Page 1 of 1
Two login scripts, one problem!
Posted: Thu Feb 12, 2009 4:28 pm
by sing2trees
--------------------------------------------------------------------------------
Hi,
I have two sites running: a and b on the same domain.
Once logged in, I use the following script to ensure the person is logged in so they can access the content:
Code: Select all
<? session_start();if(!session_is_registered(myusername)){header("location:whoops.php");}?>
However if someone logs in to site a, they can access site b. And vice versa. How can I stop this?
Thanks in advance!
Ben
Re: Two login scripts, one problem!
Posted: Thu Feb 12, 2009 4:40 pm
by mbdigital
Use different session names for each site. I.e. $_SESSION['A'] and $_SESSION['B']
Re: Two login scripts, one problem!
Posted: Thu Feb 12, 2009 4:45 pm
by sing2trees
Thanks,
So would the script be the following:
Code: Select all
<? session['A']_start();if(!session_is_registered(myusername)){header("location:whoops.php");}?>
Thanks
Ben
Re: Two login scripts, one problem!
Posted: Thu Feb 12, 2009 5:04 pm
by jayshields
No, he's talking about myusername. You can't put array indices in the middle of function names.
Re: Two login scripts, one problem!
Posted: Fri Feb 13, 2009 3:39 am
by sing2trees
Sorry to be a pain - could you post a sample of what the code would be like?
Thanks again
Re: Two login scripts, one problem!
Posted: Fri Feb 13, 2009 4:22 am
by jayshields
Website one:
Code: Select all
<? session_start();if(!session_is_registered('usernameA')){header("location:whoops.php");}?>
Website two:
Code: Select all
<? session_start();if(!session_is_registered('usernameB')){header("location:whoops.php");}?>
Then change every reference to $_SESSION['username'] on website one to $_SESSION['usernameA'] and website two to $_SESSION['usernameB'].
You really shouldn't be using session_is_registered() or short tags though. You should also be including an absolute URL in your header call. This is better:
Code: Select all
<?php
session_start();
if(!isset($_SESSION['usernameA']))
{
header("location: http://www.yourwebsite.com/whoops.php");
}
?>
Re: Two login scripts, one problem!
Posted: Fri Feb 13, 2009 8:21 am
by sing2trees
Many many thanks for that!!!
Re: Two login scripts, one problem!
Posted: Fri Feb 13, 2009 10:52 am
by sing2trees
Sorry to be a pain - having some problems!
I have the login page which checks the login details when submitted. I have added 'A' for site A to this:
Code: Select all
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusernameA");
session_register("mypassword");
header("location:login_success.php");
Login_success.php is this to redirect the user to the index page:
Code: Select all
<?php
session_start();
if(!isset($_SESSION['usernameA']))
{
header("location: http://www.mysite.com/whoops.php");
}
?>
<?php
header( 'Location: http://www.mysite.com/index2.php' ) ;
?>
And index2.php has this as the header:
Code: Select all
<?php
session_start();
if(!isset($_SESSION['usernameA']))
{
header("location: http://www.mysite.com/whoops.php");
}
?>
However when ever I login, it just keeps pushing me back to whoops.php, even tho the login details are correct. Do you know what I am doing wrong?
Thanks again
Ben