Page 1 of 1

Two login scripts, one problem!

Posted: Thu Feb 12, 2009 4:28 pm
by sing2trees
--------------------------------------------------------------------------------

Hi,

I have two sites running: a and b on the same domain.

Once logged in, I use the following script to ensure the person is logged in so they can access the content:

Code: Select all

<? session_start();if(!session_is_registered(myusername)){header("location:whoops.php");}?>
However if someone logs in to site a, they can access site b. And vice versa. How can I stop this?

Thanks in advance!

Ben

Re: Two login scripts, one problem!

Posted: Thu Feb 12, 2009 4:40 pm
by mbdigital
Use different session names for each site. I.e. $_SESSION['A'] and $_SESSION['B']

Re: Two login scripts, one problem!

Posted: Thu Feb 12, 2009 4:45 pm
by sing2trees
Thanks,

So would the script be the following:

Code: Select all

<? session['A']_start();if(!session_is_registered(myusername)){header("location:whoops.php");}?>
Thanks

Ben

Re: Two login scripts, one problem!

Posted: Thu Feb 12, 2009 5:04 pm
by jayshields
No, he's talking about myusername. You can't put array indices in the middle of function names.

Re: Two login scripts, one problem!

Posted: Fri Feb 13, 2009 3:39 am
by sing2trees
Sorry to be a pain - could you post a sample of what the code would be like?

Thanks again

Re: Two login scripts, one problem!

Posted: Fri Feb 13, 2009 4:22 am
by jayshields
Website one:

Code: Select all

<? session_start();if(!session_is_registered('usernameA')){header("location:whoops.php");}?>
Website two:

Code: Select all

<? session_start();if(!session_is_registered('usernameB')){header("location:whoops.php");}?>
Then change every reference to $_SESSION['username'] on website one to $_SESSION['usernameA'] and website two to $_SESSION['usernameB'].

You really shouldn't be using session_is_registered() or short tags though. You should also be including an absolute URL in your header call. This is better:

Code: Select all

<?php
session_start();
if(!isset($_SESSION['usernameA']))
{
  header("location: http://www.yourwebsite.com/whoops.php");
}
?>

Re: Two login scripts, one problem!

Posted: Fri Feb 13, 2009 8:21 am
by sing2trees
Many many thanks for that!!!

Re: Two login scripts, one problem!

Posted: Fri Feb 13, 2009 10:52 am
by sing2trees
Sorry to be a pain - having some problems!

I have the login page which checks the login details when submitted. I have added 'A' for site A to this:

Code: Select all

 
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusernameA");
session_register("mypassword"); 
header("location:login_success.php");
Login_success.php is this to redirect the user to the index page:

Code: Select all

<?php
session_start();
if(!isset($_SESSION['usernameA']))
{
  header("location: http://www.mysite.com/whoops.php");
}
?>
<?php
header( 'Location: http://www.mysite.com/index2.php' ) ;
?>
 
And index2.php has this as the header:

Code: Select all

<?php
session_start();
if(!isset($_SESSION['usernameA']))
{
  header("location: http://www.mysite.com/whoops.php");
}
?>
However when ever I login, it just keeps pushing me back to whoops.php, even tho the login details are correct. Do you know what I am doing wrong?

Thanks again

Ben