Page 1 of 1

Login not working [SOLVED]

Posted: Mon Feb 19, 2007 1:54 am
by tail
I'm using a script on my home page that allows my clients to login, however when you login the session doesnt seem to be recorded. Here's the code I'm using:

Code: Select all

<?php
$dbhost='localhost';
$dbusername='****';
$dbuserpass='****';
$dbname='****';
$username=$_SESSION['s_username'];
$action=$_GET['action'];
if (!isset($username) || !$username || $username == '' && !$action || $action == '' || !isset($action)) {
echo '<h1>Clients Log-in</h1>
		<form action="index3.php?action=login" method="post" name="login" id="login">
		<input type="text" name="username" value="Username..." onfocus="if(this.value==\'Username...\')this.value=\'\';" class="input">
		<input type="password" name="password" class="input">
		<input type="image" src="images/submit.gif" value="1" class="submit" alt="Submit Form" name="login">
	</form><a href="index3.php?id=clients&page=forgot">Forgot ?</a>';
} elseif (isset($username) && $username != 'admin' && $action == '' || !isset($action)) {
echo '<h1>Client Options</h1><p class="logintxt">Welcome back! You are logged in as '.$username.', thanks for visiting!</p><br><a href="index3.php?id=clients&page=support">Support</a> <b>|</b> <b><a href="index3.php?id=clients&page=maintainance">Maintainance</a></b> <b>|</b> <b><a href="index3.php?action=logout">Logout</a></b>';
} elseif (isset($username) && $username == 'admin' && $action == '' || !isset($action)) {
echo '<h1>Admin Options</h1><p class="logintxt">Welcome back! You are logged in as '.$username.', thanks for visiting!</p><br><br><a href="index3.php?action=logout">Logout</a>';
} elseif (isset($username) && $action == 'logout') {
$_SESSION = array();
echo '<p class="logintxt">You have successfully logged out!</p>';
} elseif (isset($username) && $action == 'login') {
mysql_connect ($dbhost, $dbusername, $dbuserpass);
mysql_select_db($dbname) or die('Cannot select database');
	if ($_POST['username']) {
	$username=$_POST['username'];
	$password=$_POST['password'];
		if ($password==NULL) {
		echo "<p class=\"logintxt\">A password was not supplied <a href='index3.php'>Go back</a>";
	}else{
	$query = mysql_query("SELECT username,password FROM users WHERE username = '$username'") or die(mysql_error());
	$data = mysql_fetch_array($query);
	if($data['password'] != $password) {
	echo "<p class=\"logintxt\">The supplied login is incorrect. <a href='index3.php'>Go back</a></p>";
	}else{
	$query = mysql_query("SELECT username,password FROM users WHERE username = '$username'") or die(mysql_error());
	$row = mysql_fetch_array($query);
	$_SESSION["s_username"] = $row['username'];
	echo "<h1>Clients Log-in</h1><p class=\"logintxt\">You have successfully logged in as ".$_SESSION['s_username']." and can go to the options <b><a href='index3.php'>here</a></b>.</p>";
}
}
}
} else {
echo '<h1>Clients Log-in</h1>
		<form action="index3.php?id=clients&page=login" method="post" name="login" id="login">
		<input type="text" name="username" value="Username..." onfocus="if(this.value==\'Username...\')this.value=\'\';" class="input">
		<input type="password" name="password" class="input">
		<input type="image" src="images/submit.gif" value="1" class="submit" alt="Submit Form" name="login">
	</form><a href="index3.php?id=clients&page=forgot">Forgot ?</a>';
}
?>
After I login the login form pops up again. Any help would be appreciated. Thanks in advance.

Posted: Mon Feb 19, 2007 2:01 am
by RobertGonzalez
Where's you're call to session_start()?

Posted: Mon Feb 19, 2007 2:07 am
by tail
Before <html> tags

Posted: Mon Feb 19, 2007 2:52 am
by the DtTvB
You should put session_start(); right after <?php. Then it should work!

Posted: Mon Feb 19, 2007 10:07 am
by tail
Last time I checked I thought you had to have the session_start(); before the HTML tags, no?

Posted: Mon Feb 19, 2007 10:15 am
by feyd
Before output, any output.

Posted: Mon Feb 19, 2007 10:22 am
by tail
Yes, session_start() is before any output. If you'd like me to send you the source for the whole page I will. However I don't think that would be neccassary. If someone could please help me understand or explain what the problem with the code is, it would be appreciated.

Re: Login not working

Posted: Mon Feb 19, 2007 11:50 am
by RobertGonzalez
Well, we can try help with what you have posted. What do you mean by
tail wrote:... when you login the session doesnt seem to be recorded.
I noticed in your code you are doing this:
<?php
$username=$_SESSION['s_username'];
?>

Then checking it in various ways through isset() and what not. Why not try...

Code: Select all

<?php
$username = isset($_SESSION['s_username']) ? $_SESSION['s_username'] : '';
?>
Then, instead of those massive if/elseif statements, just do

Code: Select all

<?php
if (!empty($username))
{
    // The username has a value, do something with it
}
else
{
    // The username had not value, so get one
}
?>

Posted: Mon Feb 19, 2007 1:07 pm
by tail
Thanks, this worked:

Code: Select all

<?php
$dbhost='localhost';
$dbusername='****';
$dbuserpass='****';
$dbname='****';
$username=$_SESSION["s_username"];
$action=$_GET['action'];
if (empty($username) && empty($action)) {
echo '<h1>Clients Log-in</h1>
		<form action="index3.php?action=login" method="post" name="login" id="login">
		<input type="text" name="username" value="Username..." onfocus="if(this.value==\'Username...\')this.value=\'\';" class="input">
		<input type="password" name="password" class="input">
		<input type="image" src="images/submit.gif" value="1" class="submit" alt="Submit Form" name="login">
	</form><a href="index3.php?id=clients&page=forgot">Forgot ?</a>';
} elseif (isset($_SESSION["s_username"]) && $username != 'admin' && empty($action)) {
echo '<h1>Client Options</h1><p class="logintxt">Welcome back! You are logged in as '.$username.', thanks for visiting!</p><br><a href="index3.php?id=clients&page=support">Support</a> <b>|</b> <b><a href="index3.php?id=clients&page=maintainance">Maintainance</a></b> <b>|</b> <b><a href="index3.php?action=logout">Logout</a></b>';
} elseif (isset($_SESSION["s_username"]) && $username == 'admin' && empty($action)) {
echo '<h1>Admin Options</h1><p class="logintxt">Welcome back! You are logged in as '.$_SESSION["s_username"].', thanks for visiting!</p><br><br><a href="index3.php?action=logout">Logout</a>';
} elseif (!isset($username) && $action == 'login') {
mysql_connect ($dbhost, $dbusername, $dbuserpass);
mysql_select_db($dbname) or die('Cannot select database');
        if ($_POST['username']) {
        $username=$_POST['username'];
        $password=$_POST['password'];
                if ($password==NULL) {
                echo "<p class=\"logintxt\">A password was not supplied <a href='index3.php'>Go back</a>";
        }else{
        $query = mysql_query("SELECT username,password FROM users WHERE username = '$username'") or die(mysql_error());
        $data = mysql_fetch_array($query);
        if($data['password'] != $password) {
        echo "<p class=\"logintxt\">The supplied login is incorrect. <a href='index3.php'>Go back</a></p>";
        }else{
        $query = mysql_query("SELECT username,password FROM users WHERE username = '$username'") or die(mysql_error());
        $row = mysql_fetch_array($query);
        $_SESSION["s_username"] = $row['username'];
        echo "<h1>Clients Log-in</h1><p class=\"logintxt\">You have successfully logged in as ".$_SESSION['s_username']." and can go to the options <b><a href='index3.php'>here</a></b>.</p>";
}
}
} 
} elseif (isset($_SESSION["s_username"]) && $action == 'logout') {
$_SESSION = array();
echo '<h1>Logout</h1><p class="logintxt">You have successfully logged out! <a href="index3.php">Go home</a></p>';
} else {
echo '<h1>Clients Log-in</h1>
		<form action="index3.php?action=login" method="post" name="login" id="login">
		<input type="text" name="username" value="Username..." onfocus="if(this.value==\'Username...\')this.value=\'\';" class="input">
		<input type="password" name="password" class="input">
		<input type="image" src="images/submit.gif" value="1" class="submit" alt="Submit Form" name="login">
	</form><a href="index3.php?id=clients&page=forgot">Forgot ?</a>';
}
?>

Posted: Mon Feb 19, 2007 2:59 pm
by RobertGonzalez
Glad I could help. Mind changing the title of your thread to include a [SOLVED] in front? Thanks.

Posted: Mon Feb 19, 2007 4:37 pm
by tail
No problem. Thanks again.