Hey got a problem with my PHP code!

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
AshrakTheWhite
Forum Commoner
Posts: 69
Joined: Thu Feb 02, 2006 6:47 am

Hey got a problem with my PHP code!

Post by AshrakTheWhite »

the admin interface php dosent want to recognize that session['admin'] = true;

any help would be appretiated


Login Page:

Code: Select all

<?php
session_start();
require_once 'functions.php';
echo '
    <form method="post" action="">
    <input type="text" name="Username"
    <input type="password" name="Password">
    <input type="submit" name="submit" value="Go!">
    </form>
';


if($_SESSION['admin'] == false and isset($_POST['Username'], $_POST['Password']))
{
    $username = htmlspecialchars($_POST['Username']);
    $password = htmlspecialchars($_POST['Password']);
    
    if ($username == 'Marko' AND $password == '*********(password is really here i just dont want to give it to you :p)')
    {
        $_SESSION['admin'] = true;
        header("Location: adminInterface.php");

    } else
        {
            die('Wrong username or password');
        }
}
?>
Admin Interface PHP

Code: Select all

<?php
ini_set('error_reporting', E_ALL);

if($_SESSION['admin'] == true)
{
    require_once 'functions.php';
    connectDB();
    
    echo '
        <table>
            <tr>
                <td>
                    <a href="adminInterface.php?op=editShop">Edit Shop Items</a>
                </td>
                <td>
                    <a href="adminInterface.php?op=viewOrders">View Orders</a>
                </td>
                <td>
                    <a href="adminInterface.php?op=logOut">Log out</a>
                </td>
            <tr>
        </table>
    '; 


    switch($_GET['op'])
    {
        case('editShop'):
            echo' 
                <table>
                    <form method="post" action="adminInterface.php">
                        Enter Product Name:&nbsp
                        <input type="text" name="productName"><br>
                        Enter Product Price:&nbsp
                        <input type="text" name="productPrice"><br>
                        Enter Product Unit:&nbsp
                        <input type="text" name="productUnit"><br>
                        <input type="submit" name="Submit" value="update">
                    </form>
                </table>';
    }


    if(!empty($_POST['productName']) and !empty($_POST['productPrice']) and !empty($_POST['productUnit']))
    {
        $pName = $_POST['productName'];
        $pPrice = $_POST['productPrice'];
        $pUnit = $_POST['productUnit'];
        $pName = mysql_real_escape_string($pName);
        $pPrice = mysql_real_escape_string($pPrice);
        $pUnit = mysql_real_escape_string($pUnit);
        updateItems($pName, $pPrice, $pUnit);
    }

    function updateItems($pName, $pPrice, $pUnit)
    {
        $query='
        INSERT INTO
            MarkoPood
        (name, hind, yhik)
            values ("' . $pName . '","' . $pPrice . '","' . $pUnit . '")    
        ';    
        mysql_query($query) or die(mysql_error());
    }
} else
    {
        die("Bugger Off haxta newb!");
    }
?>
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Post by Christopher »

Try:

Code: Select all

$_SESSION['admin'] = true;
        session_write_close();
        header("Location: adminInterface.php");
You need to write the session data before the redirect because both scripts are run in the same request. Normally the session data is written at the end of the request.
(#10850)
Post Reply