query = "SELECT * FROM users
WHERE user_name='$user_name' AND password='$password'";
//run the query and get the number of affected rows
$result = mysql_query($query, $connection) or die('error making query');
$affected_rows = mysql_num_rows($result);
//if there's exactly one result, the user is validated. Otherwise, he's invalid
if($affected_rows == 1) {
$data_block = "Valid Login";
//add the user to our session variables
$_SESSIONї'username'] = $user_name;
}
else {
$data_block = "Invalid Login";
}Otherwise it will be more than tricky to figure out what happens
Sorry about that, there was a few lines of html coding before it. It showed that it was on the line with the: ob_start();
the code for the error in line 8 is:
the code for the error in line 8 is:
Code: Select all
<html>
<head>
<!-- InstanceBeginEditable name="doctitle" -->
<title>Navigator :: Family Travel Magazine</title>
<!-- InstanceEndEditable -->
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<!-- InstanceBeginEditable name="head" -->
<?php
ob_start(); // turn output buffering on
session_start();
.........