Please check and reply ,am getting the error as
http://localhost/practice/<br%20/><b>No ... /b><br%20/>"
i created table
-------------------
Code: Select all
create table sessions (
id int(10) NOT NULL AUTO_INCREMENT,
sess_key char(6) NOT NULL,
val varchar(250) NOT NULL,
ip varchar(35) NOT NULL,
access int(25) NOT NULL,
PRIMARY KEY(id)
);login.php:
----------
Code: Select all
"<?php
include "sess.php";
if($login) {
$sess = new session;
$sess->start();
$sess->register($username);
header("Location: welcome.php");
}
?>
<html>
<head>
<title>login</title>
</head>
<body>
<form method="post" action="<?= $PHP_SELF; ?>">
Username: <input type="text" name="username"><br>
Password: <input type="password" name="password"><br>
<br>
<input type="submit" name="login" value="Login">
</body>
</html>
welcome.php:
---------------
<?php
include "sess.php";
$sess = new session;
if($logout == "yes") {
$sess->destroy();
header(“Location: login.php”);
exit;
}
$sess->read();
?>
<html>
<head>
<title>welcome</title>
</head>
<body>
Welcome, <?= $sess_val; ?><br>
<a href="<?= $PHP_SELF; ?>?logout=yes">Logout</a>
</body>
</html>
sess.php:
------------
<?php
$host = "localhost";
$user = "root";
$pass = "";
$db = "gulfnews";
$dbc = mysql_connect($host,$user,$pass) or die("Cannot establish a connection to the database.");
mysql_select_db($db,$dbc);
class session {
var $key;
var $timeout;
}
// start() will initialize the session by generating the session key or ID
function start($timeout = "") {
// create an array with all the letters of the alphabet
$letters = range("a","z");
// declare the $key variable
$key = "";
// generate our session's key formatted such as #a#aa#
for($i = 0; $i < 6; $i++) {
if(($i == 0) || ($i == 2) || ($i == 5))
$key .= rand(0,9);
if(($i == 1) || ($i == 3) || ($i == 4))
$key .= $letters[rand(0,25)];
}
// store the session's key in a method of the class
$this->key = $key;
// perform a conditional to test if the user defined the timeout and if not store the default value.
if($timeout == "")
$this->timeout = 120; // five minutes
else
$this->timeout = $timeout;
return 0;
}
// this function will register a value to session. (only one value, see replace() to update the value)
function register($val) {
// if key is not generated run start()
if($this->key == "")
$this->start();
$insert = mysql_query("INSERT INTO sessions (sess_key, val, ip, sec_expire, stamp_expire, access) VALUES ('" . $this->key. "', '" . addslashes($val) . "' , '" . $_SERVER["REMOTE_ADDR"] . "' , " . $this->timeout . "," . (time() + $this->timeout) . "," . time() .");");
// set the cookie that will store the session key
setcookie("sess_key",$this->key,time()+3600);
}
function read() {
// set $sess_val global - the variable of the session value.
global $sess_val;
// if the cookie doesn't exisit send them back to the login screen.
if(!$_COOKIE["sess_key"]) {
header("Location: login.php");
exit;
}
// fetch the session key from the cookie.
$this->key = $_COOKIE["sess_key"];
// fetch the session value
$query = mysql_query("SELECT val FROM sessions WHERE sess_key = '" . $this->key . "'") or die("query failed - line 55");
if(mysql_num_rows($query) == 0) {
header("Location: login.php");
exit;
}
$fetch = mysql_fetch_array($query);
// store the session value to $sess_val
$sess_val = stripslashes($fetch["val"]);
// test if session has reached the expiration point
$this->expire();
// this code will only run if expire() returned falsed - we update the last access point to now.
$update = mysql_query("UPDATE sessions SET access = " . time() . " WHERE sess_key = '" . $this->key . "'") or die("query failed - line 70");
}
// this function will test if the user has been inactive for the defined timeout
function expire() {
// fetch the last access and expirations from the database
$query = mysql_query("SELECT access, sec_expire, stamp_expire FROM sessions WHERE sess_key = '" . $this->key . "'") or die("query failed - line 78");
$fetch = mysql_fetch_array($query);
$access = $fetch["access"];
$expire = $fetch["sec_expire"];
$timeout = $fetch["stamp_expire"];
// test if session is expired based on defined timeout
if(($timeout - $access) <= ($expire - $expire)) {
$this->destory();
die("Your session has expired. Please re-login.");
}
}
// this function will update the session value
function replace($val) {
// fetch the user key from cookie
$this->key = $_COOKIE["sess_key"];
// update the database with the new value
$query = mysql_query("UPDATE sessions SET val = '" . $val . "' WHERE sess_key = '" . $this->key) or die("query failed - line 77");
}
//Our function asks for the new value and then it will update the current value with it. Finally, we reach our last function:
// this function will kill the session
function destroy($key = "") {
// fetch the user key from cookie
$this->key = $_COOKIE["sess_key"];
// delete session from database
$query = mysql_query("DELETE FROM sessions WHERE sess_key = '" . $this->key . "'") or die("query failed - line 86");
// remove cookie from the user's computer
$delete = setcookie("sess_key" , $this->key, time()-3600);
if($query && $delete) {
header("Location login.php");
exit;
}
}
?>waiting for your valuable replies...........
thanks and regards
madhu