session problem

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
ija
Forum Newbie
Posts: 11
Joined: Wed Aug 03, 2005 11:14 pm

session problem

Post by ija »

Hi..

i developed a system with a login process. Without session handling, my login process work ok.But when i add some session coding the login process just looping on the login page.I use SUSE LINUX SERVER as a platform.
THIS is my coding:::::::..

login.php

Code: Select all

<html>
<head>
<title>Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<script>


function changeScrollbarColor(C){
  if (document.all){
    document.body.style.scrollbarBaseColor = C
  }   
}

</script>
<style>
body{
scrollbar-base-color:#F0D9A4
}
</style>
<link rel="stylesheet" href="_notes/tganuwebcss11" type="text/css">
<style type="text/css">
<!--
-->

body {
	margin-top:100px;
	
}
</style>
</head>

<body bgcolor="#FAEDCF">
<form action= "dblogin.php" method="post"> 
<div align="center">
<table width="545" border="2" bgcolor="#FFFFFF">
    <tr bgcolor="#F0D9A4"> 
      <td colspan="2"><div align="center"><font color="#000000" size="4" face="Arial, Helvetica, sans-serif"> 
          <strong>LOGIN</strong></font></div></td>
    </tr>
    <tr> 
      <td colspan="2">
<div align="right">
          <table width="100%" border="0"bgcolor="#F8E3B8">
            <tr> 
              <td colspan="2"> 
            </tr>
            <tr> 
              <td>&nbsp;</td>
              <td>&nbsp;</td>
            </tr>
            <tr> 
              <td width="46%">&nbsp;</td>
              <td width="54%"></td>
            </tr>
            <tr> 
              <td><div align="right"><strong><font size="2" face="Arial, Helvetica, sans-serif">User Name:</font></strong></div></td>
              <td><strong><font size="2" face="Arial, Helvetica, sans-serif"> 
                <input type="text" name="userid">
                </font></strong></td>
            </tr>
            <tr> 
              <td><div align="right"><strong><font size="2" face="Arial, Helvetica, sans-serif">Password:</font></strong></div></td>
              <td><strong><font size="2" face="Arial, Helvetica, sans-serif"> 
                <input type="password" name="password">
                </font></strong></td>
            </tr>
            <tr> 
              <td>&nbsp;</td>
              <td>&nbsp;</td>
            </tr>
            <tr> 
              <td>&nbsp;</td>
              <td><input type="submit" name="submit" value="Login"> <input type="submit" name="reset" value="Batal"></td>
            </tr>
            <tr> 
              <td>&nbsp;</td>
              <td>&nbsp;</td>
            </tr>
            <tr> 
              <td>&nbsp;</td>
              <td><input type="hidden" name="psRefer" value="<? echo($refer) ?>"> 
                <font size="2" face="Arial, Helvetica, sans-serif"><strong></strong></font></td>
            </tr>
          </table>
        </div>
        </td>
    </tr>
  </table>
</div>
</body>
</html>


dblogin.php

Code: Select all

<?
$db="upentrg";
$table="login";

$userid=$_POST['userid'];
$password=$_POST['password'];

if($userid == '' || $password == '')
{
	header('Location:login.php?refer='.urlencode($psRefer));
}
else
{
	$con=mysql_connect("localhost","root","");
	mysql_select_db($db,$con);


	$q="select id, MD5(UNIX_TIMESTAMP() + id + RAND(UNIX_TIMESTAMP())) GUID from $table where userid ='$userid' AND password='$password'";

	$rslt=mysql_query($q,$con);
	if(mysql_num_rows($rslt))
	{
		$prslt=mysql_fetch_row($rslt);

		$q="update $table set GUID='$prslt[1]' WHERE id = $prslt[0]";
		mysql_query($q,$con);
	  
  		setcookie("session_id",$prslt[1]);

		if(!$psRefer) 
		{
			$psRefer='index1.php';
			header('Location:'.$psRefer);
		}
	}
	else
	{
		header('Location:login.php?refer='.urlencode($psRefer));
		
	}
}		
?>
incSession.php

Code: Select all

<?php
session_start();

if(!isset($user_name) | !isset($password)) {
header('Location:index1.php');
}

$expirationtime=time()-12000;		
$GUID = $HTTP_COOKIE_VARS['session_id'];/$hDB = mysql_connect("localhost","root","");
mysql_select_db('upentrg', $hDB);

$sQuery = "Select *From users where user_name='$user_name' and password='$password'";
$hResult = mysql_query($sQuery, $hDB);

if(!mysql_num_rows($hResult)) {

header('Location:/loginepantau.php?refer=');
}
?>
index1.php

Code: Select all

<?
require('incSession.php'); 
?>


<html><head><!-- Provided by MyFreeTemplates.com -->
  <title>ePantau</title>

  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">

  <meta name="keywords" content="Keywords here">

  <meta name="description" content="Description here">

  <meta name="Author" content="MyFreeTemplates.com">

  <meta name="robots" content="index, follow">
<!-- (Robot commands: All, None, Index, No Index, Follow, No Follow) -->
  <meta name="revisit-after" content="30 days">

  <meta name="distribution" content="global">

  <meta name="rating" content="general">

  <meta name="Content-Language" content="english">

  <script language="JavaScript" type="text/JavaScript" src="images/myfreetemplates.js"></script>
  <script language="JavaScript" src="images/menu.js" type="text/JavaScript"></script>
  <link href="images/myfreetemplates.css" rel="stylesheet" type="text/css">

  <script language="JavaScript" src="images/mm_menu.js"></script>
  <style type="text/css">
A.linka:link{font-family: "Trebuchet MS", Arial, Verdana;font-size: 8pt;font-weight: normal;color: #006699;text-decoration: none;}
A.linka:visited{font-family: "Trebuchet MS", Arial, Verdana;font-size: 8pt;font-weight: normal;color: #006699;text-decoration: none;}
A.linka:hover{font-family: "Trebuchet MS", Arial, Verdana;font-size: 8pt;font-weight: normal;color: #ff6600;text-decoration: underline;}
A.toplink:link {font-family: "Trebuchet MS", Arial, Verdana;font-size: 8pt;font-weight: normal;color: #FFFFFF;letter-spacing: 1px;text-decoration: none;}
A.toplink:visited {font-family: "Trebuchet MS", Arial, Verdana;font-size: 8pt;font-weight: normal;color: #FFFFFF;letter-spacing: 1px;text-decoration: none;}
A.toplink:hover {font-family: "Trebuchet MS", Arial, Verdana;font-size: 8pt;font-weight: bold;color: #FFCC0C;letter-spacing: 1px;text-decoration: none;}
A.tmaroon:link {font-family: "Trebuchet MS", Arial, Verdana;font-size: 8pt;font-weight: bold;color: #000000;text-decoration: none;}
A.tmaroon:visited {font-family: "Trebuchet MS", Arial, Verdana;font-size: 8pt;font-weight: bold;color: #000000;text-decoration: none;}
A.tmaroon:hover {font-family: "Trebuchet MS", Arial, Verdana;font-size: 8pt;font-weight: bold;color: red;text-decoration: underline;}
  </style></head>

<body leftmargin="0" topmargin="0" onload="MM_preloadImages('images/btn_main_dn.gif','images/btn_aboutus_dn.gif','images/btn_contact_dn.gif','images/btn_services_dn.gif')" marginheight="0" marginwidth="0">
<script language="JavaScript1.2">mmLoadMenus();</script>
<img src="images/spacer.gif" height="1" width="589">
<table align="center" border="0" cellpadding="0" cellspacing="0" height="100%" width="934">

<tbody>
<tr>
<td height="62" width="186">
<a href="http://www.myfreetemplates.com"><img src="images/toplogo.gif" alt="" border="0" height="62" width="186"></a></td>
<td colspan="3" background="images/topbg.gif" height="62" width="1006">&nbsp; </td>
</tr>
<tr>
<td colspan="4" background="images/base2.gif" height="24">
<table border="0" cellpadding="0" cellspacing="0" width="775">
<tbody>
<tr>
<td height="37">&nbsp;</td>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td> </td>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td>
</td><td></td>
<td colspan="2" align="center">
<strong><font color="#ffffff"><a href="usermenu.php?" class="toplink">Penyelenggaraan Pengguna</a></font></strong> </td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td height="114" width="186"><table border="0" cellpadding="0" cellspacing="0" width="136">
<tbody>
<tr>
<td style="border-top: 1px dotted rgb(166, 189, 242); padding-top: 4px; padding-bottom: 14px;"><strong> <a href="eis/indexeis.php" class="sidetable">ePantau EIS</a></strong></td>
</tr>
<tr>
<td style="border-top: 1px dotted rgb(166, 189, 242); padding-top: 4px; padding-bottom: 14px;"><strong> <a href="pms/home.php" class="sidetable">ePantau PMS</a></strong></td>
</tr>
<tr>
<td style="border-top: 1px dotted rgb(166, 189, 242); padding-top: 4px; padding-bottom: 14px;"><strong> <a href="#" class="sidetable"><br>
</a></strong></td>
</tr>
<tr>
<td style="border-top: 1px dotted rgb(166, 189, 242); padding-top: 4px; padding-bottom: 14px;"><strong> <a href="#" class="sidetable"><br>
</a></strong></td>
</tr>
</tbody>
</table>
<p class="link"><a href="logout.php">Logout</a></p></td>
<td colspan="3" height="114"><table border="0" height="77" width="125">
<tbody><tr>
<td><div align="right"><img src="images/pemandangan740baru.jpg" height="289" width="741"></div></td>
</tr>
</tbody></table></td>
</tr>
<tr valign="top">
<td style="border-right: 1px dotted; padding-left: 19px;" height="233" width="186">&nbsp; </td>
<td colspan="3" style="padding-left: 12px; padding-top: 7px;">
<h1 style="margin: 0pt;">::
Selamat Datang ::</h1>
<br>
<span style="font-family: Arial;"><big>Sistem
ePantau adalah sebuah sistem yang memantau Projek-projek yang
dijalankan di negeri terengganu. Di samping itu, sistem ini juga
memantau sistem-sistem yang terdapat di Pejabat-pejabat Kerajaan negeri
Terengganu.</big></span>
<p><big>&nbsp;</big></p>
<table border="0" height="117" width="732">
<tbody><tr>
<td height="24"><div align="center">Diilhamkan oleh: </div></td>
<td> <div align="center">Diselenggarakan oleh:</div></td>
<td><div align="center">Dibangunkan oleh: </div></td>
<td><div align="center">Powered by:</div></td>
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
<tr>
<td height="87" width="141"><div align="center"><img src="images/mb.jpg" height="85" width="68"></div></td>
<td width="179"><div align="center"><img src="images/logoupmn.gif" height="50" width="82"></div></td>
<td width="144"><div align="center"><img src="images/logo_cerdasvest1.jpg" height="51" width="63"></div></td>
<td width="79"><img src="images/suse_91_welcome.jpg" height="82" width="72"></td>
<td width="69"><img src="images/dell_logo.jpg" height="42" width="58"></td>
<td width="94"><img src="images/novell_logo.gif" height="42" width="39"> </td>
</tr>
</tbody></table></td>
</tr>
<tr>
<td colspan="4" height="18">&nbsp;</td>
</tr>
<tr>
<td colspan="4" background="images/base2.gif" height="22">&nbsp;</td>
</tr>
</tbody>
</table>

</body></html>
For ur info, the server support PHP4.


feyd | Post PHP properly, use

Code: Select all

tags. [/color][/size]
User avatar
nielsene
DevNet Resident
Posts: 1834
Joined: Fri Aug 16, 2002 8:57 am
Location: Watertown, MA

Post by nielsene »

Several things jump out immediately:

1. You need to use full URLs inside a header("Location: ...") calls not just the page name.

2. In incSession, where you d the first isset() tests you should be doing isset($_SESSION["user_name"]) style tests, or assigning

Code: Select all

$user_name=isset($_SESSION["user_name"])?$_SESSION["user_name"]:"";
before you try to use it. You already do something similar in the dbLogin code with the $_POST, just need to treat session similarly. Or if you want to pull these variables from $_POST again, do that.

3. I'm not sure why you're usig the cookie at all. Its not needed, and normally you wouldn't track the session_id in the DB, so I wouldn't do that unless you have a good reason.

4. On successful login, instead of setting the cookie, I would just do something like

Code: Select all

$_SESSION["user_name"]=$userid;
I wouldn't stick the password into the session. Therefore I think I would change the top of incSession to only check for the userid being set and not password.
Post Reply