At the top of my header I start a session so every page on the site can use the session vars
Code: Select all
<? session_start();?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head> etc...Code: Select all
function loginForm(){
//-- if user session isn't set show the form
if(!(isset($_SESSION['share']))){
?>
<form method="POST" action="../authenticate.php">
<p>username:<br/><input name="un" class="textbox" type="text" />
password:<input name="pw" class="textbox" type="password" /><br/><br/>
<input type="submit" class="searchbutton" value="login"><br/>
</p>
<a href="#">new users register here</a>
</form>
<?
}
else{
echo "<p>Logged in as <span class=\"red\">".$_SESSION['un']."</span>.<br/><br/>";
echo "<a href=\"http://www.bigfatstupid.com/_dev/share/admin/logout.php\">Logout</a></p>";
}
}Code: Select all
<?
//-- shareAuth.php
include("../includes/functions.php");
//-- grab data
$un = $_POST['un'];
$pw = $_POST['pw'];
//-- grab referer
$ref = getenv("HTTP_REFERER");
//-- connect to dbase
dbConnect();
//-- check auth data
$sql = "SELECT password FROM users WHERE '$un' = username";
$data = mysql_query($sql);
//-- check for username. if not found say so.
if(mysql_num_rows($data) == 0)
{include("../includes/header.php");
echo "<p>Username not found.<br><br>Please <a href=\"javascript:history.go(-1)\">enter a correct username</a>
or <a href=\"shareReg.php\">register to share</a>.</p>";
include("../includes/footer.php");
exit();
}//-- end username check
//-- check password
$data = mysql_fetch_row($data);
if($data[0]!= $pw)
{include("../includes/header.php");
echo "<p>The password is incorrect.<br><br>Please <a href=\"javascript:history.go(-1)\">enter
the correct password</a>.</p>";
include("../includes/footer.php");
exit();
}//-- end password check
//-- if password is correct show un in login window
else{
session_start();
$_SESSION['share'] = "granted";
$_SESSION['un'] = $un;
header("Location: $ref");
}
?>
ANY help would be greatly appreciated. I've looked everywhere for an answer and can't find one. Thank you so much for taking the time to read this post.