hi, I am currently having problem with my signin page. Whenever I try to sign in, it will bring me back to the main signin page again. I suspect the session is not created and i cannot find the error. Can anyone PLEASE HELP ME? ITS URGENT! THANKS
this is the session.php page
<?php
session_start();
global $verified_user;
//echo "$verified_user";
if ($verified_user=="") {
header("Location: http://www.ebizhorizon.com/bitfyp2003/g ... signin.php");
exit;
}
?>
this is the create session.php page.
<?php
session_start();
include "../connection/connection.php";
$login=$HTTP_POST_VARS['login'];
$pass=$HTTP_POST_VARS['password'];
$loginstr="$login"."$pass";
$loginstrlen=strlen($loginstr);
if ($loginstrlen<2){
$error = "Wrong%20Password%20or%20User%20does%20not%20exits.";
header("Location: signin.php?message=$error");
}
if($login!="" && $pass!=""){
$query = "SELECT LoginID, UserLevel, Name FROM Login WHERE LoginID = \"$login\" AND Password = \"$pass\"";
$results = mysql_query($query, $connection);
if(@mysql_num_rows($results) != 0) {
$verified_user = $login;
//$verified_userpw = $pass;
global $verified_user;
session_register("verified_user");
//session_register("verified_userpw");
setcookie("time",$PHPSESSID,time()+60,"/",".mydomain.com",0);
header("Location: ../secure/project.php");
}else {
$error = "Wrong%20Password%20or%20User%20does%20not%20exits.";
header("Location: signin.php?message=$error");
}
}
mysql_close($connection);
?>
SESSION
Moderator: General Moderators
- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK
You don't mention which version of PHP you are using so I am going to assume that it is at least version 4.1, if it's 4.0.6 or below then the code I am about to give won't work.
For the create session page:
and for the session.php page:
Mac
For the create session page:
Code: Select all
<?php
session_start();
include '../connection/connection.php';
$login = $_POST['login'];
$pass = $_POST['password'];
// you do not need to put double quotes around variable names so you should change
// $loginstr = "$login"."$pass"; to what's below:
$loginstr = $login.$pass;
// do you really need this temporary variable - if you don't use it againg then it
// would make more sense to just use the strlen function in the if statement
/* $loginstrlen = strlen($loginstr); */
// Do you really need this if you check that the login and pass are not empty in the
// next if statement?
if (strlen($loginstr) < 2) {
// you could use urlencode() so that you don't have to worry about encoding all
// those spaces:
$error = urlencode('Wrong Password or User does not exits.');
header('Location: signin.php?message='.$error);
exit(); // because you don't want the code to continue on beyond this point
}
// you can empty() to test if the variables are empty:
if (!empty($login) && !empty($pass)) {
// use single quotes around strings in SQL statements so LoginID = '$login' instead
// of LoginID = "$login"
$query = "SELECT LoginID, UserLevel, Name FROM Login WHERE LoginID = '$login' AND Password = '$pass'";
// add some error handling
@$results = mysql_query($query, $connection) or die('Query could not be executed');
if (mysql_num_rows($results) > 0) {
// this does nothing unless you are making a variable global within a user-
// defined function so you can get rid of it:
/* global $verified_user; */
// Try using the $_SESSION array as this would be better than session_register
$_SESSION['verified_user'] = $login;
setcookie('time', $_SERVER['PHPSESSID'], time()+60, '/', '.mydomain.com', 0);
header('Location: ../secure/project.php');
exit();
} else {
$error = urlencode('Wrong Password or User does not exits.');
header('Location: signin.php?message='.$error);
exit();
}
}
mysql_close($connection);
?>Code: Select all
<?php
session_start();
// unless you are in a function then I don't see what this global statement does?
/* global $verified_user; */
// Did this echo anything for you when you used it because you didn't mention
// the results of your own debugging
/* echo "$verified_user"; */
if (empty($_SESSION['verified_user']) {
header('Location: http://www.ebizhorizon.com/bitfyp2003/g ... ignin.php');
exit();
}
?>
Last edited by twigletmac on Tue Apr 15, 2003 7:34 am, edited 1 time in total.
-
Tubbietoeter
- Forum Contributor
- Posts: 149
- Joined: Fri Mar 14, 2003 2:41 am
- Location: Germany
twigletmac wrote:(...)
and for the session.php page:MacCode: Select all
<?php session_start(); // unless you are in a function then I don't see what this global statement does? /* global $verified_user; */ // Did this echo anything for you when you used it because you didn't mention // the results of your own debugging /* echo "$verified_user"; */ if (!empty($_SESSION['verified_user']) { header('Location: http://www.ebizhorizon.com/bitfyp2003/g ... ignin.php'); exit(); } ?>
should't it be
Code: Select all
...
if (empty($_SESSION['verified_user']) {
...- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK
Ta for spotting that Tubbietoeter - teach me to reread my code a bit better
[I've edited the original code BTW]
Mac
[I've edited the original code BTW]
Mac
Last edited by twigletmac on Tue Apr 15, 2003 7:34 am, edited 1 time in total.
-
Tubbietoeter
- Forum Contributor
- Posts: 149
- Joined: Fri Mar 14, 2003 2:41 am
- Location: Germany