[SOLVED] simple login problem
Posted: Fri May 02, 2008 5:22 am
I'm adding a simple login script for a few pages and even though i've done this before, for some reason it's not holding the session from page to page.
The code for the index is :
The link to predictions should allow you to stay logged in but doesn't, also if click on the url bar in the browser and hit enter it logs me out also.
predictions.php
Any help much appreciated, it's probably something simple i'm missing.
The code for the index is :
Code: Select all
<?php
session_start();
echo 'SID '.session_id();
include 'boardroom/db_conn.php';
include '/var/www/html/functions/security.php';
if ($_GET['logout']=='1')
{
$_SESSION = array();
session_destroy();
}
if (isset($_POST['email']) && isset($_POST['password']))
{
$email = makeSafe($_POST['email']);
$password = makeSafe($_POST['password']);
if ((strlen($email)>1) && (strlen($password)>1))
{
// if the user has just tried to log in
$password = sha1($password);
$login = "SELECT email,name FROM users WHERE email='".$email."' AND password='".$password."'";
$lq = mysql_query($login) or die("Query $login Failed".mysql_error());
$lr = mysql_fetch_assoc($lq);
if (mysql_num_rows($lq) >0)
{
$_SESSION['email'] = $email;
$_SESSION['name'] = $lr['name'];
}
}
}
?>
<html>
<head>
<title></title>
</head>
<body>
<h3></h3>
<br />
<?php if(isset($_SESSION['email']))
{
echo 'Welcome to football '.$_SESSION['name'].'.';
echo '<br />';
echo '<p><a href="index.php?logout=1">Logout</a></p>';
echo '<p><a href="predictions.php">Your Predictions</a></p>';
}
else
{
if ($_GET['message']=='thankyou')
{
echo '<p>Thank you for registering for football, you will receive an email with a reminder of your login information.</p>';
$loginText = 'P';
}
else
{
$loginText = 'If you are already registered with us p';
?>
<a href="register.php" />New User? Click to Register</a>
<br /><br />
<?php
}
?>
<form method="post" action="index.php">
<table>
<tr>
<td colspan="2">
<?php echo $loginText; ?>lease login using the form below.
</td>
</tr>
<tr>
<td>Username</td>
<td><input type="text" name="email" id="email"></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="password" id="password">
</tr>
<tr>
<td></td>
<td><input type="submit" name="login" id="login" value="Login"></td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>
predictions.php
Code: Select all
<?php
session_start();
echo 'SID '.session_id();
print_r($_SESSION);
if (isset($_SESSION['email']))
{
echo 'Logged in as '.$_SESSION['name'];
}
else
{
echo 'Not logged in';
}
?>